2 * Copyright (c) 2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <sys/socket.h>
18 #include <vnet/session/application.h>
19 #include <vnet/session/transport.h>
20 #include <vnet/session/session.h>
21 #include <vlib/unix/plugin.h>
22 #include <vpp/app/version.h>
23 #include <openssl/pem.h>
25 #include <vppinfra/lock.h>
27 #include <quic/quic.h>
29 #include <quicly/defaults.h>
30 #include <picotls/openssl.h>
31 #include <picotls/pembase64.h>
33 #include <quic/quic_crypto.h>
35 static quic_main_t quic_main;
36 static void quic_update_timer (quic_ctx_t * ctx);
39 quic_format_err (u8 * s, va_list * args)
41 u64 code = va_arg (*args, u64);
45 s = format (s, "no error");
48 case QUIC_ERROR_FULL_FIFO:
49 s = format (s, "full fifo");
51 case QUIC_APP_ERROR_CLOSE_NOTIFY:
52 s = format (s, "QUIC_APP_ERROR_CLOSE_NOTIFY");
54 case QUIC_APP_ALLOCATION_ERROR:
55 s = format (s, "QUIC_APP_ALLOCATION_ERROR");
57 case QUIC_APP_ACCEPT_NOTIFY_ERROR:
58 s = format (s, "QUIC_APP_ACCEPT_NOTIFY_ERROR");
60 case QUIC_APP_CONNECT_NOTIFY_ERROR:
61 s = format (s, "QUIC_APP_CONNECT_NOTIFY_ERROR");
64 case QUICLY_ERROR_PACKET_IGNORED:
65 s = format (s, "QUICLY_ERROR_PACKET_IGNORED");
67 case QUICLY_ERROR_SENDBUF_FULL:
68 s = format (s, "QUICLY_ERROR_SENDBUF_FULL");
70 case QUICLY_ERROR_FREE_CONNECTION:
71 s = format (s, "QUICLY_ERROR_FREE_CONNECTION");
73 case QUICLY_ERROR_RECEIVED_STATELESS_RESET:
74 s = format (s, "QUICLY_ERROR_RECEIVED_STATELESS_RESET");
76 case QUICLY_TRANSPORT_ERROR_NONE:
77 s = format (s, "QUICLY_TRANSPORT_ERROR_NONE");
79 case QUICLY_TRANSPORT_ERROR_INTERNAL:
80 s = format (s, "QUICLY_TRANSPORT_ERROR_INTERNAL");
82 case QUICLY_TRANSPORT_ERROR_SERVER_BUSY:
83 s = format (s, "QUICLY_TRANSPORT_ERROR_SERVER_BUSY");
85 case QUICLY_TRANSPORT_ERROR_FLOW_CONTROL:
86 s = format (s, "QUICLY_TRANSPORT_ERROR_FLOW_CONTROL");
88 case QUICLY_TRANSPORT_ERROR_STREAM_ID:
89 s = format (s, "QUICLY_TRANSPORT_ERROR_STREAM_ID");
91 case QUICLY_TRANSPORT_ERROR_STREAM_STATE:
92 s = format (s, "QUICLY_TRANSPORT_ERROR_STREAM_STATE");
94 case QUICLY_TRANSPORT_ERROR_FINAL_OFFSET:
95 s = format (s, "QUICLY_TRANSPORT_ERROR_FINAL_OFFSET");
97 case QUICLY_TRANSPORT_ERROR_FRAME_ENCODING:
98 s = format (s, "QUICLY_TRANSPORT_ERROR_FRAME_ENCODING");
100 case QUICLY_TRANSPORT_ERROR_TRANSPORT_PARAMETER:
101 s = format (s, "QUICLY_TRANSPORT_ERROR_TRANSPORT_PARAMETER");
103 case QUICLY_TRANSPORT_ERROR_VERSION_NEGOTIATION:
104 s = format (s, "QUICLY_TRANSPORT_ERROR_VERSION_NEGOTIATION");
106 case QUICLY_TRANSPORT_ERROR_PROTOCOL_VIOLATION:
107 s = format (s, "QUICLY_TRANSPORT_ERROR_PROTOCOL_VIOLATION");
109 case QUICLY_TRANSPORT_ERROR_INVALID_MIGRATION:
110 s = format (s, "QUICLY_TRANSPORT_ERROR_INVALID_MIGRATION");
113 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CLOSE_NOTIFY):
115 format (s, "PTLS_ALERT_CLOSE_NOTIFY");
117 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNEXPECTED_MESSAGE):
119 format (s, "PTLS_ALERT_UNEXPECTED_MESSAGE");
121 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_BAD_RECORD_MAC):
123 format (s, "PTLS_ALERT_BAD_RECORD_MAC");
125 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_HANDSHAKE_FAILURE):
127 format (s, "PTLS_ALERT_HANDSHAKE_FAILURE");
129 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_BAD_CERTIFICATE):
131 format (s, "PTLS_ALERT_BAD_CERTIFICATE");
133 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_REVOKED):
135 format (s, "PTLS_ALERT_CERTIFICATE_REVOKED");
137 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_EXPIRED):
139 format (s, "PTLS_ALERT_CERTIFICATE_EXPIRED");
141 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_UNKNOWN):
143 format (s, "PTLS_ALERT_CERTIFICATE_UNKNOWN");
145 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_ILLEGAL_PARAMETER):
147 format (s, "PTLS_ALERT_ILLEGAL_PARAMETER");
149 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNKNOWN_CA):
151 format (s, "PTLS_ALERT_UNKNOWN_CA");
153 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_DECODE_ERROR):
155 format (s, "PTLS_ALERT_DECODE_ERROR");
157 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_DECRYPT_ERROR):
159 format (s, "PTLS_ALERT_DECRYPT_ERROR");
161 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_PROTOCOL_VERSION):
163 format (s, "PTLS_ALERT_PROTOCOL_VERSION");
165 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_INTERNAL_ERROR):
167 format (s, "PTLS_ALERT_INTERNAL_ERROR");
169 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_USER_CANCELED):
171 format (s, "PTLS_ALERT_USER_CANCELED");
173 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_MISSING_EXTENSION):
175 format (s, "PTLS_ALERT_MISSING_EXTENSION");
177 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNRECOGNIZED_NAME):
179 format (s, "PTLS_ALERT_UNRECOGNIZED_NAME");
181 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_REQUIRED):
183 format (s, "PTLS_ALERT_CERTIFICATE_REQUIRED");
185 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_NO_APPLICATION_PROTOCOL):
187 format (s, "PTLS_ALERT_NO_APPLICATION_PROTOCOL");
189 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_NO_MEMORY):
191 format (s, "PTLS_ERROR_NO_MEMORY");
193 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_IN_PROGRESS):
195 format (s, "PTLS_ERROR_IN_PROGRESS");
197 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_LIBRARY):
199 format (s, "PTLS_ERROR_LIBRARY");
201 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCOMPATIBLE_KEY):
203 format (s, "PTLS_ERROR_INCOMPATIBLE_KEY");
205 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_SESSION_NOT_FOUND):
207 format (s, "PTLS_ERROR_SESSION_NOT_FOUND");
209 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_STATELESS_RETRY):
211 format (s, "PTLS_ERROR_STATELESS_RETRY");
213 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_NOT_AVAILABLE):
215 format (s, "PTLS_ERROR_NOT_AVAILABLE");
217 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_COMPRESSION_FAILURE):
219 format (s, "PTLS_ERROR_COMPRESSION_FAILURE");
221 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_INCORRECT_ENCODING):
223 format (s, "PTLS_ERROR_BER_INCORRECT_ENCODING");
225 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_MALFORMED_TYPE):
227 format (s, "PTLS_ERROR_BER_MALFORMED_TYPE");
229 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_MALFORMED_LENGTH):
231 format (s, "PTLS_ERROR_BER_MALFORMED_LENGTH");
233 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_EXCESSIVE_LENGTH):
235 format (s, "PTLS_ERROR_BER_EXCESSIVE_LENGTH");
237 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_ELEMENT_TOO_SHORT):
239 format (s, "PTLS_ERROR_BER_ELEMENT_TOO_SHORT");
241 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_UNEXPECTED_EOC):
243 format (s, "PTLS_ERROR_BER_UNEXPECTED_EOC");
245 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_DER_INDEFINITE_LENGTH):
247 format (s, "PTLS_ERROR_DER_INDEFINITE_LENGTH");
249 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_ASN1_SYNTAX):
251 format (s, "PTLS_ERROR_INCORRECT_ASN1_SYNTAX");
253 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_KEY_VERSION):
255 format (s, "PTLS_ERROR_INCORRECT_PEM_KEY_VERSION");
257 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_KEY_VERSION):
259 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_KEY_VERSION");
261 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_CURVE):
263 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_CURVE");
265 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_KEYSIZE):
267 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_KEYSIZE");
269 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_ASN1_ECDSA_KEY_SYNTAX):
271 format (s, "PTLS_ERROR_INCORRECT_ASN1_ECDSA_KEY_SYNTAX");
274 s = format (s, "unknown error 0x%lx", code);
281 quic_ctx_alloc (u32 thread_index)
283 quic_main_t *qm = &quic_main;
286 pool_get (qm->ctx_pool[thread_index], ctx);
288 memset (ctx, 0, sizeof (quic_ctx_t));
289 ctx->c_thread_index = thread_index;
290 QUIC_DBG (1, "Allocated quic_ctx %u on thread %u",
291 ctx - qm->ctx_pool[thread_index], thread_index);
292 return ctx - qm->ctx_pool[thread_index];
296 quic_ctx_free (quic_ctx_t * ctx)
298 QUIC_DBG (2, "Free ctx %u", ctx->c_c_index);
299 u32 thread_index = ctx->c_thread_index;
301 memset (ctx, 0xfb, sizeof (*ctx));
302 pool_put (quic_main.ctx_pool[thread_index], ctx);
306 quic_ctx_get (u32 ctx_index, u32 thread_index)
308 return pool_elt_at_index (quic_main.ctx_pool[thread_index], ctx_index);
312 quic_ctx_get_if_valid (u32 ctx_index, u32 thread_index)
314 if (pool_is_free_index (quic_main.ctx_pool[thread_index], ctx_index))
316 return pool_elt_at_index (quic_main.ctx_pool[thread_index], ctx_index);
320 quic_get_conn_ctx (quicly_conn_t * conn)
323 conn_data = (u64) * quicly_get_data (conn);
324 return quic_ctx_get (conn_data & UINT32_MAX, conn_data >> 32);
328 quic_store_conn_ctx (quicly_conn_t * conn, quic_ctx_t * ctx)
330 *quicly_get_data (conn) =
331 (void *) (((u64) ctx->c_thread_index) << 32 | (u64) ctx->c_c_index);
335 quic_ctx_is_stream (quic_ctx_t * ctx)
337 return (ctx->flags & QUIC_F_IS_STREAM);
341 quic_ctx_is_listener (quic_ctx_t * ctx)
343 return (ctx->flags & QUIC_F_IS_LISTENER);
347 get_stream_session_from_stream (quicly_stream_t * stream)
350 quic_stream_data_t *stream_data;
352 stream_data = (quic_stream_data_t *) stream->data;
353 ctx = quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
354 return session_get (ctx->c_s_index, stream_data->thread_index);
358 quic_make_connection_key (clib_bihash_kv_16_8_t * kv,
359 const quicly_cid_plaintext_t * id)
361 kv->key[0] = ((u64) id->master_id) << 32 | (u64) id->thread_id;
362 kv->key[1] = id->node_id;
366 quic_sendable_packet_count (session_t * udp_session)
369 u32 packet_size = QUIC_MAX_PACKET_SIZE + SESSION_CONN_HDR_LEN;
370 max_enqueue = svm_fifo_max_enqueue (udp_session->tx_fifo);
371 return clib_min (max_enqueue / packet_size, QUIC_SEND_PACKET_VEC_SIZE);
376 quic_ack_rx_data (session_t * stream_session)
381 quicly_stream_t *stream;
382 quic_stream_data_t *stream_data;
385 quic_ctx_get (stream_session->connection_index,
386 stream_session->thread_index);
387 ASSERT (quic_ctx_is_stream (sctx));
388 stream = sctx->c_quic_ctx_id.stream;
389 stream_data = (quic_stream_data_t *) stream->data;
391 f = stream_session->rx_fifo;
392 max_deq = svm_fifo_max_dequeue (f);
394 ASSERT (stream_data->app_rx_data_len >= max_deq);
395 quicly_stream_sync_recvbuf (stream, stream_data->app_rx_data_len - max_deq);
396 QUIC_DBG (3, "Acking %u bytes", stream_data->app_rx_data_len - max_deq);
397 stream_data->app_rx_data_len = max_deq;
401 quic_disconnect_transport (quic_ctx_t * ctx)
403 QUIC_DBG (2, "Disconnecting transport 0x%lx", ctx->udp_session_handle);
404 vnet_disconnect_args_t a = {
405 .handle = ctx->udp_session_handle,
406 .app_index = quic_main.app_index,
409 if (vnet_disconnect_session (&a))
410 clib_warning ("UDP session 0x%lx disconnect errored",
411 ctx->udp_session_handle);
415 quic_connection_closed (u32 ctx_index, u32 thread_index, u8 notify_transport)
417 QUIC_DBG (2, "QUIC connection closed");
418 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
419 clib_bihash_kv_16_8_t kv;
423 ctx = quic_ctx_get (ctx_index, thread_index);
424 ASSERT (!quic_ctx_is_stream (ctx));
425 /* TODO if connection is not established, just delete the session? */
428 if (ctx->timer_handle != QUIC_TIMER_HANDLE_INVALID)
430 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
431 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
434 /* Delete the connection from the connection map */
435 conn = ctx->c_quic_ctx_id.conn;
436 quic_make_connection_key (&kv, quicly_get_master_id (conn));
437 QUIC_DBG (2, "Deleting conn with id %lu %lu", kv.key[0], kv.key[1]);
438 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 0 /* is_add */ );
440 quic_disconnect_transport (ctx);
441 if (notify_transport)
442 session_transport_closing_notify (&ctx->connection);
444 session_transport_delete_notify (&ctx->connection);
445 /* Do not try to send anything anymore */
446 quicly_free (ctx->c_quic_ctx_id.conn);
447 ctx->c_quic_ctx_id.conn = NULL;
452 quic_send_datagram (session_t * udp_session, quicly_datagram_t * packet)
455 session_dgram_hdr_t hdr;
458 transport_connection_t *tc;
460 len = packet->data.len;
461 f = udp_session->tx_fifo;
462 tc = session_get_transport (udp_session);
463 max_enqueue = svm_fifo_max_enqueue (f);
464 if (max_enqueue < SESSION_CONN_HDR_LEN + len)
466 QUIC_DBG (1, "Too much data to send, max_enqueue %u, len %u",
467 max_enqueue, len + SESSION_CONN_HDR_LEN);
468 return QUIC_ERROR_FULL_FIFO;
471 /* Build packet header for fifo */
472 hdr.data_length = len;
474 hdr.is_ip4 = tc->is_ip4;
475 clib_memcpy (&hdr.lcl_ip, &tc->lcl_ip, sizeof (ip46_address_t));
476 hdr.lcl_port = tc->lcl_port;
478 /* Read dest address from quicly-provided sockaddr */
481 ASSERT (packet->sa.sa_family == AF_INET);
482 struct sockaddr_in *sa4 = (struct sockaddr_in *) &packet->sa;
483 hdr.rmt_port = sa4->sin_port;
484 hdr.rmt_ip.ip4.as_u32 = sa4->sin_addr.s_addr;
488 ASSERT (packet->sa.sa_family == AF_INET6);
489 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &packet->sa;
490 hdr.rmt_port = sa6->sin6_port;
491 clib_memcpy (&hdr.rmt_ip.ip6, &sa6->sin6_addr, 16);
494 ret = svm_fifo_enqueue (f, sizeof (hdr), (u8 *) & hdr);
495 if (ret != sizeof (hdr))
497 QUIC_DBG (1, "Not enough space to enqueue header");
498 return QUIC_ERROR_FULL_FIFO;
500 ret = svm_fifo_enqueue (f, len, packet->data.base);
503 QUIC_DBG (1, "Not enough space to enqueue payload");
504 return QUIC_ERROR_FULL_FIFO;
510 quic_send_packets (quic_ctx_t * ctx)
512 quicly_datagram_t *packets[QUIC_SEND_PACKET_VEC_SIZE];
513 session_t *udp_session;
515 size_t num_packets, i, max_packets;
516 quicly_context_t *quicly_context;
517 app_worker_t *app_wrk;
521 /* We have sctx, get qctx */
522 if (quic_ctx_is_stream (ctx))
524 quic_ctx_get (ctx->c_quic_ctx_id.quic_connection_ctx_id,
525 ctx->c_thread_index);
527 ASSERT (!quic_ctx_is_stream (ctx));
529 udp_session = session_get_from_handle_if_valid (ctx->udp_session_handle);
533 conn = ctx->c_quic_ctx_id.conn;
538 /* TODO : quicly can assert it can send min_packets up to 2 */
539 if (quic_sendable_packet_count (udp_session) < 2)
542 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
545 clib_warning ("Tried to send packets on non existing app worker %u",
546 ctx->parent_app_wrk_id);
547 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
548 1 /* notify_transport */ );
551 app = application_get (app_wrk->app_index);
553 quicly_context = (quicly_context_t *) app->quicly_ctx;
556 max_packets = quic_sendable_packet_count (udp_session);
559 num_packets = max_packets;
560 if ((err = quicly_send (conn, packets, &num_packets)))
563 for (i = 0; i != num_packets; ++i)
565 if ((err = quic_send_datagram (udp_session, packets[i])))
568 quicly_context->packet_allocator->
569 free_packet (quicly_context->packet_allocator, packets[i]);
572 while (num_packets > 0 && num_packets == max_packets);
575 if (svm_fifo_set_event (udp_session->tx_fifo))
577 session_send_io_evt_to_thread (udp_session->tx_fifo,
579 clib_warning ("Event enqueue errored %d", err);
581 QUIC_DBG (3, "%u[TX] %u[RX]", svm_fifo_max_dequeue (udp_session->tx_fifo),
582 svm_fifo_max_dequeue (udp_session->rx_fifo));
583 quic_update_timer (ctx);
587 if (err && err != QUICLY_ERROR_PACKET_IGNORED
588 && err != QUICLY_ERROR_FREE_CONNECTION)
589 clib_warning ("Quic error '%U'.", quic_format_err, err);
590 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
591 1 /* notify_transport */ );
595 /*****************************************************************************
597 * START QUICLY CALLBACKS
598 * Called from QUIC lib
600 *****************************************************************************/
603 quic_on_stream_destroy (quicly_stream_t * stream, int err)
605 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
607 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
608 session_t *stream_session =
609 session_get (sctx->c_s_index, sctx->c_thread_index);
610 QUIC_DBG (2, "DESTROYED_STREAM: session 0x%lx (%U)",
611 session_handle (stream_session), quic_format_err, err);
613 stream_session->session_state = SESSION_STATE_CLOSED;
614 session_transport_delete_notify (&sctx->connection);
616 quic_ctx_free (sctx);
621 quic_on_stop_sending (quicly_stream_t * stream, int err)
624 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
626 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
627 session_t *stream_session =
628 session_get (sctx->c_s_index, sctx->c_thread_index);
629 clib_warning ("(NOT IMPLEMENTD) STOP_SENDING: session 0x%lx (%U)",
630 session_handle (stream_session), quic_format_err, err);
632 /* TODO : handle STOP_SENDING */
637 quic_on_receive_reset (quicly_stream_t * stream, int err)
639 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
641 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
643 session_t *stream_session =
644 session_get (sctx->c_s_index, sctx->c_thread_index);
645 clib_warning ("RESET_STREAM: session 0x%lx (%U)",
646 session_handle (stream_session), quic_format_err, err);
648 session_transport_closing_notify (&sctx->connection);
653 quic_on_receive (quicly_stream_t * stream, size_t off, const void *src,
656 QUIC_DBG (3, "received data: %lu bytes, offset %lu", len, off);
659 session_t *stream_session;
660 app_worker_t *app_wrk;
662 quic_stream_data_t *stream_data;
665 stream_data = (quic_stream_data_t *) stream->data;
666 sctx = quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
667 stream_session = session_get (sctx->c_s_index, stream_data->thread_index);
668 f = stream_session->rx_fifo;
670 max_enq = svm_fifo_max_enqueue_prod (f);
671 QUIC_DBG (3, "Enqueuing %u at off %u in %u space", len, off, max_enq);
672 if (off - stream_data->app_rx_data_len + len > max_enq)
674 QUIC_DBG (1, "Error RX fifo is full");
677 if (off == stream_data->app_rx_data_len)
679 /* Streams live on the same thread so (f, stream_data) should stay consistent */
680 rlen = svm_fifo_enqueue (f, len, (u8 *) src);
681 stream_data->app_rx_data_len += rlen;
682 ASSERT (rlen >= len);
683 app_wrk = app_worker_get_if_valid (stream_session->app_wrk_index);
684 if (PREDICT_TRUE (app_wrk != 0))
685 app_worker_lock_and_send_event (app_wrk, stream_session,
687 quic_ack_rx_data (stream_session);
692 svm_fifo_enqueue_with_offset (f, off - stream_data->app_rx_data_len,
700 quic_fifo_egress_shift (quicly_stream_t * stream, size_t delta)
702 session_t *stream_session;
706 stream_session = get_stream_session_from_stream (stream);
707 f = stream_session->tx_fifo;
709 rv = svm_fifo_dequeue_drop (f, delta);
710 ASSERT (rv == delta);
711 quicly_stream_sync_sendbuf (stream, 0);
715 quic_fifo_egress_emit (quicly_stream_t * stream, size_t off, void *dst,
716 size_t * len, int *wrote_all)
718 session_t *stream_session;
720 u32 deq_max, first_deq, max_rd_chunk, rem_offset;
722 stream_session = get_stream_session_from_stream (stream);
723 f = stream_session->tx_fifo;
725 QUIC_DBG (3, "Emitting %u, offset %u", *len, off);
727 deq_max = svm_fifo_max_dequeue_cons (f);
728 ASSERT (off <= deq_max);
729 if (off + *len < deq_max)
736 *len = deq_max - off;
737 QUIC_DBG (3, "Wrote ALL, %u", *len);
740 /* TODO, use something like : return svm_fifo_peek (f, off, *len, dst); */
741 max_rd_chunk = svm_fifo_max_read_chunk (f);
744 if (off < max_rd_chunk)
746 first_deq = clib_min (*len, max_rd_chunk - off);
747 clib_memcpy_fast (dst, svm_fifo_head (f) + off, first_deq);
750 if (max_rd_chunk < off + *len)
752 rem_offset = max_rd_chunk < off ? off - max_rd_chunk : 0;
753 clib_memcpy_fast (dst + first_deq, f->head_chunk->data + rem_offset,
760 static const quicly_stream_callbacks_t quic_stream_callbacks = {
761 .on_destroy = quic_on_stream_destroy,
762 .on_send_shift = quic_fifo_egress_shift,
763 .on_send_emit = quic_fifo_egress_emit,
764 .on_send_stop = quic_on_stop_sending,
765 .on_receive = quic_on_receive,
766 .on_receive_reset = quic_on_receive_reset
770 quic_accept_stream (void *s)
772 quicly_stream_t *stream = (quicly_stream_t *) s;
773 session_t *stream_session, *quic_session;
774 quic_stream_data_t *stream_data;
775 app_worker_t *app_wrk;
776 quic_ctx_t *qctx, *sctx;
780 sctx_id = quic_ctx_alloc (vlib_get_thread_index ());
782 qctx = quic_get_conn_ctx (stream->conn);
784 stream_session = session_alloc (qctx->c_thread_index);
785 QUIC_DBG (2, "ACCEPTED stream_session 0x%lx ctx %u",
786 session_handle (stream_session), sctx_id);
787 sctx = quic_ctx_get (sctx_id, qctx->c_thread_index);
788 sctx->parent_app_wrk_id = qctx->parent_app_wrk_id;
789 sctx->parent_app_id = qctx->parent_app_id;
790 sctx->c_quic_ctx_id.quic_connection_ctx_id = qctx->c_c_index;
791 sctx->c_c_index = sctx_id;
792 sctx->c_s_index = stream_session->session_index;
793 sctx->c_quic_ctx_id.stream = stream;
794 sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
795 sctx->flags |= QUIC_F_IS_STREAM;
797 stream_data = (quic_stream_data_t *) stream->data;
798 stream_data->ctx_id = sctx_id;
799 stream_data->thread_index = sctx->c_thread_index;
800 stream_data->app_rx_data_len = 0;
802 sctx->c_s_index = stream_session->session_index;
803 stream_session->session_state = SESSION_STATE_CREATED;
804 stream_session->app_wrk_index = sctx->parent_app_wrk_id;
805 stream_session->connection_index = sctx->c_c_index;
806 stream_session->session_type =
807 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
808 qctx->c_quic_ctx_id.udp_is_ip4);
809 quic_session = session_get (qctx->c_s_index, qctx->c_thread_index);
810 stream_session->listener_handle = listen_session_get_handle (quic_session);
812 app_wrk = app_worker_get (stream_session->app_wrk_index);
813 if ((rv = app_worker_init_connected (app_wrk, stream_session)))
815 QUIC_DBG (1, "failed to allocate fifos");
816 session_free (stream_session);
817 quicly_reset_stream (stream, QUIC_APP_ALLOCATION_ERROR);
820 svm_fifo_add_want_deq_ntf (stream_session->rx_fifo,
821 SVM_FIFO_WANT_DEQ_NOTIF_IF_FULL |
822 SVM_FIFO_WANT_DEQ_NOTIF_IF_EMPTY);
824 rv = app_worker_accept_notify (app_wrk, stream_session);
827 QUIC_DBG (1, "failed to notify accept worker app");
828 session_free_w_fifos (stream_session);
829 quicly_reset_stream (stream, QUIC_APP_ACCEPT_NOTIFY_ERROR);
835 quic_on_stream_open (quicly_stream_open_t * self, quicly_stream_t * stream)
837 QUIC_DBG (2, "on_stream_open called");
838 stream->data = malloc (sizeof (quic_stream_data_t));
839 stream->callbacks = &quic_stream_callbacks;
840 /* Notify accept on parent qsession, but only if this is not a locally
841 * initiated stream */
842 if (!quicly_stream_is_self_initiated (stream))
844 quic_accept_stream (stream);
850 quic_on_closed_by_peer (quicly_closed_by_peer_t * self, quicly_conn_t * conn,
851 int code, uint64_t frame_type,
852 const char *reason, size_t reason_len)
854 quic_ctx_t *ctx = quic_get_conn_ctx (conn);
856 session_t *quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
857 clib_warning ("Session 0x%lx closed by peer (%U) %.*s ",
858 session_handle (quic_session), quic_format_err, code,
861 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_PASSIVE_CLOSING;
862 session_transport_closing_notify (&ctx->connection);
865 static quicly_stream_open_t on_stream_open = { &quic_on_stream_open };
866 static quicly_closed_by_peer_t on_closed_by_peer =
867 { &quic_on_closed_by_peer };
870 /*****************************************************************************
872 * END QUICLY CALLBACKS
874 *****************************************************************************/
876 /*****************************************************************************
878 * BEGIN TIMERS HANDLING
880 *****************************************************************************/
883 quic_get_thread_time (u8 thread_index)
885 return quic_main.wrk_ctx[thread_index].time_now;
889 quic_get_time (quicly_now_t * self)
891 u8 thread_index = vlib_get_thread_index ();
892 return quic_get_thread_time (thread_index);
895 static quicly_now_t quicly_vpp_now_cb = { quic_get_time };
898 quic_set_time_now (u32 thread_index)
900 vlib_main_t *vlib_main = vlib_get_main ();
901 f64 time = vlib_time_now (vlib_main);
902 quic_main.wrk_ctx[thread_index].time_now = (int64_t) (time * 1000.f);
903 return quic_main.wrk_ctx[thread_index].time_now;
906 /* Transport proto callback */
908 quic_update_time (f64 now, u8 thread_index)
910 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
912 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
913 quic_set_time_now (thread_index);
914 tw_timer_expire_timers_1t_3w_1024sl_ov (tw, now);
918 quic_timer_expired (u32 conn_index)
921 QUIC_DBG (4, "Timer expired for conn %u at %ld", conn_index,
922 quic_get_time (NULL));
923 ctx = quic_ctx_get (conn_index, vlib_get_thread_index ());
924 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
925 quic_send_packets (ctx);
929 quic_update_timer (quic_ctx_t * ctx)
931 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
932 int64_t next_timeout, next_interval;
933 session_t *quic_session;
935 /* This timeout is in ms which is the unit of our timer */
936 next_timeout = quicly_get_first_timeout (ctx->c_quic_ctx_id.conn);
937 next_interval = next_timeout - quic_get_time (NULL);
939 if (next_timeout == 0 || next_interval <= 0)
941 if (ctx->c_s_index == QUIC_SESSION_INVALID)
947 quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
948 if (svm_fifo_set_event (quic_session->tx_fifo))
949 session_send_io_evt_to_thread_custom (quic_session,
950 quic_session->thread_index,
951 SESSION_IO_EVT_BUILTIN_TX);
956 tw = &quic_main.wrk_ctx[vlib_get_thread_index ()].timer_wheel;
958 QUIC_DBG (4, "Timer set to %ld (int %ld) for ctx %u", next_timeout,
959 next_interval, ctx->c_c_index);
961 if (ctx->timer_handle == QUIC_TIMER_HANDLE_INVALID)
963 if (next_timeout == INT64_MAX)
965 QUIC_DBG (4, "timer for ctx %u already stopped", ctx->c_c_index);
969 tw_timer_start_1t_3w_1024sl_ov (tw, ctx->c_c_index, 0, next_interval);
973 if (next_timeout == INT64_MAX)
975 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
976 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
977 QUIC_DBG (4, "Stopping timer for ctx %u", ctx->c_c_index);
980 tw_timer_update_1t_3w_1024sl_ov (tw, ctx->timer_handle,
987 quic_expired_timers_dispatch (u32 * expired_timers)
991 for (i = 0; i < vec_len (expired_timers); i++)
993 quic_timer_expired (expired_timers[i]);
997 /*****************************************************************************
999 * END TIMERS HANDLING
1001 *****************************************************************************/
1003 /* single-entry session cache */
1004 struct st_util_session_cache_t
1006 ptls_encrypt_ticket_t super;
1012 encrypt_ticket_cb (ptls_encrypt_ticket_t * _self, ptls_t * tls,
1013 int is_encrypt, ptls_buffer_t * dst, ptls_iovec_t src)
1015 struct st_util_session_cache_t *self = (void *) _self;
1021 /* replace the cached entry along with a newly generated session id */
1022 free (self->data.base);
1023 if ((self->data.base = malloc (src.len)) == NULL)
1024 return PTLS_ERROR_NO_MEMORY;
1026 ptls_get_context (tls)->random_bytes (self->id, sizeof (self->id));
1027 memcpy (self->data.base, src.base, src.len);
1028 self->data.len = src.len;
1030 /* store the session id in buffer */
1031 if ((ret = ptls_buffer_reserve (dst, sizeof (self->id))) != 0)
1033 memcpy (dst->base + dst->off, self->id, sizeof (self->id));
1034 dst->off += sizeof (self->id);
1040 /* check if session id is the one stored in cache */
1041 if (src.len != sizeof (self->id))
1042 return PTLS_ERROR_SESSION_NOT_FOUND;
1043 if (memcmp (self->id, src.base, sizeof (self->id)) != 0)
1044 return PTLS_ERROR_SESSION_NOT_FOUND;
1046 /* return the cached value */
1047 if ((ret = ptls_buffer_reserve (dst, self->data.len)) != 0)
1049 memcpy (dst->base + dst->off, self->data.base, self->data.len);
1050 dst->off += self->data.len;
1057 static struct st_util_session_cache_t sc = {
1059 .cb = encrypt_ticket_cb,
1063 static ptls_context_t quic_tlsctx = {
1064 .random_bytes = ptls_openssl_random_bytes,
1065 .get_time = &ptls_get_time,
1066 .key_exchanges = ptls_openssl_key_exchanges,
1067 .cipher_suites = ptls_openssl_cipher_suites,
1073 .on_client_hello = NULL,
1074 .emit_certificate = NULL,
1075 .sign_certificate = NULL,
1076 .verify_certificate = NULL,
1077 .ticket_lifetime = 86400,
1078 .max_early_data_size = 8192,
1079 .hkdf_label_prefix__obsolete = NULL,
1080 .require_dhe_on_psk = 1,
1081 .encrypt_ticket = &sc.super,
1086 ptls_compare_separator_line (const char *line, const char *begin_or_end,
1089 int ret = strncmp (line, "-----", 5);
1090 size_t text_index = 5;
1094 size_t begin_or_end_length = strlen (begin_or_end);
1095 ret = strncmp (line + text_index, begin_or_end, begin_or_end_length);
1096 text_index += begin_or_end_length;
1101 ret = line[text_index] - ' ';
1107 size_t label_length = strlen (label);
1108 ret = strncmp (line + text_index, label, label_length);
1109 text_index += label_length;
1114 ret = strncmp (line + text_index, "-----", 5);
1121 ptls_get_bio_pem_object (BIO * bio, const char *label, ptls_buffer_t * buf)
1123 int ret = PTLS_ERROR_PEM_LABEL_NOT_FOUND;
1125 ptls_base64_decode_state_t state;
1127 /* Get the label on a line by itself */
1128 while (BIO_gets (bio, line, 256))
1130 if (ptls_compare_separator_line (line, "BEGIN", label) == 0)
1133 ptls_base64_decode_init (&state);
1137 /* Get the data in the buffer */
1138 while (ret == 0 && BIO_gets (bio, line, 256))
1140 if (ptls_compare_separator_line (line, "END", label) == 0)
1142 if (state.status == PTLS_BASE64_DECODE_DONE
1143 || (state.status == PTLS_BASE64_DECODE_IN_PROGRESS
1150 ret = PTLS_ERROR_INCORRECT_BASE64;
1156 ret = ptls_base64_decode (line, &state, buf);
1164 ptls_load_bio_pem_objects (BIO * bio, const char *label, ptls_iovec_t * list,
1165 size_t list_max, size_t * nb_objects)
1174 while (count < list_max)
1178 ptls_buffer_init (&buf, "", 0);
1180 ret = ptls_get_bio_pem_object (bio, label, &buf);
1184 if (buf.off > 0 && buf.is_allocated)
1186 list[count].base = buf.base;
1187 list[count].len = buf.off;
1192 ptls_buffer_dispose (&buf);
1197 ptls_buffer_dispose (&buf);
1203 if (ret == PTLS_ERROR_PEM_LABEL_NOT_FOUND && count > 0)
1208 *nb_objects = count;
1213 #define PTLS_MAX_CERTS_IN_CONTEXT 16
1216 ptls_load_bio_certificates (ptls_context_t * ctx, BIO * bio)
1220 ctx->certificates.list =
1221 (ptls_iovec_t *) malloc (PTLS_MAX_CERTS_IN_CONTEXT *
1222 sizeof (ptls_iovec_t));
1224 if (ctx->certificates.list == NULL)
1226 ret = PTLS_ERROR_NO_MEMORY;
1231 ptls_load_bio_pem_objects (bio, "CERTIFICATE", ctx->certificates.list,
1232 PTLS_MAX_CERTS_IN_CONTEXT,
1233 &ctx->certificates.count);
1240 load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data)
1243 cert_bio = BIO_new_mem_buf (cert_data, -1);
1244 if (ptls_load_bio_certificates (ctx, cert_bio) != 0)
1246 BIO_free (cert_bio);
1247 fprintf (stderr, "failed to load certificate:%s\n", strerror (errno));
1250 BIO_free (cert_bio);
1254 load_bio_private_key (ptls_context_t * ctx, const char *pk_data)
1256 static ptls_openssl_sign_certificate_t sc;
1260 key_bio = BIO_new_mem_buf (pk_data, -1);
1261 pkey = PEM_read_bio_PrivateKey (key_bio, NULL, NULL, NULL);
1266 fprintf (stderr, "failed to read private key from app configuration\n");
1270 ptls_openssl_init_sign_certificate (&sc, pkey);
1271 EVP_PKEY_free (pkey);
1273 ctx->sign_certificate = &sc.super;
1277 allocate_quicly_ctx (application_t * app, u8 is_client)
1284 quicly_context_t *quicly_ctx;
1285 ptls_iovec_t key_vec;
1286 QUIC_DBG (2, "Called allocate_quicly_ctx");
1288 if (app->quicly_ctx)
1290 QUIC_DBG (1, "Trying to reallocate quicly_ctx");
1294 ctx_data = malloc (sizeof (*ctx_data));
1295 quicly_ctx = &ctx_data->_;
1296 app->quicly_ctx = (u64 *) quicly_ctx;
1297 memcpy (quicly_ctx, &quicly_spec_context, sizeof (quicly_context_t));
1299 quicly_ctx->max_packet_size = QUIC_MAX_PACKET_SIZE;
1300 quicly_ctx->tls = &quic_tlsctx;
1301 quicly_ctx->stream_open = &on_stream_open;
1302 quicly_ctx->closed_by_peer = &on_closed_by_peer;
1303 quicly_ctx->now = &quicly_vpp_now_cb;
1305 quicly_amend_ptls_context (quicly_ctx->tls);
1307 quicly_ctx->event_log.mask = 0; /* logs */
1308 quicly_ctx->event_log.cb = quicly_new_default_event_logger (stderr);
1310 quicly_ctx->transport_params.max_data = QUIC_INT_MAX;
1311 quicly_ctx->transport_params.max_streams_uni = QUIC_INT_MAX;
1312 quicly_ctx->transport_params.max_streams_bidi = QUIC_INT_MAX;
1313 quicly_ctx->transport_params.max_stream_data.bidi_local = (QUIC_FIFO_SIZE - 1); /* max_enq is SIZE - 1 */
1314 quicly_ctx->transport_params.max_stream_data.bidi_remote = (QUIC_FIFO_SIZE - 1); /* max_enq is SIZE - 1 */
1315 quicly_ctx->transport_params.max_stream_data.uni = QUIC_INT_MAX;
1317 quicly_ctx->tls->random_bytes (ctx_data->cid_key, 16);
1318 ctx_data->cid_key[16] = 0;
1319 key_vec = ptls_iovec_init (ctx_data->cid_key, strlen (ctx_data->cid_key));
1320 quicly_ctx->cid_encryptor =
1321 quicly_new_default_cid_encryptor (&ptls_openssl_bfecb,
1322 &ptls_openssl_sha256, key_vec);
1323 if (!is_client && app->tls_key != NULL && app->tls_cert != NULL)
1325 load_bio_private_key (quicly_ctx->tls, (char *) app->tls_key);
1326 load_bio_certificate_chain (quicly_ctx->tls, (char *) app->tls_cert);
1330 /*****************************************************************************
1332 * BEGIN TRANSPORT PROTO FUNCTIONS
1334 *****************************************************************************/
1337 quic_connect_new_stream (session_t * quic_session, u32 opaque)
1339 uint64_t quic_session_handle;
1340 session_t *stream_session;
1341 quic_stream_data_t *stream_data;
1342 quicly_stream_t *stream;
1343 quicly_conn_t *conn;
1344 app_worker_t *app_wrk;
1345 quic_ctx_t *qctx, *sctx;
1349 /* Find base session to which the user want to attach a stream */
1350 quic_session_handle = session_handle (quic_session);
1351 QUIC_DBG (2, "Opening new stream (qsession %u)", quic_session_handle);
1353 if (session_type_transport_proto (quic_session->session_type) !=
1354 TRANSPORT_PROTO_QUIC)
1356 QUIC_DBG (1, "received incompatible session");
1360 app_wrk = app_worker_get_if_valid (quic_session->app_wrk_index);
1363 QUIC_DBG (1, "Invalid app worker :(");
1367 sctx_index = quic_ctx_alloc (quic_session->thread_index); /* Allocate before we get pointers */
1368 sctx = quic_ctx_get (sctx_index, quic_session->thread_index);
1370 quic_ctx_get (quic_session->connection_index, quic_session->thread_index);
1371 if (quic_ctx_is_stream (qctx))
1373 QUIC_DBG (1, "session is a stream");
1374 quic_ctx_free (sctx);
1378 sctx->parent_app_wrk_id = qctx->parent_app_wrk_id;
1379 sctx->parent_app_id = qctx->parent_app_id;
1380 sctx->c_quic_ctx_id.quic_connection_ctx_id = qctx->c_c_index;
1381 sctx->c_c_index = sctx_index;
1382 sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1383 sctx->flags |= QUIC_F_IS_STREAM;
1385 conn = qctx->c_quic_ctx_id.conn;
1387 if (!conn || !quicly_connection_is_ready (conn))
1390 if ((rv = quicly_open_stream (conn, &stream, 0 /* uni */ )))
1392 QUIC_DBG (2, "Stream open failed with %d", rv);
1395 sctx->c_quic_ctx_id.stream = stream;
1397 QUIC_DBG (2, "Opened stream %d, creating session", stream->stream_id);
1399 stream_session = session_alloc (qctx->c_thread_index);
1400 QUIC_DBG (2, "Allocated stream_session 0x%lx ctx %u",
1401 session_handle (stream_session), sctx_index);
1402 stream_session->app_wrk_index = app_wrk->wrk_index;
1403 stream_session->connection_index = sctx_index;
1404 stream_session->listener_handle = quic_session_handle;
1405 stream_session->session_type =
1406 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
1407 qctx->c_quic_ctx_id.udp_is_ip4);
1409 sctx->c_s_index = stream_session->session_index;
1411 if (app_worker_init_connected (app_wrk, stream_session))
1413 QUIC_DBG (1, "failed to app_worker_init_connected");
1414 quicly_reset_stream (stream, QUIC_APP_ALLOCATION_ERROR);
1415 session_free_w_fifos (stream_session);
1416 quic_ctx_free (sctx);
1417 return app_worker_connect_notify (app_wrk, NULL, opaque);
1420 svm_fifo_add_want_deq_ntf (stream_session->rx_fifo,
1421 SVM_FIFO_WANT_DEQ_NOTIF_IF_FULL |
1422 SVM_FIFO_WANT_DEQ_NOTIF_IF_EMPTY);
1424 stream_session->session_state = SESSION_STATE_READY;
1425 if (app_worker_connect_notify (app_wrk, stream_session, opaque))
1427 QUIC_DBG (1, "failed to notify app");
1428 quicly_reset_stream (stream, QUIC_APP_CONNECT_NOTIFY_ERROR);
1429 session_free_w_fifos (stream_session);
1430 quic_ctx_free (sctx);
1433 stream_data = (quic_stream_data_t *) stream->data;
1434 stream_data->ctx_id = sctx->c_c_index;
1435 stream_data->thread_index = sctx->c_thread_index;
1436 stream_data->app_rx_data_len = 0;
1441 quic_connect_new_connection (session_endpoint_cfg_t * sep)
1443 vnet_connect_args_t _cargs = { {}, }, *cargs = &_cargs;
1444 quic_main_t *qm = &quic_main;
1446 app_worker_t *app_wrk;
1451 ctx_index = quic_ctx_alloc (vlib_get_thread_index ());
1452 ctx = quic_ctx_get (ctx_index, vlib_get_thread_index ());
1453 ctx->parent_app_wrk_id = sep->app_wrk_index;
1454 ctx->c_s_index = QUIC_SESSION_INVALID;
1455 ctx->c_c_index = ctx_index;
1456 ctx->c_quic_ctx_id.udp_is_ip4 = sep->is_ip4;
1457 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1458 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_HANDSHAKE;
1459 ctx->c_quic_ctx_id.client_opaque = sep->opaque;
1460 ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1463 ctx->c_quic_ctx_id.srv_hostname = format (0, "%v", sep->hostname);
1464 vec_terminate_c_string (ctx->c_quic_ctx_id.srv_hostname);
1468 /* needed by quic for crypto + determining client / server */
1469 ctx->c_quic_ctx_id.srv_hostname =
1470 format (0, "%U", format_ip46_address, &sep->ip, sep->is_ip4);
1473 clib_memcpy (&cargs->sep, sep, sizeof (session_endpoint_cfg_t));
1474 cargs->sep.transport_proto = TRANSPORT_PROTO_UDPC;
1475 cargs->app_index = qm->app_index;
1476 cargs->api_context = ctx_index;
1478 app_wrk = app_worker_get (sep->app_wrk_index);
1479 app = application_get (app_wrk->app_index);
1480 ctx->parent_app_id = app_wrk->app_index;
1481 cargs->sep_ext.ns_index = app->ns_index;
1483 allocate_quicly_ctx (app, 1 /* is client */ );
1485 if ((error = vnet_connect (cargs)))
1492 quic_connect (transport_endpoint_cfg_t * tep)
1494 QUIC_DBG (2, "Called quic_connect");
1495 session_endpoint_cfg_t *sep = (session_endpoint_cfg_t *) tep;
1496 session_t *quic_session;
1497 sep = (session_endpoint_cfg_t *) tep;
1499 quic_session = session_get_from_handle_if_valid (sep->parent_handle);
1501 return quic_connect_new_stream (quic_session, sep->opaque);
1503 return quic_connect_new_connection (sep);
1507 quic_proto_on_close (u32 ctx_index, u32 thread_index)
1509 quic_ctx_t *ctx = quic_ctx_get_if_valid (ctx_index, thread_index);
1513 session_t *stream_session =
1514 session_get (ctx->c_s_index, ctx->c_thread_index);
1515 clib_warning ("Closing session 0x%lx", session_handle (stream_session));
1517 if (quic_ctx_is_stream (ctx))
1519 quicly_stream_t *stream = ctx->c_quic_ctx_id.stream;
1520 quicly_reset_stream (stream, QUIC_APP_ERROR_CLOSE_NOTIFY);
1521 quic_send_packets (ctx);
1523 else if (ctx->c_quic_ctx_id.conn_state == QUIC_CONN_STATE_PASSIVE_CLOSING)
1524 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
1525 0 /* notify_transport */ );
1528 quicly_conn_t *conn = ctx->c_quic_ctx_id.conn;
1529 /* Start connection closing. Keep sending packets until quicly_send
1530 returns QUICLY_ERROR_FREE_CONNECTION */
1531 quicly_close (conn, QUIC_APP_ERROR_CLOSE_NOTIFY, "Closed by peer");
1532 /* This also causes all streams to be closed (and the cb called) */
1533 quic_send_packets (ctx);
1538 quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep)
1540 vnet_listen_args_t _bargs, *args = &_bargs;
1541 quic_main_t *qm = &quic_main;
1542 session_handle_t udp_handle;
1543 session_endpoint_cfg_t *sep;
1544 session_t *udp_listen_session;
1545 app_worker_t *app_wrk;
1549 app_listener_t *app_listener;
1551 sep = (session_endpoint_cfg_t *) tep;
1552 app_wrk = app_worker_get (sep->app_wrk_index);
1553 /* We need to call this because we call app_worker_init_connected in
1554 * quic_accept_stream, which assumes the connect segment manager exists */
1555 app_worker_alloc_connects_segment_manager (app_wrk);
1556 app = application_get (app_wrk->app_index);
1557 QUIC_DBG (2, "Called quic_start_listen for app %d", app_wrk->app_index);
1559 allocate_quicly_ctx (app, 0 /* is_client */ );
1561 sep->transport_proto = TRANSPORT_PROTO_UDPC;
1562 memset (args, 0, sizeof (*args));
1563 args->app_index = qm->app_index;
1564 args->sep_ext = *sep;
1565 args->sep_ext.ns_index = app->ns_index;
1566 if (vnet_listen (args))
1569 lctx_index = quic_ctx_alloc (0);
1570 udp_handle = args->handle;
1571 app_listener = app_listener_get_w_handle (udp_handle);
1572 udp_listen_session = app_listener_get_session (app_listener);
1573 udp_listen_session->opaque = lctx_index;
1575 lctx = quic_ctx_get (lctx_index, 0);
1576 lctx->flags |= QUIC_F_IS_LISTENER;
1578 clib_memcpy (&lctx->c_rmt_ip, &args->sep.peer.ip, sizeof (ip46_address_t));
1579 clib_memcpy (&lctx->c_lcl_ip, &args->sep.ip, sizeof (ip46_address_t));
1580 lctx->c_rmt_port = args->sep.peer.port;
1581 lctx->c_lcl_port = args->sep.port;
1582 lctx->c_is_ip4 = args->sep.is_ip4;
1583 lctx->c_fib_index = args->sep.fib_index;
1584 lctx->c_proto = TRANSPORT_PROTO_QUIC;
1585 lctx->parent_app_wrk_id = sep->app_wrk_index;
1586 lctx->parent_app_id = app_wrk->app_index;
1587 lctx->udp_session_handle = udp_handle;
1588 lctx->c_s_index = quic_listen_session_index;
1590 QUIC_DBG (2, "Listening UDP session 0x%lx",
1591 session_handle (udp_listen_session));
1592 QUIC_DBG (2, "Listening QUIC session 0x%lx", quic_listen_session_index);
1597 quic_stop_listen (u32 lctx_index)
1599 QUIC_DBG (2, "Called quic_stop_listen");
1601 lctx = quic_ctx_get (lctx_index, 0);
1602 ASSERT (quic_ctx_is_listener (lctx));
1603 vnet_unlisten_args_t a = {
1604 .handle = lctx->udp_session_handle,
1605 .app_index = quic_main.app_index,
1606 .wrk_map_index = 0 /* default wrk */
1608 if (vnet_unlisten (&a))
1609 clib_warning ("unlisten errored");
1611 /* TODO: crypto state cleanup */
1613 quic_ctx_free (lctx);
1617 static transport_connection_t *
1618 quic_connection_get (u32 ctx_index, u32 thread_index)
1621 ctx = quic_ctx_get (ctx_index, thread_index);
1622 return &ctx->connection;
1625 static transport_connection_t *
1626 quic_listener_get (u32 listener_index)
1628 QUIC_DBG (2, "Called quic_listener_get");
1630 ctx = quic_ctx_get (listener_index, 0);
1631 return &ctx->connection;
1635 format_quic_ctx (u8 * s, va_list * args)
1637 quic_ctx_t *ctx = va_arg (*args, quic_ctx_t *);
1638 u32 verbose = va_arg (*args, u32);
1643 str = format (str, "[#%d][Q] ", ctx->c_thread_index);
1645 if (quic_ctx_is_listener (ctx))
1646 str = format (str, "Listener, UDP %ld", ctx->udp_session_handle);
1647 else if (quic_ctx_is_stream (ctx))
1648 str = format (str, "Stream %ld conn %d",
1649 ctx->c_quic_ctx_id.stream->stream_id,
1650 ctx->c_quic_ctx_id.quic_connection_ctx_id);
1651 else /* connection */
1652 str = format (str, "Conn %d UDP %d", ctx->c_c_index,
1653 ctx->udp_session_handle);
1655 str = format (str, " app %d wrk %d", ctx->parent_app_id,
1656 ctx->parent_app_wrk_id);
1659 s = format (s, "%-50s%-15d", str, ctx->c_quic_ctx_id.conn_state);
1661 s = format (s, "%s\n", str);
1667 format_quic_connection (u8 * s, va_list * args)
1669 u32 qc_index = va_arg (*args, u32);
1670 u32 thread_index = va_arg (*args, u32);
1671 u32 verbose = va_arg (*args, u32);
1672 quic_ctx_t *ctx = quic_ctx_get (qc_index, thread_index);
1673 s = format (s, "%U", format_quic_ctx, ctx, verbose);
1678 format_quic_half_open (u8 * s, va_list * args)
1680 u32 qc_index = va_arg (*args, u32);
1681 u32 thread_index = va_arg (*args, u32);
1682 quic_ctx_t *ctx = quic_ctx_get (qc_index, thread_index);
1684 format (s, "[#%d][Q] half-open app %u", thread_index, ctx->parent_app_id);
1690 format_quic_listener (u8 * s, va_list * args)
1692 u32 tci = va_arg (*args, u32);
1693 u32 thread_index = va_arg (*args, u32);
1694 u32 verbose = va_arg (*args, u32);
1695 quic_ctx_t *ctx = quic_ctx_get (tci, thread_index);
1696 s = format (s, "%U", format_quic_ctx, ctx, verbose);
1700 /*****************************************************************************
1701 * END TRANSPORT PROTO FUNCTIONS
1703 * START SESSION CALLBACKS
1704 * Called from UDP layer
1705 *****************************************************************************/
1708 quic_build_sockaddr (struct sockaddr *sa, socklen_t * salen,
1709 ip46_address_t * addr, u16 port, u8 is_ip4)
1713 struct sockaddr_in *sa4 = (struct sockaddr_in *) sa;
1714 sa4->sin_family = AF_INET;
1715 sa4->sin_port = port;
1716 sa4->sin_addr.s_addr = addr->ip4.as_u32;
1717 *salen = sizeof (struct sockaddr_in);
1721 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) sa;
1722 sa6->sin6_family = AF_INET6;
1723 sa6->sin6_port = port;
1724 clib_memcpy (&sa6->sin6_addr, &addr->ip6, 16);
1725 *salen = sizeof (struct sockaddr_in6);
1730 quic_on_client_connected (quic_ctx_t * ctx)
1732 session_t *quic_session;
1733 app_worker_t *app_wrk;
1734 u32 ctx_id = ctx->c_c_index;
1735 u32 thread_index = ctx->c_thread_index;
1737 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1740 quic_disconnect_transport (ctx);
1744 quic_session = session_alloc (thread_index);
1746 QUIC_DBG (2, "Allocated quic session 0x%lx", session_handle (quic_session));
1747 ctx->c_s_index = quic_session->session_index;
1748 quic_session->app_wrk_index = ctx->parent_app_wrk_id;
1749 quic_session->connection_index = ctx->c_c_index;
1750 quic_session->listener_handle = SESSION_INVALID_HANDLE;
1751 quic_session->session_type =
1752 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
1753 ctx->c_quic_ctx_id.udp_is_ip4);
1755 if (app_worker_init_connected (app_wrk, quic_session))
1757 QUIC_DBG (1, "failed to app_worker_init_connected");
1758 quic_proto_on_close (ctx_id, thread_index);
1759 return app_worker_connect_notify (app_wrk, NULL,
1760 ctx->c_quic_ctx_id.client_opaque);
1763 quic_session->session_state = SESSION_STATE_CONNECTING;
1764 if (app_worker_connect_notify
1765 (app_wrk, quic_session, ctx->c_quic_ctx_id.client_opaque))
1767 QUIC_DBG (1, "failed to notify app");
1768 quic_proto_on_close (ctx_id, thread_index);
1772 /* If the app opens a stream in its callback it may invalidate ctx */
1773 ctx = quic_ctx_get (ctx_id, thread_index);
1774 quic_session->session_state = SESSION_STATE_LISTENING;
1780 quic_receive_connection (void *arg)
1782 u32 new_ctx_id, thread_index = vlib_get_thread_index ();
1783 quic_ctx_t *temp_ctx, *new_ctx;
1784 clib_bihash_kv_16_8_t kv;
1785 quicly_conn_t *conn;
1788 new_ctx_id = quic_ctx_alloc (thread_index);
1789 new_ctx = quic_ctx_get (new_ctx_id, thread_index);
1791 QUIC_DBG (2, "Received conn %u (now %u)", temp_ctx->c_thread_index,
1795 memcpy (new_ctx, temp_ctx, sizeof (quic_ctx_t));
1798 new_ctx->c_thread_index = thread_index;
1799 new_ctx->c_c_index = new_ctx_id;
1801 conn = new_ctx->c_quic_ctx_id.conn;
1802 quic_store_conn_ctx (conn, new_ctx);
1803 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1804 kv.value = ((u64) thread_index) << 32 | (u64) new_ctx_id;
1805 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
1806 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
1807 new_ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1808 quic_update_timer (new_ctx);
1810 /* Trigger read on this connection ? */
1814 quic_transfer_connection (u32 ctx_index, u32 dest_thread)
1816 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
1817 quic_ctx_t *ctx, *temp_ctx;
1818 clib_bihash_kv_16_8_t kv;
1819 quicly_conn_t *conn;
1820 u32 thread_index = vlib_get_thread_index ();
1822 QUIC_DBG (2, "Transferring conn %u to thread %u", ctx_index, dest_thread);
1824 temp_ctx = malloc (sizeof (quic_ctx_t));
1826 ctx = quic_ctx_get (ctx_index, thread_index);
1828 memcpy (temp_ctx, ctx, sizeof (quic_ctx_t));
1830 /* Remove from lookup hash, timer wheel and thread-local pool */
1831 conn = ctx->c_quic_ctx_id.conn;
1832 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1833 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 0 /* is_add */ );
1834 if (ctx->timer_handle != QUIC_TIMER_HANDLE_INVALID)
1836 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
1837 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
1839 quic_ctx_free (ctx);
1841 /* Send connection to destination thread */
1842 session_send_rpc_evt_to_thread (dest_thread, quic_receive_connection,
1847 quic_transfer_connection_rpc (void *arg)
1849 u64 arg_int = (u64) arg;
1850 u32 ctx_index, dest_thread;
1852 ctx_index = (u32) (arg_int >> 32);
1853 dest_thread = (u32) (arg_int & UINT32_MAX);
1854 quic_transfer_connection (ctx_index, dest_thread);
1858 * This assumes that the connection is not yet associated to a session
1859 * So currently it only works on the client side when receiving the first packet
1863 quic_move_connection_to_thread (u32 ctx_index, u32 owner_thread,
1866 QUIC_DBG (2, "Requesting transfer of conn %u from thread %u", ctx_index,
1868 u64 arg = ((u64) ctx_index) << 32 | to_thread;
1869 session_send_rpc_evt_to_thread (owner_thread, quic_transfer_connection_rpc,
1874 quic_session_connected_callback (u32 quic_app_index, u32 ctx_index,
1875 session_t * udp_session, u8 is_fail)
1877 QUIC_DBG (2, "QSession is now connected (id %u)",
1878 udp_session->session_index);
1879 /* This should always be called before quic_connect returns since UDP always
1880 * connects instantly. */
1881 clib_bihash_kv_16_8_t kv;
1882 struct sockaddr_in6 sa6;
1883 struct sockaddr *sa = (struct sockaddr *) &sa6;
1885 transport_connection_t *tc;
1886 app_worker_t *app_wrk;
1887 quicly_conn_t *conn;
1890 u32 thread_index = vlib_get_thread_index ();
1893 ctx = quic_ctx_get (ctx_index, thread_index);
1899 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1902 api_context = ctx->c_s_index;
1903 app_worker_connect_notify (app_wrk, 0, api_context);
1908 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1911 QUIC_DBG (1, "Appwrk not found");
1914 app = application_get (app_wrk->app_index);
1916 ctx->c_thread_index = thread_index;
1917 ctx->c_c_index = ctx_index;
1919 QUIC_DBG (2, "Quic connect returned %u. New ctx [%u]%x",
1920 is_fail, thread_index, (ctx) ? ctx_index : ~0);
1922 ctx->udp_session_handle = session_handle (udp_session);
1923 udp_session->opaque = ctx->parent_app_id;
1924 udp_session->session_state = SESSION_STATE_READY;
1926 /* Init QUIC lib connection
1927 * Generate required sockaddr & salen */
1928 tc = session_get_transport (udp_session);
1929 quic_build_sockaddr (sa, &salen, &tc->rmt_ip, tc->rmt_port, tc->is_ip4);
1932 quicly_connect (&ctx->c_quic_ctx_id.conn,
1933 (quicly_context_t *) app->quicly_ctx,
1934 (char *) ctx->c_quic_ctx_id.srv_hostname, sa, salen,
1935 &quic_main.next_cid, &quic_main.hs_properties, NULL);
1936 ++quic_main.next_cid.master_id;
1937 /* Save context handle in quicly connection */
1938 quic_store_conn_ctx (ctx->c_quic_ctx_id.conn, ctx);
1941 /* Register connection in connections map */
1942 conn = ctx->c_quic_ctx_id.conn;
1943 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1944 kv.value = ((u64) thread_index) << 32 | (u64) ctx_index;
1945 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
1946 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
1948 quic_send_packets (ctx);
1950 /* UDP stack quirk? preemptively transfer connection if that happens */
1951 if (udp_session->thread_index != thread_index)
1952 quic_transfer_connection (ctx_index, udp_session->thread_index);
1958 quic_session_disconnect_callback (session_t * s)
1960 clib_warning ("UDP session disconnected???");
1964 quic_session_reset_callback (session_t * s)
1966 clib_warning ("UDP session reset???");
1970 quic_session_accepted_callback (session_t * udp_session)
1972 /* New UDP connection, try to accept it */
1975 quic_ctx_t *ctx, *lctx;
1976 session_t *udp_listen_session;
1977 u32 thread_index = vlib_get_thread_index ();
1979 udp_listen_session =
1980 listen_session_get_from_handle (udp_session->listener_handle);
1982 ctx_index = quic_ctx_alloc (thread_index);
1983 ctx = quic_ctx_get (ctx_index, thread_index);
1984 ctx->c_thread_index = udp_session->thread_index;
1985 ctx->c_c_index = ctx_index;
1986 ctx->c_s_index = QUIC_SESSION_INVALID;
1987 ctx->udp_session_handle = session_handle (udp_session);
1988 QUIC_DBG (2, "ACCEPTED UDP 0x%lx", ctx->udp_session_handle);
1989 ctx->c_quic_ctx_id.listener_ctx_id = udp_listen_session->opaque;
1990 lctx = quic_ctx_get (udp_listen_session->opaque,
1991 udp_listen_session->thread_index);
1992 ctx->c_quic_ctx_id.udp_is_ip4 = lctx->c_is_ip4;
1993 ctx->parent_app_id = lctx->parent_app_id;
1994 ctx->parent_app_wrk_id = lctx->parent_app_wrk_id;
1995 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1996 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_OPENED;
1997 ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1999 udp_session->opaque = ctx->parent_app_id;
2001 /* Put this ctx in the "opening" pool */
2002 pool_get (quic_main.wrk_ctx[ctx->c_thread_index].opening_ctx_pool,
2004 *pool_index = ctx_index;
2006 /* TODO timeout to delete these if they never connect */
2011 quic_add_segment_callback (u32 client_index, u64 seg_handle)
2013 QUIC_DBG (2, "Called quic_add_segment_callback");
2014 QUIC_DBG (2, "NOT IMPLEMENTED");
2015 /* No-op for builtin */
2020 quic_del_segment_callback (u32 client_index, u64 seg_handle)
2022 QUIC_DBG (2, "Called quic_del_segment_callback");
2023 QUIC_DBG (2, "NOT IMPLEMENTED");
2024 /* No-op for builtin */
2030 quic_custom_app_rx_callback (transport_connection_t * tc)
2033 session_t *stream_session = session_get (tc->s_index, tc->thread_index);
2034 QUIC_DBG (3, "Received app READ notification");
2035 quic_ack_rx_data (stream_session);
2036 svm_fifo_reset_has_deq_ntf (stream_session->rx_fifo);
2038 /* Need to send packets (acks may never be sent otherwise) */
2039 ctx = quic_ctx_get (stream_session->connection_index,
2040 stream_session->thread_index);
2041 quic_send_packets (ctx);
2046 quic_custom_tx_callback (void *s)
2048 session_t *stream_session = (session_t *) s;
2049 quicly_stream_t *stream;
2054 (stream_session->session_state >= SESSION_STATE_TRANSPORT_CLOSING))
2057 quic_ctx_get (stream_session->connection_index,
2058 stream_session->thread_index);
2059 if (PREDICT_FALSE (!quic_ctx_is_stream (ctx)))
2061 goto tx_end; /* Most probably a reschedule */
2064 QUIC_DBG (3, "Stream TX event");
2065 quic_ack_rx_data (stream_session);
2066 if (!svm_fifo_max_dequeue (stream_session->tx_fifo))
2069 stream = ctx->c_quic_ctx_id.stream;
2070 if (!quicly_sendstate_is_open (&stream->sendstate))
2072 QUIC_DBG (1, "Warning: tried to send on closed stream");
2076 if ((rv = quicly_stream_sync_sendbuf (stream, 1)) != 0)
2080 quic_send_packets (ctx);
2086 * Returns 0 if a matching connection is found and is on the right thread.
2087 * If a connection is found, even on the wrong thread, ctx_thread and ctx_index
2091 quic_find_packet_ctx (u32 * ctx_thread, u32 * ctx_index,
2092 struct sockaddr *sa, socklen_t salen,
2093 quicly_decoded_packet_t * packet,
2094 u32 caller_thread_index)
2097 quicly_conn_t *conn_;
2098 clib_bihash_kv_16_8_t kv;
2099 clib_bihash_16_8_t *h;
2101 h = &quic_main.connection_hash;
2102 quic_make_connection_key (&kv, &packet->cid.dest.plaintext);
2103 QUIC_DBG (3, "Searching conn with id %lu %lu", kv.key[0], kv.key[1]);
2105 if (clib_bihash_search_16_8 (h, &kv, &kv) == 0)
2107 u32 index = kv.value & UINT32_MAX;
2108 u8 thread_id = kv.value >> 32;
2109 /* Check if this connection belongs to this thread, otherwise
2110 * ask for it to be moved */
2111 if (thread_id != caller_thread_index)
2113 QUIC_DBG (2, "Connection is on wrong thread");
2114 /* Cannot make full check with quicly_is_destination... */
2116 *ctx_thread = thread_id;
2119 ctx_ = quic_ctx_get (index, vlib_get_thread_index ());
2120 conn_ = ctx_->c_quic_ctx_id.conn;
2121 if (conn_ && quicly_is_destination (conn_, sa, salen, packet))
2123 QUIC_DBG (3, "Connection found");
2125 *ctx_thread = thread_id;
2129 QUIC_DBG (3, "connection not found");
2134 quic_receive (quic_ctx_t * ctx, quicly_conn_t * conn,
2135 quicly_decoded_packet_t packet)
2138 u32 ctx_id = ctx->c_c_index;
2139 u32 thread_index = ctx->c_thread_index;
2140 /* TODO : QUICLY_ERROR_PACKET_IGNORED sould be handled */
2141 rv = quicly_receive (conn, &packet);
2144 QUIC_DBG (2, "quicly_receive errored %U", quic_format_err, rv);
2147 /* ctx pointer may change if a new stream is opened */
2148 ctx = quic_ctx_get (ctx_id, thread_index);
2149 /* Conn may be set to null if the connection is terminated */
2150 if (ctx->c_quic_ctx_id.conn
2151 && ctx->c_quic_ctx_id.conn_state == QUIC_CONN_STATE_HANDSHAKE)
2153 if (quicly_connection_is_ready (conn))
2155 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_READY;
2156 if (quicly_is_client (conn))
2158 quic_on_client_connected (ctx);
2159 ctx = quic_ctx_get (ctx_id, thread_index);
2163 return quic_send_packets (ctx);
2167 quic_create_quic_session (quic_ctx_t * ctx)
2169 session_t *quic_session;
2170 app_worker_t *app_wrk;
2174 quic_session = session_alloc (ctx->c_thread_index);
2175 QUIC_DBG (2, "Allocated quic_session, 0x%lx ctx %u",
2176 session_handle (quic_session), ctx->c_c_index);
2177 quic_session->session_state = SESSION_STATE_LISTENING;
2178 ctx->c_s_index = quic_session->session_index;
2180 lctx = quic_ctx_get (ctx->c_quic_ctx_id.listener_ctx_id, 0);
2182 quic_session->app_wrk_index = lctx->parent_app_wrk_id;
2183 quic_session->connection_index = ctx->c_c_index;
2184 quic_session->session_type =
2185 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
2186 ctx->c_quic_ctx_id.udp_is_ip4);
2187 quic_session->listener_handle = lctx->c_s_index;
2189 /* TODO: don't alloc fifos when we don't transfer data on this session
2190 * but we still need fifos for the events? */
2191 if ((rv = app_worker_init_accepted (quic_session)))
2193 QUIC_DBG (1, "failed to allocate fifos");
2194 session_free (quic_session);
2197 app_wrk = app_worker_get (quic_session->app_wrk_index);
2198 rv = app_worker_accept_notify (app_wrk, quic_session);
2201 QUIC_DBG (1, "failed to notify accept worker app");
2208 quic_create_connection (quicly_context_t * quicly_ctx,
2209 u32 ctx_index, struct sockaddr *sa,
2210 socklen_t salen, quicly_decoded_packet_t packet)
2212 clib_bihash_kv_16_8_t kv;
2214 quicly_conn_t *conn;
2215 u32 thread_index = vlib_get_thread_index ();
2218 /* new connection, accept and create context if packet is valid
2219 * TODO: check if socket is actually listening? */
2220 if ((rv = quicly_accept (&conn, quicly_ctx, sa, salen,
2221 &packet, ptls_iovec_init (NULL, 0),
2222 &quic_main.next_cid, NULL)))
2224 /* Invalid packet, pass */
2225 assert (conn == NULL);
2226 QUIC_DBG (1, "Accept failed with %d", rv);
2227 /* TODO: cleanup created quic ctx and UDP session */
2230 assert (conn != NULL);
2232 ++quic_main.next_cid.master_id;
2233 ctx = quic_ctx_get (ctx_index, thread_index);
2234 /* Save ctx handle in quicly connection */
2235 quic_store_conn_ctx (conn, ctx);
2236 ctx->c_quic_ctx_id.conn = conn;
2237 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_HANDSHAKE;
2239 quic_create_quic_session (ctx);
2241 /* Register connection in connections map */
2242 quic_make_connection_key (&kv, quicly_get_master_id (conn));
2243 kv.value = ((u64) thread_index) << 32 | (u64) ctx_index;
2244 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
2245 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
2247 return quic_send_packets (ctx);
2251 quic_reset_connection (quicly_context_t * quicly_ctx, u64 udp_session_handle,
2252 struct sockaddr *sa, socklen_t salen,
2253 quicly_decoded_packet_t packet)
2255 /* short header packet; potentially a dead connection. No need to check the
2256 * length of the incoming packet, because loop is prevented by authenticating
2257 * the CID (by checking node_id and thread_id). If the peer is also sending a
2258 * reset, then the next CID is highly likely to contain a non-authenticating
2260 QUIC_DBG (2, "Sending stateless reset");
2262 quicly_datagram_t *dgram;
2263 session_t *udp_session;
2264 if (packet.cid.dest.plaintext.node_id == 0
2265 && packet.cid.dest.plaintext.thread_id == 0)
2267 dgram = quicly_send_stateless_reset (quicly_ctx, sa, salen,
2268 &packet.cid.dest.plaintext);
2271 udp_session = session_get_from_handle (udp_session_handle);
2272 rv = quic_send_datagram (udp_session, dgram);
2273 if (svm_fifo_set_event (udp_session->tx_fifo))
2274 session_send_io_evt_to_thread (udp_session->tx_fifo,
2282 quic_app_rx_callback (session_t * udp_session)
2284 /* Read data from UDP rx_fifo and pass it to the quicly conn. */
2285 quicly_decoded_packet_t packet;
2286 session_dgram_hdr_t ph;
2288 quic_ctx_t *ctx = NULL;
2291 struct sockaddr_in6 sa6;
2292 struct sockaddr *sa = (struct sockaddr *) &sa6;
2294 u32 max_deq, full_len, ctx_index = UINT32_MAX, ctx_thread = UINT32_MAX, ret;
2297 u32 *opening_ctx_pool, *ctx_index_ptr;
2298 u32 app_index = udp_session->opaque;
2299 u64 udp_session_handle = session_handle (udp_session);
2301 u32 thread_index = vlib_get_thread_index ();
2302 app = application_get_if_valid (app_index);
2305 QUIC_DBG (1, "Got RX on detached app");
2306 /* TODO: close this session, cleanup state? */
2312 udp_session = session_get_from_handle (udp_session_handle); /* session alloc might have happened */
2313 f = udp_session->rx_fifo;
2314 max_deq = svm_fifo_max_dequeue (f);
2318 if (max_deq < SESSION_CONN_HDR_LEN)
2320 QUIC_DBG (1, "Not enough data for even a header in RX");
2323 ret = svm_fifo_peek (f, 0, SESSION_CONN_HDR_LEN, (u8 *) & ph);
2324 if (ret != SESSION_CONN_HDR_LEN)
2326 QUIC_DBG (1, "Not enough data for header in RX");
2329 ASSERT (ph.data_offset == 0);
2330 full_len = ph.data_length + SESSION_CONN_HDR_LEN;
2331 if (full_len > max_deq)
2333 QUIC_DBG (1, "Not enough data in fifo RX");
2337 /* Quicly can read len bytes from the fifo at offset:
2338 * ph.data_offset + SESSION_CONN_HDR_LEN */
2339 data = malloc (ph.data_length);
2340 ret = svm_fifo_peek (f, SESSION_CONN_HDR_LEN, ph.data_length, data);
2341 if (ret != ph.data_length)
2343 QUIC_DBG (1, "Not enough data peeked in RX");
2349 quic_build_sockaddr (sa, &salen, &ph.rmt_ip, ph.rmt_port, ph.is_ip4);
2350 plen = quicly_decode_packet ((quicly_context_t *) app->quicly_ctx,
2351 &packet, data, ph.data_length);
2353 if (plen != SIZE_MAX)
2356 err = quic_find_packet_ctx (&ctx_thread, &ctx_index, sa, salen,
2357 &packet, thread_index);
2360 ctx = quic_ctx_get (ctx_index, thread_index);
2361 quic_receive (ctx, ctx->c_quic_ctx_id.conn, packet);
2363 else if (ctx_thread != UINT32_MAX)
2365 /* Connection found but on wrong thread, ask move */
2366 quic_move_connection_to_thread (ctx_index, ctx_thread,
2369 else if ((packet.octets.base[0] & QUICLY_PACKET_TYPE_BITMASK) ==
2370 QUICLY_PACKET_TYPE_INITIAL)
2372 /* Try to find matching "opening" ctx */
2374 quic_main.wrk_ctx[thread_index].opening_ctx_pool;
2377 pool_foreach (ctx_index_ptr, opening_ctx_pool,
2379 ctx = quic_ctx_get (*ctx_index_ptr, thread_index);
2380 if (ctx->udp_session_handle == udp_session_handle)
2382 /* Right ctx found, create conn & remove from pool */
2383 quic_create_connection ((quicly_context_t *) app->quicly_ctx,
2384 *ctx_index_ptr, sa, salen, packet);
2385 pool_put (opening_ctx_pool, ctx_index_ptr);
2386 goto ctx_search_done;
2394 quic_reset_connection ((quicly_context_t *) app->quicly_ctx,
2395 udp_session_handle, sa, salen, packet);
2399 svm_fifo_dequeue_drop (f, full_len);
2407 quic_common_get_transport_endpoint (quic_ctx_t * ctx,
2408 transport_endpoint_t * tep, u8 is_lcl)
2410 session_t *udp_session;
2411 if (!quic_ctx_is_stream (ctx))
2413 udp_session = session_get_from_handle (ctx->udp_session_handle);
2414 session_get_endpoint (udp_session, tep, is_lcl);
2419 quic_get_transport_listener_endpoint (u32 listener_index,
2420 transport_endpoint_t * tep, u8 is_lcl)
2423 app_listener_t *app_listener;
2424 session_t *udp_listen_session;
2425 ctx = quic_ctx_get (listener_index, vlib_get_thread_index ());
2426 if (quic_ctx_is_listener (ctx))
2428 app_listener = app_listener_get_w_handle (ctx->udp_session_handle);
2429 udp_listen_session = app_listener_get_session (app_listener);
2430 return session_get_endpoint (udp_listen_session, tep, is_lcl);
2432 quic_common_get_transport_endpoint (ctx, tep, is_lcl);
2436 quic_get_transport_endpoint (u32 ctx_index, u32 thread_index,
2437 transport_endpoint_t * tep, u8 is_lcl)
2440 ctx = quic_ctx_get (ctx_index, thread_index);
2441 quic_common_get_transport_endpoint (ctx, tep, is_lcl);
2444 /*****************************************************************************
2445 * END TRANSPORT PROTO FUNCTIONS
2446 *****************************************************************************/
2449 static session_cb_vft_t quic_app_cb_vft = {
2450 .session_accept_callback = quic_session_accepted_callback,
2451 .session_disconnect_callback = quic_session_disconnect_callback,
2452 .session_connected_callback = quic_session_connected_callback,
2453 .session_reset_callback = quic_session_reset_callback,
2454 .add_segment_callback = quic_add_segment_callback,
2455 .del_segment_callback = quic_del_segment_callback,
2456 .builtin_app_rx_callback = quic_app_rx_callback,
2459 static const transport_proto_vft_t quic_proto = {
2460 .connect = quic_connect,
2461 .close = quic_proto_on_close,
2462 .start_listen = quic_start_listen,
2463 .stop_listen = quic_stop_listen,
2464 .get_connection = quic_connection_get,
2465 .get_listener = quic_listener_get,
2466 .update_time = quic_update_time,
2467 .app_rx_evt = quic_custom_app_rx_callback,
2468 .custom_tx = quic_custom_tx_callback,
2469 .format_connection = format_quic_connection,
2470 .format_half_open = format_quic_half_open,
2471 .format_listener = format_quic_listener,
2472 .get_transport_endpoint = quic_get_transport_endpoint,
2473 .get_transport_listener_endpoint = quic_get_transport_listener_endpoint,
2474 .transport_options = {
2475 .tx_type = TRANSPORT_TX_INTERNAL,
2476 .service_type = TRANSPORT_SERVICE_APP,
2481 static clib_error_t *
2482 quic_init (vlib_main_t * vm)
2484 u32 segment_size = 256 << 20;
2485 vlib_thread_main_t *vtm = vlib_get_thread_main ();
2486 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
2487 vnet_app_attach_args_t _a, *a = &_a;
2488 u64 options[APP_OPTIONS_N_OPTIONS];
2489 quic_main_t *qm = &quic_main;
2490 u32 fifo_size = QUIC_FIFO_SIZE;
2493 num_threads = 1 /* main thread */ + vtm->n_threads;
2495 memset (a, 0, sizeof (*a));
2496 memset (options, 0, sizeof (options));
2498 a->session_cb_vft = &quic_app_cb_vft;
2499 a->api_client_index = APP_INVALID_INDEX;
2500 a->options = options;
2501 a->name = format (0, "quic");
2502 a->options[APP_OPTIONS_SEGMENT_SIZE] = segment_size;
2503 a->options[APP_OPTIONS_ADD_SEGMENT_SIZE] = segment_size;
2504 a->options[APP_OPTIONS_RX_FIFO_SIZE] = fifo_size;
2505 a->options[APP_OPTIONS_TX_FIFO_SIZE] = fifo_size;
2506 a->options[APP_OPTIONS_FLAGS] = APP_OPTIONS_FLAGS_IS_BUILTIN;
2507 a->options[APP_OPTIONS_FLAGS] |= APP_OPTIONS_FLAGS_USE_GLOBAL_SCOPE;
2508 a->options[APP_OPTIONS_FLAGS] |= APP_OPTIONS_FLAGS_IS_TRANSPORT_APP;
2510 if (vnet_application_attach (a))
2512 clib_warning ("failed to attach quic app");
2513 return clib_error_return (0, "failed to attach quic app");
2516 vec_validate (qm->ctx_pool, num_threads - 1);
2517 vec_validate (qm->wrk_ctx, num_threads - 1);
2518 /* Timer wheels, one per thread. */
2519 for (i = 0; i < num_threads; i++)
2521 tw = &qm->wrk_ctx[i].timer_wheel;
2522 tw_timer_wheel_init_1t_3w_1024sl_ov (tw, quic_expired_timers_dispatch,
2523 1e-3 /* timer period 1ms */ , ~0);
2524 tw->last_run_time = vlib_time_now (vlib_get_main ());
2527 clib_bihash_init_16_8 (&qm->connection_hash, "quic connections", 1024,
2531 qm->app_index = a->app_index;
2532 qm->tstamp_ticks_per_clock = vm->clib_time.seconds_per_clock
2533 / QUIC_TSTAMP_RESOLUTION;
2535 transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
2536 FIB_PROTOCOL_IP4, ~0);
2537 transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
2538 FIB_PROTOCOL_IP6, ~0);
2544 VLIB_INIT_FUNCTION (quic_init);
2546 static clib_error_t *
2547 quic_plugin_crypto_command_fn (vlib_main_t * vm,
2548 unformat_input_t * input,
2549 vlib_cli_command_t * cmd)
2551 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
2553 if (unformat (input, "vpp"))
2555 quic_tlsctx.cipher_suites = vpp_crypto_cipher_suites;
2558 else if (unformat (input, "picotls"))
2560 quic_tlsctx.cipher_suites = ptls_openssl_cipher_suites;
2564 return clib_error_return (0, "unknown input '%U'",
2565 format_unformat_error, input);
2568 return clib_error_return (0, "unknown input '%U'",
2569 format_unformat_error, input);
2573 VLIB_CLI_COMMAND(quic_plugin_crypto_command, static)=
2575 .path = "quic set crypto api",
2576 .short_help = "quic set crypto api [picotls, vpp]",
2577 .function = quic_plugin_crypto_command_fn,
2580 VLIB_PLUGIN_REGISTER () =
2582 .version = VPP_BUILD_VER,
2583 .description = "Quic transport protocol",
2588 * fd.io coding-style-patch-verification: ON
2591 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob