2 * Copyright (c) 2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <sys/socket.h>
18 #include <vnet/session/application.h>
19 #include <vnet/session/transport.h>
20 #include <vnet/session/session.h>
21 #include <vlib/unix/plugin.h>
22 #include <vpp/app/version.h>
23 #include <openssl/pem.h>
25 #include <vppinfra/lock.h>
27 #include <quic/quic.h>
29 #include <quicly/defaults.h>
30 #include <picotls/openssl.h>
31 #include <picotls/pembase64.h>
33 static quic_main_t quic_main;
34 static void quic_update_timer (quic_ctx_t * ctx);
37 quic_format_err (u8 * s, va_list * args)
39 u64 code = va_arg (*args, u64);
43 s = format (s, "no error");
46 case QUIC_ERROR_FULL_FIFO:
47 s = format (s, "full fifo");
49 case QUIC_APP_ERROR_CLOSE_NOTIFY:
50 s = format (s, "QUIC_APP_ERROR_CLOSE_NOTIFY");
52 case QUIC_APP_ALLOCATION_ERROR:
53 s = format (s, "QUIC_APP_ALLOCATION_ERROR");
55 case QUIC_APP_ACCEPT_NOTIFY_ERROR:
56 s = format (s, "QUIC_APP_ACCEPT_NOTIFY_ERROR");
58 case QUIC_APP_CONNECT_NOTIFY_ERROR:
59 s = format (s, "QUIC_APP_CONNECT_NOTIFY_ERROR");
62 case QUICLY_ERROR_PACKET_IGNORED:
63 s = format (s, "QUICLY_ERROR_PACKET_IGNORED");
65 case QUICLY_ERROR_SENDBUF_FULL:
66 s = format (s, "QUICLY_ERROR_SENDBUF_FULL");
68 case QUICLY_ERROR_FREE_CONNECTION:
69 s = format (s, "QUICLY_ERROR_FREE_CONNECTION");
71 case QUICLY_ERROR_RECEIVED_STATELESS_RESET:
72 s = format (s, "QUICLY_ERROR_RECEIVED_STATELESS_RESET");
74 case QUICLY_TRANSPORT_ERROR_NONE:
75 s = format (s, "QUICLY_TRANSPORT_ERROR_NONE");
77 case QUICLY_TRANSPORT_ERROR_INTERNAL:
78 s = format (s, "QUICLY_TRANSPORT_ERROR_INTERNAL");
80 case QUICLY_TRANSPORT_ERROR_SERVER_BUSY:
81 s = format (s, "QUICLY_TRANSPORT_ERROR_SERVER_BUSY");
83 case QUICLY_TRANSPORT_ERROR_FLOW_CONTROL:
84 s = format (s, "QUICLY_TRANSPORT_ERROR_FLOW_CONTROL");
86 case QUICLY_TRANSPORT_ERROR_STREAM_ID:
87 s = format (s, "QUICLY_TRANSPORT_ERROR_STREAM_ID");
89 case QUICLY_TRANSPORT_ERROR_STREAM_STATE:
90 s = format (s, "QUICLY_TRANSPORT_ERROR_STREAM_STATE");
92 case QUICLY_TRANSPORT_ERROR_FINAL_OFFSET:
93 s = format (s, "QUICLY_TRANSPORT_ERROR_FINAL_OFFSET");
95 case QUICLY_TRANSPORT_ERROR_FRAME_ENCODING:
96 s = format (s, "QUICLY_TRANSPORT_ERROR_FRAME_ENCODING");
98 case QUICLY_TRANSPORT_ERROR_TRANSPORT_PARAMETER:
99 s = format (s, "QUICLY_TRANSPORT_ERROR_TRANSPORT_PARAMETER");
101 case QUICLY_TRANSPORT_ERROR_VERSION_NEGOTIATION:
102 s = format (s, "QUICLY_TRANSPORT_ERROR_VERSION_NEGOTIATION");
104 case QUICLY_TRANSPORT_ERROR_PROTOCOL_VIOLATION:
105 s = format (s, "QUICLY_TRANSPORT_ERROR_PROTOCOL_VIOLATION");
107 case QUICLY_TRANSPORT_ERROR_INVALID_MIGRATION:
108 s = format (s, "QUICLY_TRANSPORT_ERROR_INVALID_MIGRATION");
111 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CLOSE_NOTIFY):
113 format (s, "PTLS_ALERT_CLOSE_NOTIFY");
115 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNEXPECTED_MESSAGE):
117 format (s, "PTLS_ALERT_UNEXPECTED_MESSAGE");
119 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_BAD_RECORD_MAC):
121 format (s, "PTLS_ALERT_BAD_RECORD_MAC");
123 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_HANDSHAKE_FAILURE):
125 format (s, "PTLS_ALERT_HANDSHAKE_FAILURE");
127 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_BAD_CERTIFICATE):
129 format (s, "PTLS_ALERT_BAD_CERTIFICATE");
131 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_REVOKED):
133 format (s, "PTLS_ALERT_CERTIFICATE_REVOKED");
135 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_EXPIRED):
137 format (s, "PTLS_ALERT_CERTIFICATE_EXPIRED");
139 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_UNKNOWN):
141 format (s, "PTLS_ALERT_CERTIFICATE_UNKNOWN");
143 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_ILLEGAL_PARAMETER):
145 format (s, "PTLS_ALERT_ILLEGAL_PARAMETER");
147 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNKNOWN_CA):
149 format (s, "PTLS_ALERT_UNKNOWN_CA");
151 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_DECODE_ERROR):
153 format (s, "PTLS_ALERT_DECODE_ERROR");
155 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_DECRYPT_ERROR):
157 format (s, "PTLS_ALERT_DECRYPT_ERROR");
159 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_PROTOCOL_VERSION):
161 format (s, "PTLS_ALERT_PROTOCOL_VERSION");
163 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_INTERNAL_ERROR):
165 format (s, "PTLS_ALERT_INTERNAL_ERROR");
167 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_USER_CANCELED):
169 format (s, "PTLS_ALERT_USER_CANCELED");
171 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_MISSING_EXTENSION):
173 format (s, "PTLS_ALERT_MISSING_EXTENSION");
175 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNRECOGNIZED_NAME):
177 format (s, "PTLS_ALERT_UNRECOGNIZED_NAME");
179 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_REQUIRED):
181 format (s, "PTLS_ALERT_CERTIFICATE_REQUIRED");
183 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_NO_APPLICATION_PROTOCOL):
185 format (s, "PTLS_ALERT_NO_APPLICATION_PROTOCOL");
187 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_NO_MEMORY):
189 format (s, "PTLS_ERROR_NO_MEMORY");
191 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_IN_PROGRESS):
193 format (s, "PTLS_ERROR_IN_PROGRESS");
195 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_LIBRARY):
197 format (s, "PTLS_ERROR_LIBRARY");
199 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCOMPATIBLE_KEY):
201 format (s, "PTLS_ERROR_INCOMPATIBLE_KEY");
203 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_SESSION_NOT_FOUND):
205 format (s, "PTLS_ERROR_SESSION_NOT_FOUND");
207 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_STATELESS_RETRY):
209 format (s, "PTLS_ERROR_STATELESS_RETRY");
211 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_NOT_AVAILABLE):
213 format (s, "PTLS_ERROR_NOT_AVAILABLE");
215 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_COMPRESSION_FAILURE):
217 format (s, "PTLS_ERROR_COMPRESSION_FAILURE");
219 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_INCORRECT_ENCODING):
221 format (s, "PTLS_ERROR_BER_INCORRECT_ENCODING");
223 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_MALFORMED_TYPE):
225 format (s, "PTLS_ERROR_BER_MALFORMED_TYPE");
227 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_MALFORMED_LENGTH):
229 format (s, "PTLS_ERROR_BER_MALFORMED_LENGTH");
231 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_EXCESSIVE_LENGTH):
233 format (s, "PTLS_ERROR_BER_EXCESSIVE_LENGTH");
235 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_ELEMENT_TOO_SHORT):
237 format (s, "PTLS_ERROR_BER_ELEMENT_TOO_SHORT");
239 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_UNEXPECTED_EOC):
241 format (s, "PTLS_ERROR_BER_UNEXPECTED_EOC");
243 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_DER_INDEFINITE_LENGTH):
245 format (s, "PTLS_ERROR_DER_INDEFINITE_LENGTH");
247 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_ASN1_SYNTAX):
249 format (s, "PTLS_ERROR_INCORRECT_ASN1_SYNTAX");
251 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_KEY_VERSION):
253 format (s, "PTLS_ERROR_INCORRECT_PEM_KEY_VERSION");
255 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_KEY_VERSION):
257 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_KEY_VERSION");
259 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_CURVE):
261 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_CURVE");
263 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_KEYSIZE):
265 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_KEYSIZE");
267 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_ASN1_ECDSA_KEY_SYNTAX):
269 format (s, "PTLS_ERROR_INCORRECT_ASN1_ECDSA_KEY_SYNTAX");
272 s = format (s, "unknown error 0x%lx", code);
279 quic_ctx_alloc (u32 thread_index)
281 quic_main_t *qm = &quic_main;
284 pool_get (qm->ctx_pool[thread_index], ctx);
286 memset (ctx, 0, sizeof (quic_ctx_t));
287 ctx->c_thread_index = thread_index;
288 QUIC_DBG (1, "Allocated quic_ctx %u on thread %u",
289 ctx - qm->ctx_pool[thread_index], thread_index);
290 return ctx - qm->ctx_pool[thread_index];
294 quic_ctx_free (quic_ctx_t * ctx)
296 QUIC_DBG (2, "Free ctx %u", ctx->c_c_index);
297 u32 thread_index = ctx->c_thread_index;
299 memset (ctx, 0xfb, sizeof (*ctx));
300 pool_put (quic_main.ctx_pool[thread_index], ctx);
304 quic_ctx_get (u32 ctx_index, u32 thread_index)
306 return pool_elt_at_index (quic_main.ctx_pool[thread_index], ctx_index);
310 quic_ctx_get_if_valid (u32 ctx_index, u32 thread_index)
312 if (pool_is_free_index (quic_main.ctx_pool[thread_index], ctx_index))
314 return pool_elt_at_index (quic_main.ctx_pool[thread_index], ctx_index);
318 quic_get_conn_ctx (quicly_conn_t * conn)
321 conn_data = (u64) * quicly_get_data (conn);
322 return quic_ctx_get (conn_data & UINT32_MAX, conn_data >> 32);
326 quic_store_conn_ctx (quicly_conn_t * conn, quic_ctx_t * ctx)
328 *quicly_get_data (conn) =
329 (void *) (((u64) ctx->c_thread_index) << 32 | (u64) ctx->c_c_index);
333 quic_ctx_is_stream (quic_ctx_t * ctx)
335 return (ctx->flags & QUIC_F_IS_STREAM);
339 quic_ctx_is_listener (quic_ctx_t * ctx)
341 return (ctx->flags & QUIC_F_IS_LISTENER);
345 get_stream_session_from_stream (quicly_stream_t * stream)
348 quic_stream_data_t *stream_data;
350 stream_data = (quic_stream_data_t *) stream->data;
351 ctx = quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
352 return session_get (ctx->c_s_index, stream_data->thread_index);
356 quic_make_connection_key (clib_bihash_kv_16_8_t * kv,
357 const quicly_cid_plaintext_t * id)
359 kv->key[0] = ((u64) id->master_id) << 32 | (u64) id->thread_id;
360 kv->key[1] = id->node_id;
364 quic_sendable_packet_count (session_t * udp_session)
367 u32 packet_size = QUIC_MAX_PACKET_SIZE + SESSION_CONN_HDR_LEN;
368 max_enqueue = svm_fifo_max_enqueue (udp_session->tx_fifo);
369 return clib_min (max_enqueue / packet_size, QUIC_SEND_PACKET_VEC_SIZE);
374 quic_ack_rx_data (session_t * stream_session)
379 quicly_stream_t *stream;
380 quic_stream_data_t *stream_data;
383 quic_ctx_get (stream_session->connection_index,
384 stream_session->thread_index);
385 ASSERT (quic_ctx_is_stream (sctx));
386 stream = sctx->c_quic_ctx_id.stream;
387 stream_data = (quic_stream_data_t *) stream->data;
389 f = stream_session->rx_fifo;
390 max_deq = svm_fifo_max_dequeue (f);
392 ASSERT (stream_data->app_rx_data_len >= max_deq);
393 quicly_stream_sync_recvbuf (stream, stream_data->app_rx_data_len - max_deq);
394 QUIC_DBG (3, "Acking %u bytes", stream_data->app_rx_data_len - max_deq);
395 stream_data->app_rx_data_len = max_deq;
399 quic_disconnect_transport (quic_ctx_t * ctx)
401 QUIC_DBG (2, "Disconnecting transport 0x%lx", ctx->udp_session_handle);
402 vnet_disconnect_args_t a = {
403 .handle = ctx->udp_session_handle,
404 .app_index = quic_main.app_index,
407 if (vnet_disconnect_session (&a))
408 clib_warning ("UDP session 0x%lx disconnect errored",
409 ctx->udp_session_handle);
413 quic_connection_closed (u32 ctx_index, u32 thread_index, u8 notify_transport)
415 QUIC_DBG (2, "QUIC connection closed");
416 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
417 clib_bihash_kv_16_8_t kv;
421 ctx = quic_ctx_get (ctx_index, thread_index);
422 ASSERT (!quic_ctx_is_stream (ctx));
423 /* TODO if connection is not established, just delete the session? */
426 if (ctx->timer_handle != QUIC_TIMER_HANDLE_INVALID)
428 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
429 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
432 /* Delete the connection from the connection map */
433 conn = ctx->c_quic_ctx_id.conn;
434 quic_make_connection_key (&kv, quicly_get_master_id (conn));
435 QUIC_DBG (2, "Deleting conn with id %lu %lu", kv.key[0], kv.key[1]);
436 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 0 /* is_add */ );
438 quic_disconnect_transport (ctx);
439 if (notify_transport)
440 session_transport_closing_notify (&ctx->connection);
442 session_transport_delete_notify (&ctx->connection);
443 /* Do not try to send anything anymore */
444 quicly_free (ctx->c_quic_ctx_id.conn);
445 ctx->c_quic_ctx_id.conn = NULL;
450 quic_send_datagram (session_t * udp_session, quicly_datagram_t * packet)
453 session_dgram_hdr_t hdr;
456 transport_connection_t *tc;
458 len = packet->data.len;
459 f = udp_session->tx_fifo;
460 tc = session_get_transport (udp_session);
461 max_enqueue = svm_fifo_max_enqueue (f);
462 if (max_enqueue < SESSION_CONN_HDR_LEN + len)
464 QUIC_DBG (1, "Too much data to send, max_enqueue %u, len %u",
465 max_enqueue, len + SESSION_CONN_HDR_LEN);
466 return QUIC_ERROR_FULL_FIFO;
469 /* Build packet header for fifo */
470 hdr.data_length = len;
472 hdr.is_ip4 = tc->is_ip4;
473 clib_memcpy (&hdr.lcl_ip, &tc->lcl_ip, sizeof (ip46_address_t));
474 hdr.lcl_port = tc->lcl_port;
476 /* Read dest address from quicly-provided sockaddr */
479 ASSERT (packet->sa.sa_family == AF_INET);
480 struct sockaddr_in *sa4 = (struct sockaddr_in *) &packet->sa;
481 hdr.rmt_port = sa4->sin_port;
482 hdr.rmt_ip.ip4.as_u32 = sa4->sin_addr.s_addr;
486 ASSERT (packet->sa.sa_family == AF_INET6);
487 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &packet->sa;
488 hdr.rmt_port = sa6->sin6_port;
489 clib_memcpy (&hdr.rmt_ip.ip6, &sa6->sin6_addr, 16);
492 ret = svm_fifo_enqueue (f, sizeof (hdr), (u8 *) & hdr);
493 if (ret != sizeof (hdr))
495 QUIC_DBG (1, "Not enough space to enqueue header");
496 return QUIC_ERROR_FULL_FIFO;
498 ret = svm_fifo_enqueue (f, len, packet->data.base);
501 QUIC_DBG (1, "Not enough space to enqueue payload");
502 return QUIC_ERROR_FULL_FIFO;
508 quic_send_packets (quic_ctx_t * ctx)
510 quicly_datagram_t *packets[QUIC_SEND_PACKET_VEC_SIZE];
511 session_t *udp_session;
513 size_t num_packets, i, max_packets;
514 quicly_context_t *quicly_context;
515 app_worker_t *app_wrk;
519 /* We have sctx, get qctx */
520 if (quic_ctx_is_stream (ctx))
522 quic_ctx_get (ctx->c_quic_ctx_id.quic_connection_ctx_id,
523 ctx->c_thread_index);
525 ASSERT (!quic_ctx_is_stream (ctx));
527 udp_session = session_get_from_handle_if_valid (ctx->udp_session_handle);
531 conn = ctx->c_quic_ctx_id.conn;
536 /* TODO : quicly can assert it can send min_packets up to 2 */
537 if (quic_sendable_packet_count (udp_session) < 2)
540 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
543 clib_warning ("Tried to send packets on non existing app worker %u",
544 ctx->parent_app_wrk_id);
545 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
546 1 /* notify_transport */ );
549 app = application_get (app_wrk->app_index);
551 quicly_context = (quicly_context_t *) app->quicly_ctx;
554 max_packets = quic_sendable_packet_count (udp_session);
557 num_packets = max_packets;
558 if ((err = quicly_send (conn, packets, &num_packets)))
561 for (i = 0; i != num_packets; ++i)
563 if ((err = quic_send_datagram (udp_session, packets[i])))
566 quicly_context->packet_allocator->
567 free_packet (quicly_context->packet_allocator, packets[i]);
570 while (num_packets > 0 && num_packets == max_packets);
573 if (svm_fifo_set_event (udp_session->tx_fifo))
575 session_send_io_evt_to_thread (udp_session->tx_fifo,
577 clib_warning ("Event enqueue errored %d", err);
579 QUIC_DBG (3, "%u[TX] %u[RX]", svm_fifo_max_dequeue (udp_session->tx_fifo),
580 svm_fifo_max_dequeue (udp_session->rx_fifo));
581 quic_update_timer (ctx);
585 if (err && err != QUICLY_ERROR_PACKET_IGNORED
586 && err != QUICLY_ERROR_FREE_CONNECTION)
587 clib_warning ("Quic error '%U'.", quic_format_err, err);
588 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
589 1 /* notify_transport */ );
593 /*****************************************************************************
595 * START QUICLY CALLBACKS
596 * Called from QUIC lib
598 *****************************************************************************/
601 quic_on_stream_destroy (quicly_stream_t * stream, int err)
603 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
605 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
606 session_t *stream_session =
607 session_get (sctx->c_s_index, sctx->c_thread_index);
608 QUIC_DBG (2, "DESTROYED_STREAM: session 0x%lx (%U)",
609 session_handle (stream_session), quic_format_err, err);
611 stream_session->session_state = SESSION_STATE_CLOSED;
612 session_transport_delete_notify (&sctx->connection);
614 quic_ctx_free (sctx);
619 quic_on_stop_sending (quicly_stream_t * stream, int err)
622 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
624 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
625 session_t *stream_session =
626 session_get (sctx->c_s_index, sctx->c_thread_index);
627 clib_warning ("(NOT IMPLEMENTD) STOP_SENDING: session 0x%lx (%U)",
628 session_handle (stream_session), quic_format_err, err);
630 /* TODO : handle STOP_SENDING */
635 quic_on_receive_reset (quicly_stream_t * stream, int err)
637 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
639 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
641 session_t *stream_session =
642 session_get (sctx->c_s_index, sctx->c_thread_index);
643 clib_warning ("RESET_STREAM: session 0x%lx (%U)",
644 session_handle (stream_session), quic_format_err, err);
646 session_transport_closing_notify (&sctx->connection);
651 quic_on_receive (quicly_stream_t * stream, size_t off, const void *src,
654 QUIC_DBG (3, "received data: %lu bytes, offset %lu", len, off);
657 session_t *stream_session;
658 app_worker_t *app_wrk;
660 quic_stream_data_t *stream_data;
663 stream_data = (quic_stream_data_t *) stream->data;
664 sctx = quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
665 stream_session = session_get (sctx->c_s_index, stream_data->thread_index);
666 f = stream_session->rx_fifo;
668 max_enq = svm_fifo_max_enqueue_prod (f);
669 QUIC_DBG (3, "Enqueuing %u at off %u in %u space", len, off, max_enq);
670 if (off - stream_data->app_rx_data_len + len > max_enq)
672 QUIC_DBG (1, "Error RX fifo is full");
675 if (off == stream_data->app_rx_data_len)
677 /* Streams live on the same thread so (f, stream_data) should stay consistent */
678 rlen = svm_fifo_enqueue (f, len, (u8 *) src);
679 stream_data->app_rx_data_len += rlen;
680 ASSERT (rlen >= len);
681 app_wrk = app_worker_get_if_valid (stream_session->app_wrk_index);
682 if (PREDICT_TRUE (app_wrk != 0))
683 app_worker_lock_and_send_event (app_wrk, stream_session,
685 quic_ack_rx_data (stream_session);
690 svm_fifo_enqueue_with_offset (f, off - stream_data->app_rx_data_len,
698 quic_fifo_egress_shift (quicly_stream_t * stream, size_t delta)
700 session_t *stream_session;
704 stream_session = get_stream_session_from_stream (stream);
705 f = stream_session->tx_fifo;
707 rv = svm_fifo_dequeue_drop (f, delta);
708 ASSERT (rv == delta);
709 quicly_stream_sync_sendbuf (stream, 0);
713 quic_fifo_egress_emit (quicly_stream_t * stream, size_t off, void *dst,
714 size_t * len, int *wrote_all)
716 session_t *stream_session;
718 u32 deq_max, first_deq, max_rd_chunk, rem_offset;
720 stream_session = get_stream_session_from_stream (stream);
721 f = stream_session->tx_fifo;
723 QUIC_DBG (3, "Emitting %u, offset %u", *len, off);
725 deq_max = svm_fifo_max_dequeue_cons (f);
726 ASSERT (off <= deq_max);
727 if (off + *len < deq_max)
734 *len = deq_max - off;
735 QUIC_DBG (3, "Wrote ALL, %u", *len);
738 /* TODO, use something like : return svm_fifo_peek (f, off, *len, dst); */
739 max_rd_chunk = svm_fifo_max_read_chunk (f);
742 if (off < max_rd_chunk)
744 first_deq = clib_min (*len, max_rd_chunk - off);
745 clib_memcpy_fast (dst, svm_fifo_head (f) + off, first_deq);
748 if (max_rd_chunk < off + *len)
750 rem_offset = max_rd_chunk < off ? off - max_rd_chunk : 0;
751 clib_memcpy_fast (dst + first_deq, f->head_chunk->data + rem_offset,
758 static const quicly_stream_callbacks_t quic_stream_callbacks = {
759 .on_destroy = quic_on_stream_destroy,
760 .on_send_shift = quic_fifo_egress_shift,
761 .on_send_emit = quic_fifo_egress_emit,
762 .on_send_stop = quic_on_stop_sending,
763 .on_receive = quic_on_receive,
764 .on_receive_reset = quic_on_receive_reset
768 quic_accept_stream (void *s)
770 quicly_stream_t *stream = (quicly_stream_t *) s;
771 session_t *stream_session, *quic_session;
772 quic_stream_data_t *stream_data;
773 app_worker_t *app_wrk;
774 quic_ctx_t *qctx, *sctx;
778 sctx_id = quic_ctx_alloc (vlib_get_thread_index ());
780 qctx = quic_get_conn_ctx (stream->conn);
782 stream_session = session_alloc (qctx->c_thread_index);
783 QUIC_DBG (2, "ACCEPTED stream_session 0x%lx ctx %u",
784 session_handle (stream_session), sctx_id);
785 sctx = quic_ctx_get (sctx_id, qctx->c_thread_index);
786 sctx->parent_app_wrk_id = qctx->parent_app_wrk_id;
787 sctx->parent_app_id = qctx->parent_app_id;
788 sctx->c_quic_ctx_id.quic_connection_ctx_id = qctx->c_c_index;
789 sctx->c_c_index = sctx_id;
790 sctx->c_s_index = stream_session->session_index;
791 sctx->c_quic_ctx_id.stream = stream;
792 sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
793 sctx->flags |= QUIC_F_IS_STREAM;
795 stream_data = (quic_stream_data_t *) stream->data;
796 stream_data->ctx_id = sctx_id;
797 stream_data->thread_index = sctx->c_thread_index;
798 stream_data->app_rx_data_len = 0;
800 sctx->c_s_index = stream_session->session_index;
801 stream_session->session_state = SESSION_STATE_CREATED;
802 stream_session->app_wrk_index = sctx->parent_app_wrk_id;
803 stream_session->connection_index = sctx->c_c_index;
804 stream_session->session_type =
805 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
806 qctx->c_quic_ctx_id.udp_is_ip4);
807 quic_session = session_get (qctx->c_s_index, qctx->c_thread_index);
808 stream_session->listener_handle = listen_session_get_handle (quic_session);
810 app_wrk = app_worker_get (stream_session->app_wrk_index);
811 if ((rv = app_worker_init_connected (app_wrk, stream_session)))
813 QUIC_DBG (1, "failed to allocate fifos");
814 session_free (stream_session);
815 quicly_reset_stream (stream, QUIC_APP_ALLOCATION_ERROR);
818 svm_fifo_add_want_deq_ntf (stream_session->rx_fifo,
819 SVM_FIFO_WANT_DEQ_NOTIF_IF_FULL |
820 SVM_FIFO_WANT_DEQ_NOTIF_IF_EMPTY);
822 rv = app_worker_accept_notify (app_wrk, stream_session);
825 QUIC_DBG (1, "failed to notify accept worker app");
826 session_free_w_fifos (stream_session);
827 quicly_reset_stream (stream, QUIC_APP_ACCEPT_NOTIFY_ERROR);
833 quic_on_stream_open (quicly_stream_open_t * self, quicly_stream_t * stream)
835 QUIC_DBG (2, "on_stream_open called");
836 stream->data = malloc (sizeof (quic_stream_data_t));
837 stream->callbacks = &quic_stream_callbacks;
838 /* Notify accept on parent qsession, but only if this is not a locally
839 * initiated stream */
840 if (!quicly_stream_is_self_initiated (stream))
842 quic_accept_stream (stream);
848 quic_on_closed_by_peer (quicly_closed_by_peer_t * self, quicly_conn_t * conn,
849 int code, uint64_t frame_type,
850 const char *reason, size_t reason_len)
852 quic_ctx_t *ctx = quic_get_conn_ctx (conn);
854 session_t *quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
855 clib_warning ("Session 0x%lx closed by peer (%U) %.*s ",
856 session_handle (quic_session), quic_format_err, code,
859 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_PASSIVE_CLOSING;
860 session_transport_closing_notify (&ctx->connection);
863 static quicly_stream_open_t on_stream_open = { &quic_on_stream_open };
864 static quicly_closed_by_peer_t on_closed_by_peer =
865 { &quic_on_closed_by_peer };
868 /*****************************************************************************
870 * END QUICLY CALLBACKS
872 *****************************************************************************/
874 /*****************************************************************************
876 * BEGIN TIMERS HANDLING
878 *****************************************************************************/
881 quic_get_thread_time (u8 thread_index)
883 return quic_main.wrk_ctx[thread_index].time_now;
887 quic_get_time (quicly_now_t * self)
889 u8 thread_index = vlib_get_thread_index ();
890 return quic_get_thread_time (thread_index);
893 static quicly_now_t quicly_vpp_now_cb = { quic_get_time };
896 quic_set_time_now (u32 thread_index)
898 vlib_main_t *vlib_main = vlib_get_main ();
899 f64 time = vlib_time_now (vlib_main);
900 quic_main.wrk_ctx[thread_index].time_now = (int64_t) (time * 1000.f);
901 return quic_main.wrk_ctx[thread_index].time_now;
904 /* Transport proto callback */
906 quic_update_time (f64 now, u8 thread_index)
908 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
910 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
911 quic_set_time_now (thread_index);
912 tw_timer_expire_timers_1t_3w_1024sl_ov (tw, now);
916 quic_timer_expired (u32 conn_index)
919 QUIC_DBG (4, "Timer expired for conn %u at %ld", conn_index,
920 quic_get_time (NULL));
921 ctx = quic_ctx_get (conn_index, vlib_get_thread_index ());
922 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
923 quic_send_packets (ctx);
927 quic_update_timer (quic_ctx_t * ctx)
929 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
930 int64_t next_timeout, next_interval;
931 session_t *quic_session;
933 /* This timeout is in ms which is the unit of our timer */
934 next_timeout = quicly_get_first_timeout (ctx->c_quic_ctx_id.conn);
935 next_interval = next_timeout - quic_get_time (NULL);
937 if (next_timeout == 0 || next_interval <= 0)
939 if (ctx->c_s_index == QUIC_SESSION_INVALID)
945 quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
946 if (svm_fifo_set_event (quic_session->tx_fifo))
947 session_send_io_evt_to_thread_custom (quic_session,
948 quic_session->thread_index,
949 SESSION_IO_EVT_BUILTIN_TX);
954 tw = &quic_main.wrk_ctx[vlib_get_thread_index ()].timer_wheel;
956 QUIC_DBG (4, "Timer set to %ld (int %ld) for ctx %u", next_timeout,
957 next_interval, ctx->c_c_index);
959 if (ctx->timer_handle == QUIC_TIMER_HANDLE_INVALID)
961 if (next_timeout == INT64_MAX)
963 QUIC_DBG (4, "timer for ctx %u already stopped", ctx->c_c_index);
967 tw_timer_start_1t_3w_1024sl_ov (tw, ctx->c_c_index, 0, next_interval);
971 if (next_timeout == INT64_MAX)
973 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
974 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
975 QUIC_DBG (4, "Stopping timer for ctx %u", ctx->c_c_index);
978 tw_timer_update_1t_3w_1024sl_ov (tw, ctx->timer_handle,
985 quic_expired_timers_dispatch (u32 * expired_timers)
989 for (i = 0; i < vec_len (expired_timers); i++)
991 quic_timer_expired (expired_timers[i]);
995 /*****************************************************************************
997 * END TIMERS HANDLING
999 *****************************************************************************/
1001 /* single-entry session cache */
1002 struct st_util_session_cache_t
1004 ptls_encrypt_ticket_t super;
1010 encrypt_ticket_cb (ptls_encrypt_ticket_t * _self, ptls_t * tls,
1011 int is_encrypt, ptls_buffer_t * dst, ptls_iovec_t src)
1013 struct st_util_session_cache_t *self = (void *) _self;
1019 /* replace the cached entry along with a newly generated session id */
1020 free (self->data.base);
1021 if ((self->data.base = malloc (src.len)) == NULL)
1022 return PTLS_ERROR_NO_MEMORY;
1024 ptls_get_context (tls)->random_bytes (self->id, sizeof (self->id));
1025 memcpy (self->data.base, src.base, src.len);
1026 self->data.len = src.len;
1028 /* store the session id in buffer */
1029 if ((ret = ptls_buffer_reserve (dst, sizeof (self->id))) != 0)
1031 memcpy (dst->base + dst->off, self->id, sizeof (self->id));
1032 dst->off += sizeof (self->id);
1038 /* check if session id is the one stored in cache */
1039 if (src.len != sizeof (self->id))
1040 return PTLS_ERROR_SESSION_NOT_FOUND;
1041 if (memcmp (self->id, src.base, sizeof (self->id)) != 0)
1042 return PTLS_ERROR_SESSION_NOT_FOUND;
1044 /* return the cached value */
1045 if ((ret = ptls_buffer_reserve (dst, self->data.len)) != 0)
1047 memcpy (dst->base + dst->off, self->data.base, self->data.len);
1048 dst->off += self->data.len;
1055 static struct st_util_session_cache_t sc = {
1057 .cb = encrypt_ticket_cb,
1061 static ptls_context_t quic_tlsctx = {
1062 .random_bytes = ptls_openssl_random_bytes,
1063 .get_time = &ptls_get_time,
1064 .key_exchanges = ptls_openssl_key_exchanges,
1065 .cipher_suites = ptls_openssl_cipher_suites,
1071 .on_client_hello = NULL,
1072 .emit_certificate = NULL,
1073 .sign_certificate = NULL,
1074 .verify_certificate = NULL,
1075 .ticket_lifetime = 86400,
1076 .max_early_data_size = 8192,
1077 .hkdf_label_prefix__obsolete = NULL,
1078 .require_dhe_on_psk = 1,
1079 .encrypt_ticket = &sc.super,
1084 ptls_compare_separator_line (const char *line, const char *begin_or_end,
1087 int ret = strncmp (line, "-----", 5);
1088 size_t text_index = 5;
1092 size_t begin_or_end_length = strlen (begin_or_end);
1093 ret = strncmp (line + text_index, begin_or_end, begin_or_end_length);
1094 text_index += begin_or_end_length;
1099 ret = line[text_index] - ' ';
1105 size_t label_length = strlen (label);
1106 ret = strncmp (line + text_index, label, label_length);
1107 text_index += label_length;
1112 ret = strncmp (line + text_index, "-----", 5);
1119 ptls_get_bio_pem_object (BIO * bio, const char *label, ptls_buffer_t * buf)
1121 int ret = PTLS_ERROR_PEM_LABEL_NOT_FOUND;
1123 ptls_base64_decode_state_t state;
1125 /* Get the label on a line by itself */
1126 while (BIO_gets (bio, line, 256))
1128 if (ptls_compare_separator_line (line, "BEGIN", label) == 0)
1131 ptls_base64_decode_init (&state);
1135 /* Get the data in the buffer */
1136 while (ret == 0 && BIO_gets (bio, line, 256))
1138 if (ptls_compare_separator_line (line, "END", label) == 0)
1140 if (state.status == PTLS_BASE64_DECODE_DONE
1141 || (state.status == PTLS_BASE64_DECODE_IN_PROGRESS
1148 ret = PTLS_ERROR_INCORRECT_BASE64;
1154 ret = ptls_base64_decode (line, &state, buf);
1162 ptls_load_bio_pem_objects (BIO * bio, const char *label, ptls_iovec_t * list,
1163 size_t list_max, size_t * nb_objects)
1172 while (count < list_max)
1176 ptls_buffer_init (&buf, "", 0);
1178 ret = ptls_get_bio_pem_object (bio, label, &buf);
1182 if (buf.off > 0 && buf.is_allocated)
1184 list[count].base = buf.base;
1185 list[count].len = buf.off;
1190 ptls_buffer_dispose (&buf);
1195 ptls_buffer_dispose (&buf);
1201 if (ret == PTLS_ERROR_PEM_LABEL_NOT_FOUND && count > 0)
1206 *nb_objects = count;
1211 #define PTLS_MAX_CERTS_IN_CONTEXT 16
1214 ptls_load_bio_certificates (ptls_context_t * ctx, BIO * bio)
1218 ctx->certificates.list =
1219 (ptls_iovec_t *) malloc (PTLS_MAX_CERTS_IN_CONTEXT *
1220 sizeof (ptls_iovec_t));
1222 if (ctx->certificates.list == NULL)
1224 ret = PTLS_ERROR_NO_MEMORY;
1229 ptls_load_bio_pem_objects (bio, "CERTIFICATE", ctx->certificates.list,
1230 PTLS_MAX_CERTS_IN_CONTEXT,
1231 &ctx->certificates.count);
1238 load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data)
1241 cert_bio = BIO_new_mem_buf (cert_data, -1);
1242 if (ptls_load_bio_certificates (ctx, cert_bio) != 0)
1244 BIO_free (cert_bio);
1245 fprintf (stderr, "failed to load certificate:%s\n", strerror (errno));
1248 BIO_free (cert_bio);
1252 load_bio_private_key (ptls_context_t * ctx, const char *pk_data)
1254 static ptls_openssl_sign_certificate_t sc;
1258 key_bio = BIO_new_mem_buf (pk_data, -1);
1259 pkey = PEM_read_bio_PrivateKey (key_bio, NULL, NULL, NULL);
1264 fprintf (stderr, "failed to read private key from app configuration\n");
1268 ptls_openssl_init_sign_certificate (&sc, pkey);
1269 EVP_PKEY_free (pkey);
1271 ctx->sign_certificate = &sc.super;
1275 allocate_quicly_ctx (application_t * app, u8 is_client)
1282 quicly_context_t *quicly_ctx;
1283 ptls_iovec_t key_vec;
1284 QUIC_DBG (2, "Called allocate_quicly_ctx");
1286 if (app->quicly_ctx)
1288 QUIC_DBG (1, "Trying to reallocate quicly_ctx");
1292 ctx_data = malloc (sizeof (*ctx_data));
1293 quicly_ctx = &ctx_data->_;
1294 app->quicly_ctx = (u64 *) quicly_ctx;
1295 memcpy (quicly_ctx, &quicly_spec_context, sizeof (quicly_context_t));
1297 quicly_ctx->max_packet_size = QUIC_MAX_PACKET_SIZE;
1298 quicly_ctx->tls = &quic_tlsctx;
1299 quicly_ctx->stream_open = &on_stream_open;
1300 quicly_ctx->closed_by_peer = &on_closed_by_peer;
1301 quicly_ctx->now = &quicly_vpp_now_cb;
1303 quicly_amend_ptls_context (quicly_ctx->tls);
1305 quicly_ctx->event_log.mask = 0; /* logs */
1306 quicly_ctx->event_log.cb = quicly_new_default_event_logger (stderr);
1308 quicly_ctx->transport_params.max_data = QUIC_INT_MAX;
1309 quicly_ctx->transport_params.max_streams_uni = QUIC_INT_MAX;
1310 quicly_ctx->transport_params.max_streams_bidi = QUIC_INT_MAX;
1311 quicly_ctx->transport_params.max_stream_data.bidi_local = (QUIC_FIFO_SIZE - 1); /* max_enq is SIZE - 1 */
1312 quicly_ctx->transport_params.max_stream_data.bidi_remote = (QUIC_FIFO_SIZE - 1); /* max_enq is SIZE - 1 */
1313 quicly_ctx->transport_params.max_stream_data.uni = QUIC_INT_MAX;
1315 quicly_ctx->tls->random_bytes (ctx_data->cid_key, 16);
1316 ctx_data->cid_key[16] = 0;
1317 key_vec = ptls_iovec_init (ctx_data->cid_key, strlen (ctx_data->cid_key));
1318 quicly_ctx->cid_encryptor =
1319 quicly_new_default_cid_encryptor (&ptls_openssl_bfecb,
1320 &ptls_openssl_sha256, key_vec);
1321 if (!is_client && app->tls_key != NULL && app->tls_cert != NULL)
1323 load_bio_private_key (quicly_ctx->tls, (char *) app->tls_key);
1324 load_bio_certificate_chain (quicly_ctx->tls, (char *) app->tls_cert);
1328 /*****************************************************************************
1330 * BEGIN TRANSPORT PROTO FUNCTIONS
1332 *****************************************************************************/
1335 quic_connect_new_stream (session_endpoint_cfg_t * sep)
1337 uint64_t quic_session_handle;
1338 session_t *quic_session, *stream_session;
1339 quic_stream_data_t *stream_data;
1340 quicly_stream_t *stream;
1341 quicly_conn_t *conn;
1342 app_worker_t *app_wrk;
1343 quic_ctx_t *qctx, *sctx;
1347 /* Find base session to which the user want to attach a stream */
1348 quic_session_handle = sep->transport_opts;
1349 QUIC_DBG (2, "Opening new stream (qsession %u)", sep->transport_opts);
1350 quic_session = session_get_from_handle (quic_session_handle);
1352 if (quic_session->session_type !=
1353 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC, sep->is_ip4))
1355 QUIC_DBG (1, "received incompatible session");
1359 app_wrk = app_worker_get_if_valid (quic_session->app_wrk_index);
1362 QUIC_DBG (1, "Invalid app worker :(");
1366 sctx_index = quic_ctx_alloc (quic_session->thread_index); /* Allocate before we get pointers */
1367 sctx = quic_ctx_get (sctx_index, quic_session->thread_index);
1369 quic_ctx_get (quic_session->connection_index, quic_session->thread_index);
1370 if (quic_ctx_is_stream (qctx))
1372 QUIC_DBG (1, "session is a stream");
1373 quic_ctx_free (sctx);
1377 sctx->parent_app_wrk_id = qctx->parent_app_wrk_id;
1378 sctx->parent_app_id = qctx->parent_app_id;
1379 sctx->c_quic_ctx_id.quic_connection_ctx_id = qctx->c_c_index;
1380 sctx->c_c_index = sctx_index;
1381 sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1382 sctx->flags |= QUIC_F_IS_STREAM;
1384 conn = qctx->c_quic_ctx_id.conn;
1386 if (!conn || !quicly_connection_is_ready (conn))
1389 if ((rv = quicly_open_stream (conn, &stream, 0 /* uni */ )))
1391 QUIC_DBG (2, "Stream open failed with %d", rv);
1394 sctx->c_quic_ctx_id.stream = stream;
1396 QUIC_DBG (2, "Opened stream %d, creating session", stream->stream_id);
1398 stream_session = session_alloc (qctx->c_thread_index);
1399 QUIC_DBG (2, "Allocated stream_session 0x%lx ctx %u",
1400 session_handle (stream_session), sctx_index);
1401 stream_session->app_wrk_index = app_wrk->wrk_index;
1402 stream_session->connection_index = sctx_index;
1403 stream_session->listener_handle = quic_session_handle;
1404 stream_session->session_type =
1405 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
1406 qctx->c_quic_ctx_id.udp_is_ip4);
1408 sctx->c_s_index = stream_session->session_index;
1410 if (app_worker_init_connected (app_wrk, stream_session))
1412 QUIC_DBG (1, "failed to app_worker_init_connected");
1413 quicly_reset_stream (stream, QUIC_APP_ALLOCATION_ERROR);
1414 session_free_w_fifos (stream_session);
1415 quic_ctx_free (sctx);
1416 return app_worker_connect_notify (app_wrk, NULL, sep->opaque);
1419 svm_fifo_add_want_deq_ntf (stream_session->rx_fifo,
1420 SVM_FIFO_WANT_DEQ_NOTIF_IF_FULL |
1421 SVM_FIFO_WANT_DEQ_NOTIF_IF_EMPTY);
1423 stream_session->session_state = SESSION_STATE_READY;
1424 if (app_worker_connect_notify (app_wrk, stream_session, sep->opaque))
1426 QUIC_DBG (1, "failed to notify app");
1427 quicly_reset_stream (stream, QUIC_APP_CONNECT_NOTIFY_ERROR);
1428 session_free_w_fifos (stream_session);
1429 quic_ctx_free (sctx);
1432 stream_data = (quic_stream_data_t *) stream->data;
1433 stream_data->ctx_id = sctx->c_c_index;
1434 stream_data->thread_index = sctx->c_thread_index;
1435 stream_data->app_rx_data_len = 0;
1440 quic_connect_new_connection (session_endpoint_cfg_t * sep)
1442 vnet_connect_args_t _cargs = { {}, }, *cargs = &_cargs;
1443 quic_main_t *qm = &quic_main;
1445 app_worker_t *app_wrk;
1450 ctx_index = quic_ctx_alloc (vlib_get_thread_index ());
1451 ctx = quic_ctx_get (ctx_index, vlib_get_thread_index ());
1452 ctx->parent_app_wrk_id = sep->app_wrk_index;
1453 ctx->c_s_index = QUIC_SESSION_INVALID;
1454 ctx->c_c_index = ctx_index;
1455 ctx->c_quic_ctx_id.udp_is_ip4 = sep->is_ip4;
1456 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1457 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_HANDSHAKE;
1458 ctx->c_quic_ctx_id.client_opaque = sep->opaque;
1459 ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1462 ctx->c_quic_ctx_id.srv_hostname = format (0, "%v", sep->hostname);
1463 vec_terminate_c_string (ctx->c_quic_ctx_id.srv_hostname);
1467 /* needed by quic for crypto + determining client / server */
1468 ctx->c_quic_ctx_id.srv_hostname =
1469 format (0, "%U", format_ip46_address, &sep->ip, sep->is_ip4);
1472 clib_memcpy (&cargs->sep, sep, sizeof (session_endpoint_cfg_t));
1473 cargs->sep.transport_proto = TRANSPORT_PROTO_UDPC;
1474 cargs->app_index = qm->app_index;
1475 cargs->api_context = ctx_index;
1477 app_wrk = app_worker_get (sep->app_wrk_index);
1478 app = application_get (app_wrk->app_index);
1479 ctx->parent_app_id = app_wrk->app_index;
1480 cargs->sep_ext.ns_index = app->ns_index;
1482 allocate_quicly_ctx (app, 1 /* is client */ );
1484 if ((error = vnet_connect (cargs)))
1491 quic_connect (transport_endpoint_cfg_t * tep)
1493 QUIC_DBG (2, "Called quic_connect");
1494 session_endpoint_cfg_t *sep = (session_endpoint_cfg_t *) tep;
1495 sep = (session_endpoint_cfg_t *) tep;
1496 if (sep->transport_opts)
1497 return quic_connect_new_stream (sep);
1499 return quic_connect_new_connection (sep);
1503 quic_proto_on_close (u32 ctx_index, u32 thread_index)
1505 quic_ctx_t *ctx = quic_ctx_get_if_valid (ctx_index, thread_index);
1509 session_t *stream_session =
1510 session_get (ctx->c_s_index, ctx->c_thread_index);
1511 clib_warning ("Closing session 0x%lx", session_handle (stream_session));
1513 if (quic_ctx_is_stream (ctx))
1515 quicly_stream_t *stream = ctx->c_quic_ctx_id.stream;
1516 quicly_reset_stream (stream, QUIC_APP_ERROR_CLOSE_NOTIFY);
1517 quic_send_packets (ctx);
1519 else if (ctx->c_quic_ctx_id.conn_state == QUIC_CONN_STATE_PASSIVE_CLOSING)
1520 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
1521 0 /* notify_transport */ );
1524 quicly_conn_t *conn = ctx->c_quic_ctx_id.conn;
1525 /* Start connection closing. Keep sending packets until quicly_send
1526 returns QUICLY_ERROR_FREE_CONNECTION */
1527 quicly_close (conn, QUIC_APP_ERROR_CLOSE_NOTIFY, "Closed by peer");
1528 /* This also causes all streams to be closed (and the cb called) */
1529 quic_send_packets (ctx);
1534 quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep)
1536 vnet_listen_args_t _bargs, *args = &_bargs;
1537 quic_main_t *qm = &quic_main;
1538 session_handle_t udp_handle;
1539 session_endpoint_cfg_t *sep;
1540 session_t *udp_listen_session;
1541 app_worker_t *app_wrk;
1545 app_listener_t *app_listener;
1547 sep = (session_endpoint_cfg_t *) tep;
1548 app_wrk = app_worker_get (sep->app_wrk_index);
1549 /* We need to call this because we call app_worker_init_connected in
1550 * quic_accept_stream, which assumes the connect segment manager exists */
1551 app_worker_alloc_connects_segment_manager (app_wrk);
1552 app = application_get (app_wrk->app_index);
1553 QUIC_DBG (2, "Called quic_start_listen for app %d", app_wrk->app_index);
1555 allocate_quicly_ctx (app, 0 /* is_client */ );
1557 sep->transport_proto = TRANSPORT_PROTO_UDPC;
1558 memset (args, 0, sizeof (*args));
1559 args->app_index = qm->app_index;
1560 args->sep_ext = *sep;
1561 args->sep_ext.ns_index = app->ns_index;
1562 if (vnet_listen (args))
1565 lctx_index = quic_ctx_alloc (0);
1566 udp_handle = args->handle;
1567 app_listener = app_listener_get_w_handle (udp_handle);
1568 udp_listen_session = app_listener_get_session (app_listener);
1569 udp_listen_session->opaque = lctx_index;
1571 lctx = quic_ctx_get (lctx_index, 0);
1572 lctx->flags |= QUIC_F_IS_LISTENER;
1574 clib_memcpy (&lctx->c_rmt_ip, &args->sep.peer.ip, sizeof (ip46_address_t));
1575 clib_memcpy (&lctx->c_lcl_ip, &args->sep.ip, sizeof (ip46_address_t));
1576 lctx->c_rmt_port = args->sep.peer.port;
1577 lctx->c_lcl_port = args->sep.port;
1578 lctx->c_is_ip4 = args->sep.is_ip4;
1579 lctx->c_fib_index = args->sep.fib_index;
1580 lctx->c_proto = TRANSPORT_PROTO_QUIC;
1581 lctx->parent_app_wrk_id = sep->app_wrk_index;
1582 lctx->parent_app_id = app_wrk->app_index;
1583 lctx->udp_session_handle = udp_handle;
1584 lctx->c_s_index = quic_listen_session_index;
1586 QUIC_DBG (2, "Listening UDP session 0x%lx",
1587 session_handle (udp_listen_session));
1588 QUIC_DBG (2, "Listening QUIC session 0x%lx", quic_listen_session_index);
1593 quic_stop_listen (u32 lctx_index)
1595 QUIC_DBG (2, "Called quic_stop_listen");
1597 lctx = quic_ctx_get (lctx_index, 0);
1598 ASSERT (quic_ctx_is_listener (lctx));
1599 vnet_unlisten_args_t a = {
1600 .handle = lctx->udp_session_handle,
1601 .app_index = quic_main.app_index,
1602 .wrk_map_index = 0 /* default wrk */
1604 if (vnet_unlisten (&a))
1605 clib_warning ("unlisten errored");
1607 /* TODO: crypto state cleanup */
1609 quic_ctx_free (lctx);
1613 static transport_connection_t *
1614 quic_connection_get (u32 ctx_index, u32 thread_index)
1617 ctx = quic_ctx_get (ctx_index, thread_index);
1618 return &ctx->connection;
1621 static transport_connection_t *
1622 quic_listener_get (u32 listener_index)
1624 QUIC_DBG (2, "Called quic_listener_get");
1626 ctx = quic_ctx_get (listener_index, 0);
1627 return &ctx->connection;
1631 format_quic_ctx (u8 * s, va_list * args)
1633 quic_ctx_t *ctx = va_arg (*args, quic_ctx_t *);
1634 u32 verbose = va_arg (*args, u32);
1638 s = format (s, "[#%d][Q] ", ctx->c_thread_index);
1640 if (!quic_ctx_is_listener (ctx))
1642 s = format (s, "%s Session: ", quic_ctx_is_stream (ctx) ?
1645 s = format (s, "app %d wrk %d", ctx->parent_app_id,
1646 ctx->parent_app_wrk_id);
1651 s = format (s, "%U:%d->%U:%d", format_ip4_address, &ctx->c_lcl_ip4,
1652 clib_net_to_host_u16 (ctx->c_lcl_port),
1653 format_ip4_address, &ctx->c_rmt_ip4,
1654 clib_net_to_host_u16 (ctx->c_rmt_port));
1656 s = format (s, "%U:%d->%U:%d", format_ip6_address, &ctx->c_lcl_ip6,
1657 clib_net_to_host_u16 (ctx->c_lcl_port),
1658 format_ip6_address, &ctx->c_rmt_ip6,
1659 clib_net_to_host_u16 (ctx->c_rmt_port));
1665 format_quic_connection (u8 * s, va_list * args)
1667 u32 qc_index = va_arg (*args, u32);
1668 u32 thread_index = va_arg (*args, u32);
1669 u32 verbose = va_arg (*args, u32);
1670 quic_ctx_t *ctx = quic_ctx_get (qc_index, thread_index);
1672 s = format (s, "%-50U", format_quic_ctx, ctx, verbose);
1677 format_quic_half_open (u8 * s, va_list * args)
1679 u32 qc_index = va_arg (*args, u32);
1680 u32 thread_index = va_arg (*args, u32);
1681 quic_ctx_t *ctx = quic_ctx_get (qc_index, thread_index);
1682 s = format (s, "[QUIC] half-open app %u", ctx->parent_app_id);
1688 format_quic_listener (u8 * s, va_list * args)
1690 u32 tci = va_arg (*args, u32);
1691 u32 thread_index = va_arg (*args, u32);
1692 u32 verbose = va_arg (*args, u32);
1693 quic_ctx_t *ctx = quic_ctx_get (tci, thread_index);
1696 ASSERT (quic_ctx_is_listener (ctx));
1697 s = format (s, "%-50U", format_quic_ctx, ctx, verbose);
1702 /*****************************************************************************
1703 * END TRANSPORT PROTO FUNCTIONS
1705 * START SESSION CALLBACKS
1706 * Called from UDP layer
1707 *****************************************************************************/
1710 quic_build_sockaddr (struct sockaddr *sa, socklen_t * salen,
1711 ip46_address_t * addr, u16 port, u8 is_ip4)
1715 struct sockaddr_in *sa4 = (struct sockaddr_in *) sa;
1716 sa4->sin_family = AF_INET;
1717 sa4->sin_port = port;
1718 sa4->sin_addr.s_addr = addr->ip4.as_u32;
1719 *salen = sizeof (struct sockaddr_in);
1723 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) sa;
1724 sa6->sin6_family = AF_INET6;
1725 sa6->sin6_port = port;
1726 clib_memcpy (&sa6->sin6_addr, &addr->ip6, 16);
1727 *salen = sizeof (struct sockaddr_in6);
1732 quic_on_client_connected (quic_ctx_t * ctx)
1734 session_t *quic_session;
1735 app_worker_t *app_wrk;
1736 u32 ctx_id = ctx->c_c_index;
1737 u32 thread_index = ctx->c_thread_index;
1739 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1742 quic_disconnect_transport (ctx);
1746 quic_session = session_alloc (thread_index);
1748 QUIC_DBG (2, "Allocated quic session 0x%lx", session_handle (quic_session));
1749 ctx->c_s_index = quic_session->session_index;
1750 quic_session->app_wrk_index = ctx->parent_app_wrk_id;
1751 quic_session->connection_index = ctx->c_c_index;
1752 quic_session->listener_handle = SESSION_INVALID_HANDLE;
1753 quic_session->session_type =
1754 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
1755 ctx->c_quic_ctx_id.udp_is_ip4);
1757 if (app_worker_init_connected (app_wrk, quic_session))
1759 QUIC_DBG (1, "failed to app_worker_init_connected");
1760 quic_proto_on_close (ctx_id, thread_index);
1761 return app_worker_connect_notify (app_wrk, NULL,
1762 ctx->c_quic_ctx_id.client_opaque);
1765 quic_session->session_state = SESSION_STATE_CONNECTING;
1766 if (app_worker_connect_notify
1767 (app_wrk, quic_session, ctx->c_quic_ctx_id.client_opaque))
1769 QUIC_DBG (1, "failed to notify app");
1770 quic_proto_on_close (ctx_id, thread_index);
1774 /* If the app opens a stream in its callback it may invalidate ctx */
1775 ctx = quic_ctx_get (ctx_id, thread_index);
1776 quic_session->session_state = SESSION_STATE_LISTENING;
1782 quic_receive_connection (void *arg)
1784 u32 new_ctx_id, thread_index = vlib_get_thread_index ();
1785 quic_ctx_t *temp_ctx, *new_ctx;
1786 clib_bihash_kv_16_8_t kv;
1787 quicly_conn_t *conn;
1790 new_ctx_id = quic_ctx_alloc (thread_index);
1791 new_ctx = quic_ctx_get (new_ctx_id, thread_index);
1793 QUIC_DBG (2, "Received conn %u (now %u)", temp_ctx->c_thread_index,
1797 memcpy (new_ctx, temp_ctx, sizeof (quic_ctx_t));
1800 new_ctx->c_thread_index = thread_index;
1801 new_ctx->c_c_index = new_ctx_id;
1803 conn = new_ctx->c_quic_ctx_id.conn;
1804 quic_store_conn_ctx (conn, new_ctx);
1805 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1806 kv.value = ((u64) thread_index) << 32 | (u64) new_ctx_id;
1807 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
1808 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
1809 new_ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1810 quic_update_timer (new_ctx);
1812 /* Trigger read on this connection ? */
1816 quic_transfer_connection (u32 ctx_index, u32 dest_thread)
1818 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
1819 quic_ctx_t *ctx, *temp_ctx;
1820 clib_bihash_kv_16_8_t kv;
1821 quicly_conn_t *conn;
1822 u32 thread_index = vlib_get_thread_index ();
1824 QUIC_DBG (2, "Transferring conn %u to thread %u", ctx_index, dest_thread);
1826 temp_ctx = malloc (sizeof (quic_ctx_t));
1828 ctx = quic_ctx_get (ctx_index, thread_index);
1830 memcpy (temp_ctx, ctx, sizeof (quic_ctx_t));
1832 /* Remove from lookup hash, timer wheel and thread-local pool */
1833 conn = ctx->c_quic_ctx_id.conn;
1834 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1835 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 0 /* is_add */ );
1836 if (ctx->timer_handle != QUIC_TIMER_HANDLE_INVALID)
1838 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
1839 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
1841 quic_ctx_free (ctx);
1843 /* Send connection to destination thread */
1844 session_send_rpc_evt_to_thread (dest_thread, quic_receive_connection,
1849 quic_transfer_connection_rpc (void *arg)
1851 u64 arg_int = (u64) arg;
1852 u32 ctx_index, dest_thread;
1854 ctx_index = (u32) (arg_int >> 32);
1855 dest_thread = (u32) (arg_int & UINT32_MAX);
1856 quic_transfer_connection (ctx_index, dest_thread);
1860 * This assumes that the connection is not yet associated to a session
1861 * So currently it only works on the client side when receiving the first packet
1865 quic_move_connection_to_thread (u32 ctx_index, u32 owner_thread,
1868 QUIC_DBG (2, "Requesting transfer of conn %u from thread %u", ctx_index,
1870 u64 arg = ((u64) ctx_index) << 32 | to_thread;
1871 session_send_rpc_evt_to_thread (owner_thread, quic_transfer_connection_rpc,
1876 quic_session_connected_callback (u32 quic_app_index, u32 ctx_index,
1877 session_t * udp_session, u8 is_fail)
1879 QUIC_DBG (2, "QSession is now connected (id %u)",
1880 udp_session->session_index);
1881 /* This should always be called before quic_connect returns since UDP always
1882 * connects instantly. */
1883 clib_bihash_kv_16_8_t kv;
1884 struct sockaddr_in6 sa6;
1885 struct sockaddr *sa = (struct sockaddr *) &sa6;
1887 transport_connection_t *tc;
1888 app_worker_t *app_wrk;
1889 quicly_conn_t *conn;
1892 u32 thread_index = vlib_get_thread_index ();
1895 ctx = quic_ctx_get (ctx_index, thread_index);
1901 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1904 api_context = ctx->c_s_index;
1905 app_worker_connect_notify (app_wrk, 0, api_context);
1910 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1913 QUIC_DBG (1, "Appwrk not found");
1916 app = application_get (app_wrk->app_index);
1918 ctx->c_thread_index = thread_index;
1919 ctx->c_c_index = ctx_index;
1921 QUIC_DBG (2, "Quic connect returned %u. New ctx [%u]%x",
1922 is_fail, thread_index, (ctx) ? ctx_index : ~0);
1924 ctx->udp_session_handle = session_handle (udp_session);
1925 udp_session->opaque = ctx->parent_app_id;
1926 udp_session->session_state = SESSION_STATE_READY;
1928 /* Init QUIC lib connection
1929 * Generate required sockaddr & salen */
1930 tc = session_get_transport (udp_session);
1931 quic_build_sockaddr (sa, &salen, &tc->rmt_ip, tc->rmt_port, tc->is_ip4);
1934 quicly_connect (&ctx->c_quic_ctx_id.conn,
1935 (quicly_context_t *) app->quicly_ctx,
1936 (char *) ctx->c_quic_ctx_id.srv_hostname, sa, salen,
1937 &quic_main.next_cid, &quic_main.hs_properties, NULL);
1938 ++quic_main.next_cid.master_id;
1939 /* Save context handle in quicly connection */
1940 quic_store_conn_ctx (ctx->c_quic_ctx_id.conn, ctx);
1943 /* Register connection in connections map */
1944 conn = ctx->c_quic_ctx_id.conn;
1945 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1946 kv.value = ((u64) thread_index) << 32 | (u64) ctx_index;
1947 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
1948 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
1950 quic_send_packets (ctx);
1952 /* UDP stack quirk? preemptively transfer connection if that happens */
1953 if (udp_session->thread_index != thread_index)
1954 quic_transfer_connection (ctx_index, udp_session->thread_index);
1960 quic_session_disconnect_callback (session_t * s)
1962 clib_warning ("UDP session disconnected???");
1966 quic_session_reset_callback (session_t * s)
1968 clib_warning ("UDP session reset???");
1972 quic_session_accepted_callback (session_t * udp_session)
1974 /* New UDP connection, try to accept it */
1977 quic_ctx_t *ctx, *lctx;
1978 session_t *udp_listen_session;
1979 u32 thread_index = vlib_get_thread_index ();
1981 udp_listen_session =
1982 listen_session_get_from_handle (udp_session->listener_handle);
1984 ctx_index = quic_ctx_alloc (thread_index);
1985 ctx = quic_ctx_get (ctx_index, thread_index);
1986 ctx->c_thread_index = udp_session->thread_index;
1987 ctx->c_c_index = ctx_index;
1988 ctx->c_s_index = QUIC_SESSION_INVALID;
1989 ctx->udp_session_handle = session_handle (udp_session);
1990 QUIC_DBG (2, "ACCEPTED UDP 0x%lx", ctx->udp_session_handle);
1991 ctx->c_quic_ctx_id.listener_ctx_id = udp_listen_session->opaque;
1992 lctx = quic_ctx_get (udp_listen_session->opaque,
1993 udp_listen_session->thread_index);
1994 ctx->c_quic_ctx_id.udp_is_ip4 = lctx->c_is_ip4;
1995 ctx->parent_app_id = lctx->parent_app_id;
1996 ctx->parent_app_wrk_id = lctx->parent_app_wrk_id;
1997 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1998 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_OPENED;
1999 ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
2001 udp_session->opaque = ctx->parent_app_id;
2003 /* Put this ctx in the "opening" pool */
2004 pool_get (quic_main.wrk_ctx[ctx->c_thread_index].opening_ctx_pool,
2006 *pool_index = ctx_index;
2008 /* TODO timeout to delete these if they never connect */
2013 quic_add_segment_callback (u32 client_index, u64 seg_handle)
2015 QUIC_DBG (2, "Called quic_add_segment_callback");
2016 QUIC_DBG (2, "NOT IMPLEMENTED");
2017 /* No-op for builtin */
2022 quic_del_segment_callback (u32 client_index, u64 seg_handle)
2024 QUIC_DBG (2, "Called quic_del_segment_callback");
2025 QUIC_DBG (2, "NOT IMPLEMENTED");
2026 /* No-op for builtin */
2032 quic_custom_app_rx_callback (transport_connection_t * tc)
2035 session_t *stream_session = session_get (tc->s_index, tc->thread_index);
2036 QUIC_DBG (3, "Received app READ notification");
2037 quic_ack_rx_data (stream_session);
2038 svm_fifo_reset_has_deq_ntf (stream_session->rx_fifo);
2040 /* Need to send packets (acks may never be sent otherwise) */
2041 ctx = quic_ctx_get (stream_session->connection_index,
2042 stream_session->thread_index);
2043 quic_send_packets (ctx);
2048 quic_custom_tx_callback (void *s)
2050 session_t *stream_session = (session_t *) s;
2051 quicly_stream_t *stream;
2056 (stream_session->session_state >= SESSION_STATE_TRANSPORT_CLOSING))
2059 quic_ctx_get (stream_session->connection_index,
2060 stream_session->thread_index);
2061 if (PREDICT_FALSE (!quic_ctx_is_stream (ctx)))
2063 goto tx_end; /* Most probably a reschedule */
2066 QUIC_DBG (3, "Stream TX event");
2067 quic_ack_rx_data (stream_session);
2068 if (!svm_fifo_max_dequeue (stream_session->tx_fifo))
2071 stream = ctx->c_quic_ctx_id.stream;
2072 if (!quicly_sendstate_is_open (&stream->sendstate))
2074 QUIC_DBG (1, "Warning: tried to send on closed stream");
2078 if ((rv = quicly_stream_sync_sendbuf (stream, 1)) != 0)
2082 quic_send_packets (ctx);
2088 * Returns 0 if a matching connection is found and is on the right thread.
2089 * If a connection is found, even on the wrong thread, ctx_thread and ctx_index
2093 quic_find_packet_ctx (u32 * ctx_thread, u32 * ctx_index,
2094 struct sockaddr *sa, socklen_t salen,
2095 quicly_decoded_packet_t * packet,
2096 u32 caller_thread_index)
2099 quicly_conn_t *conn_;
2100 clib_bihash_kv_16_8_t kv;
2101 clib_bihash_16_8_t *h;
2103 h = &quic_main.connection_hash;
2104 quic_make_connection_key (&kv, &packet->cid.dest.plaintext);
2105 QUIC_DBG (3, "Searching conn with id %lu %lu", kv.key[0], kv.key[1]);
2107 if (clib_bihash_search_16_8 (h, &kv, &kv) == 0)
2109 u32 index = kv.value & UINT32_MAX;
2110 u8 thread_id = kv.value >> 32;
2111 /* Check if this connection belongs to this thread, otherwise
2112 * ask for it to be moved */
2113 if (thread_id != caller_thread_index)
2115 QUIC_DBG (2, "Connection is on wrong thread");
2116 /* Cannot make full check with quicly_is_destination... */
2118 *ctx_thread = thread_id;
2121 ctx_ = quic_ctx_get (index, vlib_get_thread_index ());
2122 conn_ = ctx_->c_quic_ctx_id.conn;
2123 if (conn_ && quicly_is_destination (conn_, sa, salen, packet))
2125 QUIC_DBG (3, "Connection found");
2127 *ctx_thread = thread_id;
2131 QUIC_DBG (3, "connection not found");
2136 quic_receive (quic_ctx_t * ctx, quicly_conn_t * conn,
2137 quicly_decoded_packet_t packet)
2140 u32 ctx_id = ctx->c_c_index;
2141 u32 thread_index = ctx->c_thread_index;
2142 /* TODO : QUICLY_ERROR_PACKET_IGNORED sould be handled */
2143 rv = quicly_receive (conn, &packet);
2146 QUIC_DBG (2, "quicly_receive errored %U", quic_format_err, rv);
2149 /* ctx pointer may change if a new stream is opened */
2150 ctx = quic_ctx_get (ctx_id, thread_index);
2151 /* Conn may be set to null if the connection is terminated */
2152 if (ctx->c_quic_ctx_id.conn
2153 && ctx->c_quic_ctx_id.conn_state == QUIC_CONN_STATE_HANDSHAKE)
2155 if (quicly_connection_is_ready (conn))
2157 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_READY;
2158 if (quicly_is_client (conn))
2160 quic_on_client_connected (ctx);
2161 ctx = quic_ctx_get (ctx_id, thread_index);
2165 return quic_send_packets (ctx);
2169 quic_create_quic_session (quic_ctx_t * ctx)
2171 session_t *quic_session;
2172 app_worker_t *app_wrk;
2176 quic_session = session_alloc (ctx->c_thread_index);
2177 QUIC_DBG (2, "Allocated quic_session, 0x%lx ctx %u",
2178 session_handle (quic_session), ctx->c_c_index);
2179 quic_session->session_state = SESSION_STATE_LISTENING;
2180 ctx->c_s_index = quic_session->session_index;
2182 lctx = quic_ctx_get (ctx->c_quic_ctx_id.listener_ctx_id, 0);
2184 quic_session->app_wrk_index = lctx->parent_app_wrk_id;
2185 quic_session->connection_index = ctx->c_c_index;
2186 quic_session->session_type =
2187 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
2188 ctx->c_quic_ctx_id.udp_is_ip4);
2189 quic_session->listener_handle = lctx->c_s_index;
2191 /* TODO: don't alloc fifos when we don't transfer data on this session
2192 * but we still need fifos for the events? */
2193 if ((rv = app_worker_init_accepted (quic_session)))
2195 QUIC_DBG (1, "failed to allocate fifos");
2196 session_free (quic_session);
2199 app_wrk = app_worker_get (quic_session->app_wrk_index);
2200 rv = app_worker_accept_notify (app_wrk, quic_session);
2203 QUIC_DBG (1, "failed to notify accept worker app");
2210 quic_create_connection (quicly_context_t * quicly_ctx,
2211 u32 ctx_index, struct sockaddr *sa,
2212 socklen_t salen, quicly_decoded_packet_t packet)
2214 clib_bihash_kv_16_8_t kv;
2216 quicly_conn_t *conn;
2217 u32 thread_index = vlib_get_thread_index ();
2220 /* new connection, accept and create context if packet is valid
2221 * TODO: check if socket is actually listening? */
2222 if ((rv = quicly_accept (&conn, quicly_ctx, sa, salen,
2223 &packet, ptls_iovec_init (NULL, 0),
2224 &quic_main.next_cid, NULL)))
2226 /* Invalid packet, pass */
2227 assert (conn == NULL);
2228 QUIC_DBG (1, "Accept failed with %d", rv);
2229 /* TODO: cleanup created quic ctx and UDP session */
2232 assert (conn != NULL);
2234 ++quic_main.next_cid.master_id;
2235 ctx = quic_ctx_get (ctx_index, thread_index);
2236 /* Save ctx handle in quicly connection */
2237 quic_store_conn_ctx (conn, ctx);
2238 ctx->c_quic_ctx_id.conn = conn;
2239 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_HANDSHAKE;
2241 quic_create_quic_session (ctx);
2243 /* Register connection in connections map */
2244 quic_make_connection_key (&kv, quicly_get_master_id (conn));
2245 kv.value = ((u64) thread_index) << 32 | (u64) ctx_index;
2246 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
2247 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
2249 return quic_send_packets (ctx);
2253 quic_reset_connection (quicly_context_t * quicly_ctx, u64 udp_session_handle,
2254 struct sockaddr *sa, socklen_t salen,
2255 quicly_decoded_packet_t packet)
2257 /* short header packet; potentially a dead connection. No need to check the
2258 * length of the incoming packet, because loop is prevented by authenticating
2259 * the CID (by checking node_id and thread_id). If the peer is also sending a
2260 * reset, then the next CID is highly likely to contain a non-authenticating
2262 QUIC_DBG (2, "Sending stateless reset");
2264 quicly_datagram_t *dgram;
2265 session_t *udp_session;
2266 if (packet.cid.dest.plaintext.node_id == 0
2267 && packet.cid.dest.plaintext.thread_id == 0)
2269 dgram = quicly_send_stateless_reset (quicly_ctx, sa, salen,
2270 &packet.cid.dest.plaintext);
2273 udp_session = session_get_from_handle (udp_session_handle);
2274 rv = quic_send_datagram (udp_session, dgram);
2275 if (svm_fifo_set_event (udp_session->tx_fifo))
2276 session_send_io_evt_to_thread (udp_session->tx_fifo,
2284 quic_app_rx_callback (session_t * udp_session)
2286 /* Read data from UDP rx_fifo and pass it to the quicly conn. */
2287 quicly_decoded_packet_t packet;
2288 session_dgram_hdr_t ph;
2290 quic_ctx_t *ctx = NULL;
2293 struct sockaddr_in6 sa6;
2294 struct sockaddr *sa = (struct sockaddr *) &sa6;
2296 u32 max_deq, full_len, ctx_index = UINT32_MAX, ctx_thread = UINT32_MAX, ret;
2299 u32 *opening_ctx_pool, *ctx_index_ptr;
2300 u32 app_index = udp_session->opaque;
2301 u64 udp_session_handle = session_handle (udp_session);
2303 u32 thread_index = vlib_get_thread_index ();
2304 app = application_get_if_valid (app_index);
2307 QUIC_DBG (1, "Got RX on detached app");
2308 /* TODO: close this session, cleanup state? */
2314 udp_session = session_get_from_handle (udp_session_handle); /* session alloc might have happened */
2315 f = udp_session->rx_fifo;
2316 max_deq = svm_fifo_max_dequeue (f);
2320 if (max_deq < SESSION_CONN_HDR_LEN)
2322 QUIC_DBG (1, "Not enough data for even a header in RX");
2325 ret = svm_fifo_peek (f, 0, SESSION_CONN_HDR_LEN, (u8 *) & ph);
2326 if (ret != SESSION_CONN_HDR_LEN)
2328 QUIC_DBG (1, "Not enough data for header in RX");
2331 ASSERT (ph.data_offset == 0);
2332 full_len = ph.data_length + SESSION_CONN_HDR_LEN;
2333 if (full_len > max_deq)
2335 QUIC_DBG (1, "Not enough data in fifo RX");
2339 /* Quicly can read len bytes from the fifo at offset:
2340 * ph.data_offset + SESSION_CONN_HDR_LEN */
2341 data = malloc (ph.data_length);
2342 ret = svm_fifo_peek (f, SESSION_CONN_HDR_LEN, ph.data_length, data);
2343 if (ret != ph.data_length)
2345 QUIC_DBG (1, "Not enough data peeked in RX");
2351 quic_build_sockaddr (sa, &salen, &ph.rmt_ip, ph.rmt_port, ph.is_ip4);
2352 plen = quicly_decode_packet ((quicly_context_t *) app->quicly_ctx,
2353 &packet, data, ph.data_length);
2355 if (plen != SIZE_MAX)
2358 err = quic_find_packet_ctx (&ctx_thread, &ctx_index, sa, salen,
2359 &packet, thread_index);
2362 ctx = quic_ctx_get (ctx_index, thread_index);
2363 quic_receive (ctx, ctx->c_quic_ctx_id.conn, packet);
2365 else if (ctx_thread != UINT32_MAX)
2367 /* Connection found but on wrong thread, ask move */
2368 quic_move_connection_to_thread (ctx_index, ctx_thread,
2371 else if ((packet.octets.base[0] & QUICLY_PACKET_TYPE_BITMASK) ==
2372 QUICLY_PACKET_TYPE_INITIAL)
2374 /* Try to find matching "opening" ctx */
2376 quic_main.wrk_ctx[thread_index].opening_ctx_pool;
2379 pool_foreach (ctx_index_ptr, opening_ctx_pool,
2381 ctx = quic_ctx_get (*ctx_index_ptr, thread_index);
2382 if (ctx->udp_session_handle == udp_session_handle)
2384 /* Right ctx found, create conn & remove from pool */
2385 quic_create_connection ((quicly_context_t *) app->quicly_ctx,
2386 *ctx_index_ptr, sa, salen, packet);
2387 pool_put (opening_ctx_pool, ctx_index_ptr);
2388 goto ctx_search_done;
2396 quic_reset_connection ((quicly_context_t *) app->quicly_ctx,
2397 udp_session_handle, sa, salen, packet);
2401 svm_fifo_dequeue_drop (f, full_len);
2409 quic_common_get_transport_endpoint (quic_ctx_t * ctx,
2410 transport_endpoint_t * tep, u8 is_lcl)
2412 session_t *udp_session;
2413 if (!quic_ctx_is_stream (ctx))
2415 udp_session = session_get_from_handle (ctx->udp_session_handle);
2416 session_get_endpoint (udp_session, tep, is_lcl);
2421 quic_get_transport_listener_endpoint (u32 listener_index,
2422 transport_endpoint_t * tep, u8 is_lcl)
2425 app_listener_t *app_listener;
2426 session_t *udp_listen_session;
2427 ctx = quic_ctx_get (listener_index, vlib_get_thread_index ());
2428 if (quic_ctx_is_listener (ctx))
2430 app_listener = app_listener_get_w_handle (ctx->udp_session_handle);
2431 udp_listen_session = app_listener_get_session (app_listener);
2432 return session_get_endpoint (udp_listen_session, tep, is_lcl);
2434 quic_common_get_transport_endpoint (ctx, tep, is_lcl);
2438 quic_get_transport_endpoint (u32 ctx_index, u32 thread_index,
2439 transport_endpoint_t * tep, u8 is_lcl)
2442 ctx = quic_ctx_get (ctx_index, thread_index);
2443 quic_common_get_transport_endpoint (ctx, tep, is_lcl);
2446 /*****************************************************************************
2447 * END TRANSPORT PROTO FUNCTIONS
2448 *****************************************************************************/
2451 static session_cb_vft_t quic_app_cb_vft = {
2452 .session_accept_callback = quic_session_accepted_callback,
2453 .session_disconnect_callback = quic_session_disconnect_callback,
2454 .session_connected_callback = quic_session_connected_callback,
2455 .session_reset_callback = quic_session_reset_callback,
2456 .add_segment_callback = quic_add_segment_callback,
2457 .del_segment_callback = quic_del_segment_callback,
2458 .builtin_app_rx_callback = quic_app_rx_callback,
2461 static const transport_proto_vft_t quic_proto = {
2462 .connect = quic_connect,
2463 .close = quic_proto_on_close,
2464 .start_listen = quic_start_listen,
2465 .stop_listen = quic_stop_listen,
2466 .get_connection = quic_connection_get,
2467 .get_listener = quic_listener_get,
2468 .update_time = quic_update_time,
2469 .app_rx_evt = quic_custom_app_rx_callback,
2470 .custom_tx = quic_custom_tx_callback,
2471 .format_connection = format_quic_connection,
2472 .format_half_open = format_quic_half_open,
2473 .format_listener = format_quic_listener,
2474 .get_transport_endpoint = quic_get_transport_endpoint,
2475 .get_transport_listener_endpoint = quic_get_transport_listener_endpoint,
2476 .transport_options = {
2477 .tx_type = TRANSPORT_TX_INTERNAL,
2478 .service_type = TRANSPORT_SERVICE_APP,
2483 static clib_error_t *
2484 quic_init (vlib_main_t * vm)
2486 u32 segment_size = 256 << 20;
2487 vlib_thread_main_t *vtm = vlib_get_thread_main ();
2488 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
2489 vnet_app_attach_args_t _a, *a = &_a;
2490 u64 options[APP_OPTIONS_N_OPTIONS];
2491 quic_main_t *qm = &quic_main;
2492 u32 fifo_size = QUIC_FIFO_SIZE;
2495 num_threads = 1 /* main thread */ + vtm->n_threads;
2497 memset (a, 0, sizeof (*a));
2498 memset (options, 0, sizeof (options));
2500 a->session_cb_vft = &quic_app_cb_vft;
2501 a->api_client_index = APP_INVALID_INDEX;
2502 a->options = options;
2503 a->name = format (0, "quic");
2504 a->options[APP_OPTIONS_SEGMENT_SIZE] = segment_size;
2505 a->options[APP_OPTIONS_ADD_SEGMENT_SIZE] = segment_size;
2506 a->options[APP_OPTIONS_RX_FIFO_SIZE] = fifo_size;
2507 a->options[APP_OPTIONS_TX_FIFO_SIZE] = fifo_size;
2508 a->options[APP_OPTIONS_FLAGS] = APP_OPTIONS_FLAGS_IS_BUILTIN;
2509 a->options[APP_OPTIONS_FLAGS] |= APP_OPTIONS_FLAGS_USE_GLOBAL_SCOPE;
2510 a->options[APP_OPTIONS_FLAGS] |= APP_OPTIONS_FLAGS_IS_TRANSPORT_APP;
2512 if (vnet_application_attach (a))
2514 clib_warning ("failed to attach quic app");
2515 return clib_error_return (0, "failed to attach quic app");
2518 vec_validate (qm->ctx_pool, num_threads - 1);
2519 vec_validate (qm->wrk_ctx, num_threads - 1);
2520 /* Timer wheels, one per thread. */
2521 for (i = 0; i < num_threads; i++)
2523 tw = &qm->wrk_ctx[i].timer_wheel;
2524 tw_timer_wheel_init_1t_3w_1024sl_ov (tw, quic_expired_timers_dispatch,
2525 1e-3 /* timer period 1ms */ , ~0);
2526 tw->last_run_time = vlib_time_now (vlib_get_main ());
2529 clib_bihash_init_16_8 (&qm->connection_hash, "quic connections", 1024,
2533 qm->app_index = a->app_index;
2534 qm->tstamp_ticks_per_clock = vm->clib_time.seconds_per_clock
2535 / QUIC_TSTAMP_RESOLUTION;
2537 transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
2538 FIB_PROTOCOL_IP4, ~0);
2539 transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
2540 FIB_PROTOCOL_IP6, ~0);
2546 VLIB_INIT_FUNCTION (quic_init);
2549 VLIB_PLUGIN_REGISTER () =
2551 .version = VPP_BUILD_VER,
2552 .description = "Quic transport protocol",
2557 * fd.io coding-style-patch-verification: ON
2560 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob