2 * Copyright (c) 2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <sys/socket.h>
18 #include <vnet/session/application.h>
19 #include <vnet/session/transport.h>
20 #include <vnet/session/session.h>
21 #include <vlib/unix/plugin.h>
22 #include <vpp/app/version.h>
23 #include <openssl/pem.h>
25 #include <vppinfra/lock.h>
27 #include <quic/quic.h>
29 #include <quicly/defaults.h>
30 #include <picotls/openssl.h>
31 #include <picotls/pembase64.h>
33 static quic_main_t quic_main;
34 static void quic_update_timer (quic_ctx_t * ctx);
37 quic_format_err (u8 * s, va_list * args)
39 u64 code = va_arg (*args, u64);
43 s = format (s, "no error");
46 case QUIC_ERROR_FULL_FIFO:
47 s = format (s, "full fifo");
49 case QUIC_APP_ERROR_CLOSE_NOTIFY:
50 s = format (s, "QUIC_APP_ERROR_CLOSE_NOTIFY");
52 case QUIC_APP_ALLOCATION_ERROR:
53 s = format (s, "QUIC_APP_ALLOCATION_ERROR");
55 case QUIC_APP_ACCEPT_NOTIFY_ERROR:
56 s = format (s, "QUIC_APP_ACCEPT_NOTIFY_ERROR");
58 case QUIC_APP_CONNECT_NOTIFY_ERROR:
59 s = format (s, "QUIC_APP_CONNECT_NOTIFY_ERROR");
62 case QUICLY_ERROR_PACKET_IGNORED:
63 s = format (s, "QUICLY_ERROR_PACKET_IGNORED");
65 case QUICLY_ERROR_SENDBUF_FULL:
66 s = format (s, "QUICLY_ERROR_SENDBUF_FULL");
68 case QUICLY_ERROR_FREE_CONNECTION:
69 s = format (s, "QUICLY_ERROR_FREE_CONNECTION");
71 case QUICLY_ERROR_RECEIVED_STATELESS_RESET:
72 s = format (s, "QUICLY_ERROR_RECEIVED_STATELESS_RESET");
74 case QUICLY_TRANSPORT_ERROR_NONE:
75 s = format (s, "QUICLY_TRANSPORT_ERROR_NONE");
77 case QUICLY_TRANSPORT_ERROR_INTERNAL:
78 s = format (s, "QUICLY_TRANSPORT_ERROR_INTERNAL");
80 case QUICLY_TRANSPORT_ERROR_SERVER_BUSY:
81 s = format (s, "QUICLY_TRANSPORT_ERROR_SERVER_BUSY");
83 case QUICLY_TRANSPORT_ERROR_FLOW_CONTROL:
84 s = format (s, "QUICLY_TRANSPORT_ERROR_FLOW_CONTROL");
86 case QUICLY_TRANSPORT_ERROR_STREAM_ID:
87 s = format (s, "QUICLY_TRANSPORT_ERROR_STREAM_ID");
89 case QUICLY_TRANSPORT_ERROR_STREAM_STATE:
90 s = format (s, "QUICLY_TRANSPORT_ERROR_STREAM_STATE");
92 case QUICLY_TRANSPORT_ERROR_FINAL_OFFSET:
93 s = format (s, "QUICLY_TRANSPORT_ERROR_FINAL_OFFSET");
95 case QUICLY_TRANSPORT_ERROR_FRAME_ENCODING:
96 s = format (s, "QUICLY_TRANSPORT_ERROR_FRAME_ENCODING");
98 case QUICLY_TRANSPORT_ERROR_TRANSPORT_PARAMETER:
99 s = format (s, "QUICLY_TRANSPORT_ERROR_TRANSPORT_PARAMETER");
101 case QUICLY_TRANSPORT_ERROR_VERSION_NEGOTIATION:
102 s = format (s, "QUICLY_TRANSPORT_ERROR_VERSION_NEGOTIATION");
104 case QUICLY_TRANSPORT_ERROR_PROTOCOL_VIOLATION:
105 s = format (s, "QUICLY_TRANSPORT_ERROR_PROTOCOL_VIOLATION");
107 case QUICLY_TRANSPORT_ERROR_INVALID_MIGRATION:
108 s = format (s, "QUICLY_TRANSPORT_ERROR_INVALID_MIGRATION");
111 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CLOSE_NOTIFY):
113 format (s, "PTLS_ALERT_CLOSE_NOTIFY");
115 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNEXPECTED_MESSAGE):
117 format (s, "PTLS_ALERT_UNEXPECTED_MESSAGE");
119 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_BAD_RECORD_MAC):
121 format (s, "PTLS_ALERT_BAD_RECORD_MAC");
123 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_HANDSHAKE_FAILURE):
125 format (s, "PTLS_ALERT_HANDSHAKE_FAILURE");
127 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_BAD_CERTIFICATE):
129 format (s, "PTLS_ALERT_BAD_CERTIFICATE");
131 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_REVOKED):
133 format (s, "PTLS_ALERT_CERTIFICATE_REVOKED");
135 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_EXPIRED):
137 format (s, "PTLS_ALERT_CERTIFICATE_EXPIRED");
139 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_UNKNOWN):
141 format (s, "PTLS_ALERT_CERTIFICATE_UNKNOWN");
143 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_ILLEGAL_PARAMETER):
145 format (s, "PTLS_ALERT_ILLEGAL_PARAMETER");
147 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNKNOWN_CA):
149 format (s, "PTLS_ALERT_UNKNOWN_CA");
151 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_DECODE_ERROR):
153 format (s, "PTLS_ALERT_DECODE_ERROR");
155 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_DECRYPT_ERROR):
157 format (s, "PTLS_ALERT_DECRYPT_ERROR");
159 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_PROTOCOL_VERSION):
161 format (s, "PTLS_ALERT_PROTOCOL_VERSION");
163 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_INTERNAL_ERROR):
165 format (s, "PTLS_ALERT_INTERNAL_ERROR");
167 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_USER_CANCELED):
169 format (s, "PTLS_ALERT_USER_CANCELED");
171 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_MISSING_EXTENSION):
173 format (s, "PTLS_ALERT_MISSING_EXTENSION");
175 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_UNRECOGNIZED_NAME):
177 format (s, "PTLS_ALERT_UNRECOGNIZED_NAME");
179 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_CERTIFICATE_REQUIRED):
181 format (s, "PTLS_ALERT_CERTIFICATE_REQUIRED");
183 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ALERT_NO_APPLICATION_PROTOCOL):
185 format (s, "PTLS_ALERT_NO_APPLICATION_PROTOCOL");
187 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_NO_MEMORY):
189 format (s, "PTLS_ERROR_NO_MEMORY");
191 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_IN_PROGRESS):
193 format (s, "PTLS_ERROR_IN_PROGRESS");
195 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_LIBRARY):
197 format (s, "PTLS_ERROR_LIBRARY");
199 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCOMPATIBLE_KEY):
201 format (s, "PTLS_ERROR_INCOMPATIBLE_KEY");
203 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_SESSION_NOT_FOUND):
205 format (s, "PTLS_ERROR_SESSION_NOT_FOUND");
207 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_STATELESS_RETRY):
209 format (s, "PTLS_ERROR_STATELESS_RETRY");
211 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_NOT_AVAILABLE):
213 format (s, "PTLS_ERROR_NOT_AVAILABLE");
215 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_COMPRESSION_FAILURE):
217 format (s, "PTLS_ERROR_COMPRESSION_FAILURE");
219 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_INCORRECT_ENCODING):
221 format (s, "PTLS_ERROR_BER_INCORRECT_ENCODING");
223 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_MALFORMED_TYPE):
225 format (s, "PTLS_ERROR_BER_MALFORMED_TYPE");
227 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_MALFORMED_LENGTH):
229 format (s, "PTLS_ERROR_BER_MALFORMED_LENGTH");
231 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_EXCESSIVE_LENGTH):
233 format (s, "PTLS_ERROR_BER_EXCESSIVE_LENGTH");
235 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_ELEMENT_TOO_SHORT):
237 format (s, "PTLS_ERROR_BER_ELEMENT_TOO_SHORT");
239 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_BER_UNEXPECTED_EOC):
241 format (s, "PTLS_ERROR_BER_UNEXPECTED_EOC");
243 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_DER_INDEFINITE_LENGTH):
245 format (s, "PTLS_ERROR_DER_INDEFINITE_LENGTH");
247 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_ASN1_SYNTAX):
249 format (s, "PTLS_ERROR_INCORRECT_ASN1_SYNTAX");
251 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_KEY_VERSION):
253 format (s, "PTLS_ERROR_INCORRECT_PEM_KEY_VERSION");
255 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_KEY_VERSION):
257 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_KEY_VERSION");
259 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_CURVE):
261 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_CURVE");
263 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_PEM_ECDSA_KEYSIZE):
265 format (s, "PTLS_ERROR_INCORRECT_PEM_ECDSA_KEYSIZE");
267 case QUICLY_TRANSPORT_ERROR_TLS_ALERT_BASE + PTLS_ERROR_TO_ALERT (PTLS_ERROR_INCORRECT_ASN1_ECDSA_KEY_SYNTAX):
269 format (s, "PTLS_ERROR_INCORRECT_ASN1_ECDSA_KEY_SYNTAX");
272 s = format (s, "unknown error 0x%lx", code);
279 quic_ctx_alloc (u32 thread_index)
281 quic_main_t *qm = &quic_main;
284 pool_get (qm->ctx_pool[thread_index], ctx);
286 memset (ctx, 0, sizeof (quic_ctx_t));
287 ctx->c_thread_index = thread_index;
288 QUIC_DBG (1, "Allocated quic_ctx %u on thread %u",
289 ctx - qm->ctx_pool[thread_index], thread_index);
290 return ctx - qm->ctx_pool[thread_index];
294 quic_ctx_free (quic_ctx_t * ctx)
296 QUIC_DBG (2, "Free ctx %u", ctx->c_c_index);
297 u32 thread_index = ctx->c_thread_index;
299 memset (ctx, 0xfb, sizeof (*ctx));
300 pool_put (quic_main.ctx_pool[thread_index], ctx);
304 quic_ctx_get (u32 ctx_index, u32 thread_index)
306 return pool_elt_at_index (quic_main.ctx_pool[thread_index], ctx_index);
310 quic_get_conn_ctx (quicly_conn_t * conn)
313 conn_data = (u64) * quicly_get_data (conn);
314 return quic_ctx_get (conn_data & UINT32_MAX, conn_data >> 32);
318 quic_store_conn_ctx (quicly_conn_t * conn, quic_ctx_t * ctx)
320 *quicly_get_data (conn) =
321 (void *) (((u64) ctx->c_thread_index) << 32 | (u64) ctx->c_c_index);
325 quic_ctx_is_stream (quic_ctx_t * ctx)
327 return (ctx->flags & QUIC_F_IS_STREAM);
331 quic_ctx_is_listener (quic_ctx_t * ctx)
333 return (ctx->flags & QUIC_F_IS_LISTENER);
337 get_stream_session_from_stream (quicly_stream_t * stream)
340 quic_stream_data_t *stream_data;
342 stream_data = (quic_stream_data_t *) stream->data;
343 ctx = quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
344 return session_get (ctx->c_s_index, stream_data->thread_index);
348 quic_make_connection_key (clib_bihash_kv_16_8_t * kv,
349 const quicly_cid_plaintext_t * id)
351 kv->key[0] = ((u64) id->master_id) << 32 | (u64) id->thread_id;
352 kv->key[1] = id->node_id;
356 quic_sendable_packet_count (session_t * udp_session)
359 u32 packet_size = QUIC_MAX_PACKET_SIZE + SESSION_CONN_HDR_LEN;
360 max_enqueue = svm_fifo_max_enqueue (udp_session->tx_fifo);
361 return clib_min (max_enqueue / packet_size, QUIC_SEND_PACKET_VEC_SIZE);
366 quic_ack_rx_data (session_t * stream_session)
371 quicly_stream_t *stream;
372 quic_stream_data_t *stream_data;
375 quic_ctx_get (stream_session->connection_index,
376 stream_session->thread_index);
377 ASSERT (quic_ctx_is_stream (sctx));
378 stream = sctx->c_quic_ctx_id.stream;
379 stream_data = (quic_stream_data_t *) stream->data;
381 f = stream_session->rx_fifo;
382 max_deq = svm_fifo_max_dequeue (f);
384 ASSERT (stream_data->app_rx_data_len >= max_deq);
385 quicly_stream_sync_recvbuf (stream, stream_data->app_rx_data_len - max_deq);
386 QUIC_DBG (3, "Acking %u bytes", stream_data->app_rx_data_len - max_deq);
387 stream_data->app_rx_data_len = max_deq;
391 quic_disconnect_transport (quic_ctx_t * ctx)
393 QUIC_DBG (2, "Disconnecting transport 0x%lx", ctx->udp_session_handle);
394 vnet_disconnect_args_t a = {
395 .handle = ctx->udp_session_handle,
396 .app_index = quic_main.app_index,
399 if (vnet_disconnect_session (&a))
400 clib_warning ("UDP session 0x%lx disconnect errored",
401 ctx->udp_session_handle);
405 quic_connection_closed (u32 ctx_index, u32 thread_index, u8 notify_transport)
407 QUIC_DBG (2, "QUIC connection closed");
408 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
409 clib_bihash_kv_16_8_t kv;
413 ctx = quic_ctx_get (ctx_index, thread_index);
414 ASSERT (!quic_ctx_is_stream (ctx));
415 /* TODO if connection is not established, just delete the session? */
418 if (ctx->timer_handle != QUIC_TIMER_HANDLE_INVALID)
420 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
421 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
424 /* Delete the connection from the connection map */
425 conn = ctx->c_quic_ctx_id.conn;
426 quic_make_connection_key (&kv, quicly_get_master_id (conn));
427 QUIC_DBG (2, "Deleting conn with id %lu %lu", kv.key[0], kv.key[1]);
428 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 0 /* is_add */ );
430 quic_disconnect_transport (ctx);
431 if (notify_transport)
432 session_transport_closing_notify (&ctx->connection);
434 session_transport_delete_notify (&ctx->connection);
435 /* Do not try to send anything anymore */
436 quicly_free (ctx->c_quic_ctx_id.conn);
437 ctx->c_quic_ctx_id.conn = NULL;
442 quic_send_datagram (session_t * udp_session, quicly_datagram_t * packet)
445 session_dgram_hdr_t hdr;
448 transport_connection_t *tc;
450 len = packet->data.len;
451 f = udp_session->tx_fifo;
452 tc = session_get_transport (udp_session);
453 max_enqueue = svm_fifo_max_enqueue (f);
454 if (max_enqueue < SESSION_CONN_HDR_LEN + len)
456 QUIC_DBG (1, "Too much data to send, max_enqueue %u, len %u",
457 max_enqueue, len + SESSION_CONN_HDR_LEN);
458 return QUIC_ERROR_FULL_FIFO;
461 /* Build packet header for fifo */
462 hdr.data_length = len;
464 hdr.is_ip4 = tc->is_ip4;
465 clib_memcpy (&hdr.lcl_ip, &tc->lcl_ip, sizeof (ip46_address_t));
466 hdr.lcl_port = tc->lcl_port;
468 /* Read dest address from quicly-provided sockaddr */
471 ASSERT (packet->sa.sa_family == AF_INET);
472 struct sockaddr_in *sa4 = (struct sockaddr_in *) &packet->sa;
473 hdr.rmt_port = sa4->sin_port;
474 hdr.rmt_ip.ip4.as_u32 = sa4->sin_addr.s_addr;
478 ASSERT (packet->sa.sa_family == AF_INET6);
479 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &packet->sa;
480 hdr.rmt_port = sa6->sin6_port;
481 clib_memcpy (&hdr.rmt_ip.ip6, &sa6->sin6_addr, 16);
484 ret = svm_fifo_enqueue (f, sizeof (hdr), (u8 *) & hdr);
485 if (ret != sizeof (hdr))
487 QUIC_DBG (1, "Not enough space to enqueue header");
488 return QUIC_ERROR_FULL_FIFO;
490 ret = svm_fifo_enqueue (f, len, packet->data.base);
493 QUIC_DBG (1, "Not enough space to enqueue payload");
494 return QUIC_ERROR_FULL_FIFO;
500 quic_send_packets (quic_ctx_t * ctx)
502 quicly_datagram_t *packets[QUIC_SEND_PACKET_VEC_SIZE];
503 session_t *udp_session;
505 size_t num_packets, i, max_packets;
506 quicly_context_t *quicly_context;
507 app_worker_t *app_wrk;
511 /* We have sctx, get qctx */
512 if (quic_ctx_is_stream (ctx))
514 quic_ctx_get (ctx->c_quic_ctx_id.quic_connection_ctx_id,
515 ctx->c_thread_index);
517 ASSERT (!quic_ctx_is_stream (ctx));
519 udp_session = session_get_from_handle_if_valid (ctx->udp_session_handle);
523 conn = ctx->c_quic_ctx_id.conn;
528 /* TODO : quicly can assert it can send min_packets up to 2 */
529 if (quic_sendable_packet_count (udp_session) < 2)
532 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
535 clib_warning ("Tried to send packets on non existing app worker %u",
536 ctx->parent_app_wrk_id);
537 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
538 1 /* notify_transport */ );
541 app = application_get (app_wrk->app_index);
543 quicly_context = (quicly_context_t *) app->quicly_ctx;
546 max_packets = quic_sendable_packet_count (udp_session);
549 num_packets = max_packets;
550 if ((err = quicly_send (conn, packets, &num_packets)))
553 for (i = 0; i != num_packets; ++i)
555 if ((err = quic_send_datagram (udp_session, packets[i])))
558 quicly_context->packet_allocator->
559 free_packet (quicly_context->packet_allocator, packets[i]);
562 while (num_packets > 0 && num_packets == max_packets);
565 if (svm_fifo_set_event (udp_session->tx_fifo))
567 session_send_io_evt_to_thread (udp_session->tx_fifo,
569 clib_warning ("Event enqueue errored %d", err);
571 QUIC_DBG (3, "%u[TX] %u[RX]", svm_fifo_max_dequeue (udp_session->tx_fifo),
572 svm_fifo_max_dequeue (udp_session->rx_fifo));
573 quic_update_timer (ctx);
577 if (err && err != QUICLY_ERROR_PACKET_IGNORED
578 && err != QUICLY_ERROR_FREE_CONNECTION)
579 clib_warning ("Quic error '%U'.", quic_format_err, err);
580 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
581 1 /* notify_transport */ );
585 /*****************************************************************************
587 * START QUICLY CALLBACKS
588 * Called from QUIC lib
590 *****************************************************************************/
593 quic_on_stream_destroy (quicly_stream_t * stream, int err)
595 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
597 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
598 session_t *stream_session =
599 session_get (sctx->c_s_index, sctx->c_thread_index);
600 QUIC_DBG (2, "DESTROYED_STREAM: session 0x%lx (%U)",
601 session_handle (stream_session), quic_format_err, err);
603 stream_session->session_state = SESSION_STATE_CLOSED;
604 session_transport_delete_notify (&sctx->connection);
606 quic_ctx_free (sctx);
611 quic_on_stop_sending (quicly_stream_t * stream, int err)
614 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
616 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
617 session_t *stream_session =
618 session_get (sctx->c_s_index, sctx->c_thread_index);
619 clib_warning ("(NOT IMPLEMENTD) STOP_SENDING: session 0x%lx (%U)",
620 session_handle (stream_session), quic_format_err, err);
622 /* TODO : handle STOP_SENDING */
627 quic_on_receive_reset (quicly_stream_t * stream, int err)
629 quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
631 quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
633 session_t *stream_session =
634 session_get (sctx->c_s_index, sctx->c_thread_index);
635 clib_warning ("RESET_STREAM: session 0x%lx (%U)",
636 session_handle (stream_session), quic_format_err, err);
638 session_transport_closing_notify (&sctx->connection);
643 quic_on_receive (quicly_stream_t * stream, size_t off, const void *src,
646 QUIC_DBG (3, "received data: %lu bytes, offset %lu", len, off);
649 session_t *stream_session;
650 app_worker_t *app_wrk;
652 quic_stream_data_t *stream_data;
655 stream_data = (quic_stream_data_t *) stream->data;
656 sctx = quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
657 stream_session = session_get (sctx->c_s_index, stream_data->thread_index);
658 f = stream_session->rx_fifo;
660 max_enq = svm_fifo_max_enqueue_prod (f);
661 QUIC_DBG (3, "Enqueuing %u at off %u in %u space", len, off, max_enq);
662 if (off - stream_data->app_rx_data_len + len > max_enq)
664 QUIC_DBG (1, "Error RX fifo is full");
667 if (off == stream_data->app_rx_data_len)
669 /* Streams live on the same thread so (f, stream_data) should stay consistent */
670 rlen = svm_fifo_enqueue (f, len, (u8 *) src);
671 stream_data->app_rx_data_len += rlen;
672 ASSERT (rlen >= len);
673 app_wrk = app_worker_get_if_valid (stream_session->app_wrk_index);
674 if (PREDICT_TRUE (app_wrk != 0))
675 app_worker_lock_and_send_event (app_wrk, stream_session,
677 quic_ack_rx_data (stream_session);
682 svm_fifo_enqueue_with_offset (f, off - stream_data->app_rx_data_len,
690 quic_fifo_egress_shift (quicly_stream_t * stream, size_t delta)
692 session_t *stream_session;
696 stream_session = get_stream_session_from_stream (stream);
697 f = stream_session->tx_fifo;
699 rv = svm_fifo_dequeue_drop (f, delta);
700 ASSERT (rv == delta);
701 quicly_stream_sync_sendbuf (stream, 0);
705 quic_fifo_egress_emit (quicly_stream_t * stream, size_t off, void *dst,
706 size_t * len, int *wrote_all)
708 session_t *stream_session;
710 u32 deq_max, first_deq, max_rd_chunk, rem_offset;
712 stream_session = get_stream_session_from_stream (stream);
713 f = stream_session->tx_fifo;
715 QUIC_DBG (3, "Emitting %u, offset %u", *len, off);
717 deq_max = svm_fifo_max_dequeue_cons (f);
718 ASSERT (off <= deq_max);
719 if (off + *len < deq_max)
726 *len = deq_max - off;
727 QUIC_DBG (3, "Wrote ALL, %u", *len);
730 /* TODO, use something like : return svm_fifo_peek (f, off, *len, dst); */
731 max_rd_chunk = svm_fifo_max_read_chunk (f);
734 if (off < max_rd_chunk)
736 first_deq = clib_min (*len, max_rd_chunk - off);
737 clib_memcpy_fast (dst, svm_fifo_head (f) + off, first_deq);
740 if (max_rd_chunk < off + *len)
742 rem_offset = max_rd_chunk < off ? off - max_rd_chunk : 0;
743 clib_memcpy_fast (dst + first_deq, f->head_chunk->data + rem_offset,
750 static const quicly_stream_callbacks_t quic_stream_callbacks = {
751 .on_destroy = quic_on_stream_destroy,
752 .on_send_shift = quic_fifo_egress_shift,
753 .on_send_emit = quic_fifo_egress_emit,
754 .on_send_stop = quic_on_stop_sending,
755 .on_receive = quic_on_receive,
756 .on_receive_reset = quic_on_receive_reset
760 quic_accept_stream (void *s)
762 quicly_stream_t *stream = (quicly_stream_t *) s;
763 session_t *stream_session, *quic_session;
764 quic_stream_data_t *stream_data;
765 app_worker_t *app_wrk;
766 quic_ctx_t *qctx, *sctx;
770 sctx_id = quic_ctx_alloc (vlib_get_thread_index ());
772 qctx = quic_get_conn_ctx (stream->conn);
774 stream_session = session_alloc (qctx->c_thread_index);
775 QUIC_DBG (2, "ACCEPTED stream_session 0x%lx ctx %u",
776 session_handle (stream_session), sctx_id);
777 sctx = quic_ctx_get (sctx_id, qctx->c_thread_index);
778 sctx->parent_app_wrk_id = qctx->parent_app_wrk_id;
779 sctx->parent_app_id = qctx->parent_app_id;
780 sctx->c_quic_ctx_id.quic_connection_ctx_id = qctx->c_c_index;
781 sctx->c_c_index = sctx_id;
782 sctx->c_s_index = stream_session->session_index;
783 sctx->c_quic_ctx_id.stream = stream;
784 sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
785 sctx->flags |= QUIC_F_IS_STREAM;
787 stream_data = (quic_stream_data_t *) stream->data;
788 stream_data->ctx_id = sctx_id;
789 stream_data->thread_index = sctx->c_thread_index;
790 stream_data->app_rx_data_len = 0;
792 sctx->c_s_index = stream_session->session_index;
793 stream_session->session_state = SESSION_STATE_CREATED;
794 stream_session->app_wrk_index = sctx->parent_app_wrk_id;
795 stream_session->connection_index = sctx->c_c_index;
796 stream_session->session_type =
797 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
798 qctx->c_quic_ctx_id.udp_is_ip4);
799 quic_session = session_get (qctx->c_s_index, qctx->c_thread_index);
800 stream_session->listener_handle = listen_session_get_handle (quic_session);
802 app_wrk = app_worker_get (stream_session->app_wrk_index);
803 if ((rv = app_worker_init_connected (app_wrk, stream_session)))
805 QUIC_DBG (1, "failed to allocate fifos");
806 session_free (stream_session);
807 quicly_reset_stream (stream, QUIC_APP_ALLOCATION_ERROR);
810 svm_fifo_add_want_deq_ntf (stream_session->rx_fifo,
811 SVM_FIFO_WANT_DEQ_NOTIF_IF_FULL |
812 SVM_FIFO_WANT_DEQ_NOTIF_IF_EMPTY);
814 rv = app_worker_accept_notify (app_wrk, stream_session);
817 QUIC_DBG (1, "failed to notify accept worker app");
818 session_free_w_fifos (stream_session);
819 quicly_reset_stream (stream, QUIC_APP_ACCEPT_NOTIFY_ERROR);
825 quic_on_stream_open (quicly_stream_open_t * self, quicly_stream_t * stream)
827 QUIC_DBG (2, "on_stream_open called");
828 stream->data = malloc (sizeof (quic_stream_data_t));
829 stream->callbacks = &quic_stream_callbacks;
830 /* Notify accept on parent qsession, but only if this is not a locally
831 * initiated stream */
832 if (!quicly_stream_is_self_initiated (stream))
834 quic_accept_stream (stream);
840 quic_on_closed_by_peer (quicly_closed_by_peer_t * self, quicly_conn_t * conn,
841 int code, uint64_t frame_type,
842 const char *reason, size_t reason_len)
844 quic_ctx_t *ctx = quic_get_conn_ctx (conn);
846 session_t *quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
847 clib_warning ("Session 0x%lx closed by peer (%U) %.*s ",
848 session_handle (quic_session), quic_format_err, code,
851 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_PASSIVE_CLOSING;
852 session_transport_closing_notify (&ctx->connection);
855 static quicly_stream_open_t on_stream_open = { &quic_on_stream_open };
856 static quicly_closed_by_peer_t on_closed_by_peer =
857 { &quic_on_closed_by_peer };
860 /*****************************************************************************
862 * END QUICLY CALLBACKS
864 *****************************************************************************/
866 /*****************************************************************************
868 * BEGIN TIMERS HANDLING
870 *****************************************************************************/
873 quic_get_thread_time (u8 thread_index)
875 return quic_main.wrk_ctx[thread_index].time_now;
879 quic_get_time (quicly_now_t * self)
881 u8 thread_index = vlib_get_thread_index ();
882 return quic_get_thread_time (thread_index);
885 static quicly_now_t quicly_vpp_now_cb = { quic_get_time };
888 quic_set_time_now (u32 thread_index)
890 vlib_main_t *vlib_main = vlib_get_main ();
891 f64 time = vlib_time_now (vlib_main);
892 quic_main.wrk_ctx[thread_index].time_now = (int64_t) (time * 1000.f);
893 return quic_main.wrk_ctx[thread_index].time_now;
896 /* Transport proto callback */
898 quic_update_time (f64 now, u8 thread_index)
900 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
902 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
903 quic_set_time_now (thread_index);
904 tw_timer_expire_timers_1t_3w_1024sl_ov (tw, now);
908 quic_timer_expired (u32 conn_index)
911 QUIC_DBG (4, "Timer expired for conn %u at %ld", conn_index,
912 quic_get_time (NULL));
913 ctx = quic_ctx_get (conn_index, vlib_get_thread_index ());
914 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
915 quic_send_packets (ctx);
919 quic_update_timer (quic_ctx_t * ctx)
921 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
922 int64_t next_timeout, next_interval;
923 session_t *quic_session;
925 /* This timeout is in ms which is the unit of our timer */
926 next_timeout = quicly_get_first_timeout (ctx->c_quic_ctx_id.conn);
927 next_interval = next_timeout - quic_get_time (NULL);
929 if (next_timeout == 0 || next_interval <= 0)
931 if (ctx->c_s_index == QUIC_SESSION_INVALID)
937 quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
938 if (svm_fifo_set_event (quic_session->tx_fifo))
939 session_send_io_evt_to_thread_custom (quic_session,
940 quic_session->thread_index,
941 SESSION_IO_EVT_BUILTIN_TX);
946 tw = &quic_main.wrk_ctx[vlib_get_thread_index ()].timer_wheel;
948 QUIC_DBG (4, "Timer set to %ld (int %ld) for ctx %u", next_timeout,
949 next_interval, ctx->c_c_index);
951 if (ctx->timer_handle == QUIC_TIMER_HANDLE_INVALID)
953 if (next_timeout == INT64_MAX)
955 QUIC_DBG (4, "timer for ctx %u already stopped", ctx->c_c_index);
959 tw_timer_start_1t_3w_1024sl_ov (tw, ctx->c_c_index, 0, next_interval);
963 if (next_timeout == INT64_MAX)
965 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
966 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
967 QUIC_DBG (4, "Stopping timer for ctx %u", ctx->c_c_index);
970 tw_timer_update_1t_3w_1024sl_ov (tw, ctx->timer_handle,
977 quic_expired_timers_dispatch (u32 * expired_timers)
981 for (i = 0; i < vec_len (expired_timers); i++)
983 quic_timer_expired (expired_timers[i]);
987 /*****************************************************************************
989 * END TIMERS HANDLING
991 *****************************************************************************/
993 /* single-entry session cache */
994 struct st_util_session_cache_t
996 ptls_encrypt_ticket_t super;
1002 encrypt_ticket_cb (ptls_encrypt_ticket_t * _self, ptls_t * tls,
1003 int is_encrypt, ptls_buffer_t * dst, ptls_iovec_t src)
1005 struct st_util_session_cache_t *self = (void *) _self;
1011 /* replace the cached entry along with a newly generated session id */
1012 free (self->data.base);
1013 if ((self->data.base = malloc (src.len)) == NULL)
1014 return PTLS_ERROR_NO_MEMORY;
1016 ptls_get_context (tls)->random_bytes (self->id, sizeof (self->id));
1017 memcpy (self->data.base, src.base, src.len);
1018 self->data.len = src.len;
1020 /* store the session id in buffer */
1021 if ((ret = ptls_buffer_reserve (dst, sizeof (self->id))) != 0)
1023 memcpy (dst->base + dst->off, self->id, sizeof (self->id));
1024 dst->off += sizeof (self->id);
1030 /* check if session id is the one stored in cache */
1031 if (src.len != sizeof (self->id))
1032 return PTLS_ERROR_SESSION_NOT_FOUND;
1033 if (memcmp (self->id, src.base, sizeof (self->id)) != 0)
1034 return PTLS_ERROR_SESSION_NOT_FOUND;
1036 /* return the cached value */
1037 if ((ret = ptls_buffer_reserve (dst, self->data.len)) != 0)
1039 memcpy (dst->base + dst->off, self->data.base, self->data.len);
1040 dst->off += self->data.len;
1047 static struct st_util_session_cache_t sc = {
1049 .cb = encrypt_ticket_cb,
1053 static ptls_context_t quic_tlsctx = {
1054 .random_bytes = ptls_openssl_random_bytes,
1055 .get_time = &ptls_get_time,
1056 .key_exchanges = ptls_openssl_key_exchanges,
1057 .cipher_suites = ptls_openssl_cipher_suites,
1063 .on_client_hello = NULL,
1064 .emit_certificate = NULL,
1065 .sign_certificate = NULL,
1066 .verify_certificate = NULL,
1067 .ticket_lifetime = 86400,
1068 .max_early_data_size = 8192,
1069 .hkdf_label_prefix__obsolete = NULL,
1070 .require_dhe_on_psk = 1,
1071 .encrypt_ticket = &sc.super,
1076 ptls_compare_separator_line (const char *line, const char *begin_or_end,
1079 int ret = strncmp (line, "-----", 5);
1080 size_t text_index = 5;
1084 size_t begin_or_end_length = strlen (begin_or_end);
1085 ret = strncmp (line + text_index, begin_or_end, begin_or_end_length);
1086 text_index += begin_or_end_length;
1091 ret = line[text_index] - ' ';
1097 size_t label_length = strlen (label);
1098 ret = strncmp (line + text_index, label, label_length);
1099 text_index += label_length;
1104 ret = strncmp (line + text_index, "-----", 5);
1111 ptls_get_bio_pem_object (BIO * bio, const char *label, ptls_buffer_t * buf)
1113 int ret = PTLS_ERROR_PEM_LABEL_NOT_FOUND;
1115 ptls_base64_decode_state_t state;
1117 /* Get the label on a line by itself */
1118 while (BIO_gets (bio, line, 256))
1120 if (ptls_compare_separator_line (line, "BEGIN", label) == 0)
1123 ptls_base64_decode_init (&state);
1127 /* Get the data in the buffer */
1128 while (ret == 0 && BIO_gets (bio, line, 256))
1130 if (ptls_compare_separator_line (line, "END", label) == 0)
1132 if (state.status == PTLS_BASE64_DECODE_DONE
1133 || (state.status == PTLS_BASE64_DECODE_IN_PROGRESS
1140 ret = PTLS_ERROR_INCORRECT_BASE64;
1146 ret = ptls_base64_decode (line, &state, buf);
1154 ptls_load_bio_pem_objects (BIO * bio, const char *label, ptls_iovec_t * list,
1155 size_t list_max, size_t * nb_objects)
1164 while (count < list_max)
1168 ptls_buffer_init (&buf, "", 0);
1170 ret = ptls_get_bio_pem_object (bio, label, &buf);
1174 if (buf.off > 0 && buf.is_allocated)
1176 list[count].base = buf.base;
1177 list[count].len = buf.off;
1182 ptls_buffer_dispose (&buf);
1187 ptls_buffer_dispose (&buf);
1193 if (ret == PTLS_ERROR_PEM_LABEL_NOT_FOUND && count > 0)
1198 *nb_objects = count;
1203 #define PTLS_MAX_CERTS_IN_CONTEXT 16
1206 ptls_load_bio_certificates (ptls_context_t * ctx, BIO * bio)
1210 ctx->certificates.list =
1211 (ptls_iovec_t *) malloc (PTLS_MAX_CERTS_IN_CONTEXT *
1212 sizeof (ptls_iovec_t));
1214 if (ctx->certificates.list == NULL)
1216 ret = PTLS_ERROR_NO_MEMORY;
1221 ptls_load_bio_pem_objects (bio, "CERTIFICATE", ctx->certificates.list,
1222 PTLS_MAX_CERTS_IN_CONTEXT,
1223 &ctx->certificates.count);
1230 load_bio_certificate_chain (ptls_context_t * ctx, const char *cert_data)
1233 cert_bio = BIO_new_mem_buf (cert_data, -1);
1234 if (ptls_load_bio_certificates (ctx, cert_bio) != 0)
1236 BIO_free (cert_bio);
1237 fprintf (stderr, "failed to load certificate:%s\n", strerror (errno));
1240 BIO_free (cert_bio);
1244 load_bio_private_key (ptls_context_t * ctx, const char *pk_data)
1246 static ptls_openssl_sign_certificate_t sc;
1250 key_bio = BIO_new_mem_buf (pk_data, -1);
1251 pkey = PEM_read_bio_PrivateKey (key_bio, NULL, NULL, NULL);
1256 fprintf (stderr, "failed to read private key from app configuration\n");
1260 ptls_openssl_init_sign_certificate (&sc, pkey);
1261 EVP_PKEY_free (pkey);
1263 ctx->sign_certificate = &sc.super;
1267 allocate_quicly_ctx (application_t * app, u8 is_client)
1274 quicly_context_t *quicly_ctx;
1275 ptls_iovec_t key_vec;
1276 QUIC_DBG (2, "Called allocate_quicly_ctx");
1278 if (app->quicly_ctx)
1280 QUIC_DBG (1, "Trying to reallocate quicly_ctx");
1284 ctx_data = malloc (sizeof (*ctx_data));
1285 quicly_ctx = &ctx_data->_;
1286 app->quicly_ctx = (u64 *) quicly_ctx;
1287 memcpy (quicly_ctx, &quicly_spec_context, sizeof (quicly_context_t));
1289 quicly_ctx->max_packet_size = QUIC_MAX_PACKET_SIZE;
1290 quicly_ctx->tls = &quic_tlsctx;
1291 quicly_ctx->stream_open = &on_stream_open;
1292 quicly_ctx->closed_by_peer = &on_closed_by_peer;
1293 quicly_ctx->now = &quicly_vpp_now_cb;
1295 quicly_amend_ptls_context (quicly_ctx->tls);
1297 quicly_ctx->event_log.mask = 0; /* logs */
1298 quicly_ctx->event_log.cb = quicly_new_default_event_logger (stderr);
1300 quicly_ctx->transport_params.max_data = QUIC_INT_MAX;
1301 quicly_ctx->transport_params.max_streams_uni = QUIC_INT_MAX;
1302 quicly_ctx->transport_params.max_streams_bidi = QUIC_INT_MAX;
1303 quicly_ctx->transport_params.max_stream_data.bidi_local = (QUIC_FIFO_SIZE - 1); /* max_enq is SIZE - 1 */
1304 quicly_ctx->transport_params.max_stream_data.bidi_remote = (QUIC_FIFO_SIZE - 1); /* max_enq is SIZE - 1 */
1305 quicly_ctx->transport_params.max_stream_data.uni = QUIC_INT_MAX;
1307 quicly_ctx->tls->random_bytes (ctx_data->cid_key, 16);
1308 ctx_data->cid_key[16] = 0;
1309 key_vec = ptls_iovec_init (ctx_data->cid_key, strlen (ctx_data->cid_key));
1310 quicly_ctx->cid_encryptor =
1311 quicly_new_default_cid_encryptor (&ptls_openssl_bfecb,
1312 &ptls_openssl_sha256, key_vec);
1313 if (!is_client && app->tls_key != NULL && app->tls_cert != NULL)
1315 load_bio_private_key (quicly_ctx->tls, (char *) app->tls_key);
1316 load_bio_certificate_chain (quicly_ctx->tls, (char *) app->tls_cert);
1320 /*****************************************************************************
1322 * BEGIN TRANSPORT PROTO FUNCTIONS
1324 *****************************************************************************/
1327 quic_connect_new_stream (session_endpoint_cfg_t * sep)
1329 uint64_t quic_session_handle;
1330 session_t *quic_session, *stream_session;
1331 quic_stream_data_t *stream_data;
1332 quicly_stream_t *stream;
1333 quicly_conn_t *conn;
1334 app_worker_t *app_wrk;
1335 quic_ctx_t *qctx, *sctx;
1339 /* Find base session to which the user want to attach a stream */
1340 quic_session_handle = sep->transport_opts;
1341 QUIC_DBG (2, "Opening new stream (qsession %u)", sep->transport_opts);
1342 quic_session = session_get_from_handle (quic_session_handle);
1344 if (quic_session->session_type !=
1345 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC, sep->is_ip4))
1347 QUIC_DBG (1, "received incompatible session");
1351 app_wrk = app_worker_get_if_valid (quic_session->app_wrk_index);
1354 QUIC_DBG (1, "Invalid app worker :(");
1358 sctx_index = quic_ctx_alloc (quic_session->thread_index); /* Allocate before we get pointers */
1359 sctx = quic_ctx_get (sctx_index, quic_session->thread_index);
1361 quic_ctx_get (quic_session->connection_index, quic_session->thread_index);
1362 if (quic_ctx_is_stream (qctx))
1364 QUIC_DBG (1, "session is a stream");
1365 quic_ctx_free (sctx);
1369 sctx->parent_app_wrk_id = qctx->parent_app_wrk_id;
1370 sctx->parent_app_id = qctx->parent_app_id;
1371 sctx->c_quic_ctx_id.quic_connection_ctx_id = qctx->c_c_index;
1372 sctx->c_c_index = sctx_index;
1373 sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1374 sctx->flags |= QUIC_F_IS_STREAM;
1376 conn = qctx->c_quic_ctx_id.conn;
1378 if (!conn || !quicly_connection_is_ready (conn))
1381 if ((rv = quicly_open_stream (conn, &stream, 0 /* uni */ )))
1383 QUIC_DBG (2, "Stream open failed with %d", rv);
1386 sctx->c_quic_ctx_id.stream = stream;
1388 QUIC_DBG (2, "Opened stream %d, creating session", stream->stream_id);
1390 stream_session = session_alloc (qctx->c_thread_index);
1391 QUIC_DBG (2, "Allocated stream_session 0x%lx ctx %u",
1392 session_handle (stream_session), sctx_index);
1393 stream_session->app_wrk_index = app_wrk->wrk_index;
1394 stream_session->connection_index = sctx_index;
1395 stream_session->listener_handle = quic_session_handle;
1396 stream_session->session_type =
1397 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
1398 qctx->c_quic_ctx_id.udp_is_ip4);
1400 sctx->c_s_index = stream_session->session_index;
1402 if (app_worker_init_connected (app_wrk, stream_session))
1404 QUIC_DBG (1, "failed to app_worker_init_connected");
1405 quicly_reset_stream (stream, QUIC_APP_ALLOCATION_ERROR);
1406 session_free_w_fifos (stream_session);
1407 quic_ctx_free (sctx);
1408 return app_worker_connect_notify (app_wrk, NULL, sep->opaque);
1411 svm_fifo_add_want_deq_ntf (stream_session->rx_fifo,
1412 SVM_FIFO_WANT_DEQ_NOTIF_IF_FULL |
1413 SVM_FIFO_WANT_DEQ_NOTIF_IF_EMPTY);
1415 stream_session->session_state = SESSION_STATE_READY;
1416 if (app_worker_connect_notify (app_wrk, stream_session, sep->opaque))
1418 QUIC_DBG (1, "failed to notify app");
1419 quicly_reset_stream (stream, QUIC_APP_CONNECT_NOTIFY_ERROR);
1420 session_free_w_fifos (stream_session);
1421 quic_ctx_free (sctx);
1424 stream_data = (quic_stream_data_t *) stream->data;
1425 stream_data->ctx_id = sctx->c_c_index;
1426 stream_data->thread_index = sctx->c_thread_index;
1427 stream_data->app_rx_data_len = 0;
1432 quic_connect_new_connection (session_endpoint_cfg_t * sep)
1434 vnet_connect_args_t _cargs = { {}, }, *cargs = &_cargs;
1435 quic_main_t *qm = &quic_main;
1437 app_worker_t *app_wrk;
1442 ctx_index = quic_ctx_alloc (vlib_get_thread_index ());
1443 ctx = quic_ctx_get (ctx_index, vlib_get_thread_index ());
1444 ctx->parent_app_wrk_id = sep->app_wrk_index;
1445 ctx->c_s_index = QUIC_SESSION_INVALID;
1446 ctx->c_c_index = ctx_index;
1447 ctx->c_quic_ctx_id.udp_is_ip4 = sep->is_ip4;
1448 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1449 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_HANDSHAKE;
1450 ctx->c_quic_ctx_id.client_opaque = sep->opaque;
1451 ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1454 ctx->c_quic_ctx_id.srv_hostname = format (0, "%v", sep->hostname);
1455 vec_terminate_c_string (ctx->c_quic_ctx_id.srv_hostname);
1459 /* needed by quic for crypto + determining client / server */
1460 ctx->c_quic_ctx_id.srv_hostname =
1461 format (0, "%U", format_ip46_address, &sep->ip, sep->is_ip4);
1464 clib_memcpy (&cargs->sep, sep, sizeof (session_endpoint_cfg_t));
1465 cargs->sep.transport_proto = TRANSPORT_PROTO_UDPC;
1466 cargs->app_index = qm->app_index;
1467 cargs->api_context = ctx_index;
1469 app_wrk = app_worker_get (sep->app_wrk_index);
1470 app = application_get (app_wrk->app_index);
1471 ctx->parent_app_id = app_wrk->app_index;
1472 cargs->sep_ext.ns_index = app->ns_index;
1474 allocate_quicly_ctx (app, 1 /* is client */ );
1476 if ((error = vnet_connect (cargs)))
1483 quic_connect (transport_endpoint_cfg_t * tep)
1485 QUIC_DBG (2, "Called quic_connect");
1486 session_endpoint_cfg_t *sep = (session_endpoint_cfg_t *) tep;
1487 sep = (session_endpoint_cfg_t *) tep;
1488 if (sep->transport_opts)
1489 return quic_connect_new_stream (sep);
1491 return quic_connect_new_connection (sep);
1495 quic_proto_on_close (u32 ctx_index, u32 thread_index)
1497 quic_ctx_t *ctx = quic_ctx_get (ctx_index, thread_index);
1499 session_t *stream_session =
1500 session_get (ctx->c_s_index, ctx->c_thread_index);
1501 clib_warning ("Closing session 0x%lx", session_handle (stream_session));
1503 if (quic_ctx_is_stream (ctx))
1505 quicly_stream_t *stream = ctx->c_quic_ctx_id.stream;
1506 quicly_reset_stream (stream, QUIC_APP_ERROR_CLOSE_NOTIFY);
1507 quic_send_packets (ctx);
1509 else if (ctx->c_quic_ctx_id.conn_state == QUIC_CONN_STATE_PASSIVE_CLOSING)
1510 quic_connection_closed (ctx->c_c_index, ctx->c_thread_index,
1511 0 /* notify_transport */ );
1514 quicly_conn_t *conn = ctx->c_quic_ctx_id.conn;
1515 /* Start connection closing. Keep sending packets until quicly_send
1516 returns QUICLY_ERROR_FREE_CONNECTION */
1517 quicly_close (conn, QUIC_APP_ERROR_CLOSE_NOTIFY, "Closed by peer");
1518 /* This also causes all streams to be closed (and the cb called) */
1519 quic_send_packets (ctx);
1524 quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep)
1526 vnet_listen_args_t _bargs, *args = &_bargs;
1527 quic_main_t *qm = &quic_main;
1528 session_handle_t udp_handle;
1529 session_endpoint_cfg_t *sep;
1530 session_t *udp_listen_session;
1531 app_worker_t *app_wrk;
1535 app_listener_t *app_listener;
1537 sep = (session_endpoint_cfg_t *) tep;
1538 app_wrk = app_worker_get (sep->app_wrk_index);
1539 /* We need to call this because we call app_worker_init_connected in
1540 * quic_accept_stream, which assumes the connect segment manager exists */
1541 app_worker_alloc_connects_segment_manager (app_wrk);
1542 app = application_get (app_wrk->app_index);
1543 QUIC_DBG (2, "Called quic_start_listen for app %d", app_wrk->app_index);
1545 allocate_quicly_ctx (app, 0 /* is_client */ );
1547 sep->transport_proto = TRANSPORT_PROTO_UDPC;
1548 memset (args, 0, sizeof (*args));
1549 args->app_index = qm->app_index;
1550 args->sep_ext = *sep;
1551 args->sep_ext.ns_index = app->ns_index;
1552 if (vnet_listen (args))
1555 lctx_index = quic_ctx_alloc (0);
1556 udp_handle = args->handle;
1557 app_listener = app_listener_get_w_handle (udp_handle);
1558 udp_listen_session = app_listener_get_session (app_listener);
1559 udp_listen_session->opaque = lctx_index;
1561 lctx = quic_ctx_get (lctx_index, 0);
1562 lctx->flags |= QUIC_F_IS_LISTENER;
1564 clib_memcpy (&lctx->c_rmt_ip, &args->sep.peer.ip, sizeof (ip46_address_t));
1565 clib_memcpy (&lctx->c_lcl_ip, &args->sep.ip, sizeof (ip46_address_t));
1566 lctx->c_rmt_port = args->sep.peer.port;
1567 lctx->c_lcl_port = args->sep.port;
1568 lctx->c_is_ip4 = args->sep.is_ip4;
1569 lctx->c_fib_index = args->sep.fib_index;
1570 lctx->c_proto = TRANSPORT_PROTO_QUIC;
1571 lctx->parent_app_wrk_id = sep->app_wrk_index;
1572 lctx->parent_app_id = app_wrk->app_index;
1573 lctx->udp_session_handle = udp_handle;
1574 lctx->c_s_index = quic_listen_session_index;
1576 QUIC_DBG (2, "Listening UDP session 0x%lx",
1577 session_handle (udp_listen_session));
1578 QUIC_DBG (2, "Listening QUIC session 0x%lx", quic_listen_session_index);
1583 quic_stop_listen (u32 lctx_index)
1585 QUIC_DBG (2, "Called quic_stop_listen");
1587 lctx = quic_ctx_get (lctx_index, 0);
1588 ASSERT (quic_ctx_is_listener (lctx));
1589 vnet_unlisten_args_t a = {
1590 .handle = lctx->udp_session_handle,
1591 .app_index = quic_main.app_index,
1592 .wrk_map_index = 0 /* default wrk */
1594 if (vnet_unlisten (&a))
1595 clib_warning ("unlisten errored");
1597 /* TODO: crypto state cleanup */
1599 quic_ctx_free (lctx);
1603 static transport_connection_t *
1604 quic_connection_get (u32 ctx_index, u32 thread_index)
1607 ctx = quic_ctx_get (ctx_index, thread_index);
1608 return &ctx->connection;
1611 static transport_connection_t *
1612 quic_listener_get (u32 listener_index)
1614 QUIC_DBG (2, "Called quic_listener_get");
1616 ctx = quic_ctx_get (listener_index, 0);
1617 return &ctx->connection;
1621 format_quic_ctx (u8 * s, va_list * args)
1623 quic_ctx_t *ctx = va_arg (*args, quic_ctx_t *);
1624 u32 verbose = va_arg (*args, u32);
1628 s = format (s, "[#%d][Q] ", ctx->c_thread_index);
1630 if (!quic_ctx_is_listener (ctx))
1632 s = format (s, "%s Session: ", quic_ctx_is_stream (ctx) ?
1635 s = format (s, "app %d wrk %d", ctx->parent_app_id,
1636 ctx->parent_app_wrk_id);
1641 s = format (s, "%U:%d->%U:%d", format_ip4_address, &ctx->c_lcl_ip4,
1642 clib_net_to_host_u16 (ctx->c_lcl_port),
1643 format_ip4_address, &ctx->c_rmt_ip4,
1644 clib_net_to_host_u16 (ctx->c_rmt_port));
1646 s = format (s, "%U:%d->%U:%d", format_ip6_address, &ctx->c_lcl_ip6,
1647 clib_net_to_host_u16 (ctx->c_lcl_port),
1648 format_ip6_address, &ctx->c_rmt_ip6,
1649 clib_net_to_host_u16 (ctx->c_rmt_port));
1655 format_quic_connection (u8 * s, va_list * args)
1657 u32 qc_index = va_arg (*args, u32);
1658 u32 thread_index = va_arg (*args, u32);
1659 u32 verbose = va_arg (*args, u32);
1660 quic_ctx_t *ctx = quic_ctx_get (qc_index, thread_index);
1662 s = format (s, "%-50U", format_quic_ctx, ctx, verbose);
1667 format_quic_half_open (u8 * s, va_list * args)
1669 u32 qc_index = va_arg (*args, u32);
1670 quic_ctx_t *ctx = quic_ctx_get (qc_index, vlib_get_thread_index ());
1671 s = format (s, "[QUIC] half-open app %u", ctx->parent_app_id);
1677 format_quic_listener (u8 * s, va_list * args)
1679 u32 tci = va_arg (*args, u32);
1680 u32 verbose = va_arg (*args, u32);
1681 quic_ctx_t *ctx = quic_ctx_get (tci, vlib_get_thread_index ());
1684 ASSERT (quic_ctx_is_listener (ctx));
1685 s = format (s, "%-50U", format_quic_ctx, ctx, verbose);
1690 /*****************************************************************************
1691 * END TRANSPORT PROTO FUNCTIONS
1693 * START SESSION CALLBACKS
1694 * Called from UDP layer
1695 *****************************************************************************/
1698 quic_build_sockaddr (struct sockaddr *sa, socklen_t * salen,
1699 ip46_address_t * addr, u16 port, u8 is_ip4)
1703 struct sockaddr_in *sa4 = (struct sockaddr_in *) sa;
1704 sa4->sin_family = AF_INET;
1705 sa4->sin_port = port;
1706 sa4->sin_addr.s_addr = addr->ip4.as_u32;
1707 *salen = sizeof (struct sockaddr_in);
1711 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) sa;
1712 sa6->sin6_family = AF_INET6;
1713 sa6->sin6_port = port;
1714 clib_memcpy (&sa6->sin6_addr, &addr->ip6, 16);
1715 *salen = sizeof (struct sockaddr_in6);
1720 quic_on_client_connected (quic_ctx_t * ctx)
1722 session_t *quic_session;
1723 app_worker_t *app_wrk;
1724 u32 ctx_id = ctx->c_c_index;
1725 u32 thread_index = ctx->c_thread_index;
1727 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1730 quic_disconnect_transport (ctx);
1734 quic_session = session_alloc (thread_index);
1736 QUIC_DBG (2, "Allocated quic session 0x%lx", session_handle (quic_session));
1737 ctx->c_s_index = quic_session->session_index;
1738 quic_session->app_wrk_index = ctx->parent_app_wrk_id;
1739 quic_session->connection_index = ctx->c_c_index;
1740 quic_session->listener_handle = SESSION_INVALID_HANDLE;
1741 quic_session->session_type =
1742 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
1743 ctx->c_quic_ctx_id.udp_is_ip4);
1745 if (app_worker_init_connected (app_wrk, quic_session))
1747 QUIC_DBG (1, "failed to app_worker_init_connected");
1748 quic_proto_on_close (ctx_id, thread_index);
1749 return app_worker_connect_notify (app_wrk, NULL,
1750 ctx->c_quic_ctx_id.client_opaque);
1753 quic_session->session_state = SESSION_STATE_CONNECTING;
1754 if (app_worker_connect_notify
1755 (app_wrk, quic_session, ctx->c_quic_ctx_id.client_opaque))
1757 QUIC_DBG (1, "failed to notify app");
1758 quic_proto_on_close (ctx_id, thread_index);
1762 /* If the app opens a stream in its callback it may invalidate ctx */
1763 ctx = quic_ctx_get (ctx_id, thread_index);
1764 quic_session->session_state = SESSION_STATE_LISTENING;
1770 quic_receive_connection (void *arg)
1772 u32 new_ctx_id, thread_index = vlib_get_thread_index ();
1773 quic_ctx_t *temp_ctx, *new_ctx;
1774 clib_bihash_kv_16_8_t kv;
1775 quicly_conn_t *conn;
1778 new_ctx_id = quic_ctx_alloc (thread_index);
1779 new_ctx = quic_ctx_get (new_ctx_id, thread_index);
1781 QUIC_DBG (2, "Received conn %u (now %u)", temp_ctx->c_thread_index,
1785 memcpy (new_ctx, temp_ctx, sizeof (quic_ctx_t));
1788 new_ctx->c_thread_index = thread_index;
1789 new_ctx->c_c_index = new_ctx_id;
1791 conn = new_ctx->c_quic_ctx_id.conn;
1792 quic_store_conn_ctx (conn, new_ctx);
1793 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1794 kv.value = ((u64) thread_index) << 32 | (u64) new_ctx_id;
1795 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
1796 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
1797 new_ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1798 quic_update_timer (new_ctx);
1800 /* Trigger read on this connection ? */
1804 quic_transfer_connection (u32 ctx_index, u32 dest_thread)
1806 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
1807 quic_ctx_t *ctx, *temp_ctx;
1808 clib_bihash_kv_16_8_t kv;
1809 quicly_conn_t *conn;
1810 u32 thread_index = vlib_get_thread_index ();
1812 QUIC_DBG (2, "Transferring conn %u to thread %u", ctx_index, dest_thread);
1814 temp_ctx = malloc (sizeof (quic_ctx_t));
1816 ctx = quic_ctx_get (ctx_index, thread_index);
1818 memcpy (temp_ctx, ctx, sizeof (quic_ctx_t));
1820 /* Remove from lookup hash, timer wheel and thread-local pool */
1821 conn = ctx->c_quic_ctx_id.conn;
1822 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1823 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 0 /* is_add */ );
1824 if (ctx->timer_handle != QUIC_TIMER_HANDLE_INVALID)
1826 tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
1827 tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
1829 quic_ctx_free (ctx);
1831 /* Send connection to destination thread */
1832 session_send_rpc_evt_to_thread (dest_thread, quic_receive_connection,
1837 quic_transfer_connection_rpc (void *arg)
1839 u64 arg_int = (u64) arg;
1840 u32 ctx_index, dest_thread;
1842 ctx_index = (u32) (arg_int >> 32);
1843 dest_thread = (u32) (arg_int & UINT32_MAX);
1844 quic_transfer_connection (ctx_index, dest_thread);
1848 * This assumes that the connection is not yet associated to a session
1849 * So currently it only works on the client side when receiving the first packet
1853 quic_move_connection_to_thread (u32 ctx_index, u32 owner_thread,
1856 QUIC_DBG (2, "Requesting transfer of conn %u from thread %u", ctx_index,
1858 u64 arg = ((u64) ctx_index) << 32 | to_thread;
1859 session_send_rpc_evt_to_thread (owner_thread, quic_transfer_connection_rpc,
1864 quic_session_connected_callback (u32 quic_app_index, u32 ctx_index,
1865 session_t * udp_session, u8 is_fail)
1867 QUIC_DBG (2, "QSession is now connected (id %u)",
1868 udp_session->session_index);
1869 /* This should always be called before quic_connect returns since UDP always
1870 * connects instantly. */
1871 clib_bihash_kv_16_8_t kv;
1872 struct sockaddr_in6 sa6;
1873 struct sockaddr *sa = (struct sockaddr *) &sa6;
1875 transport_connection_t *tc;
1876 app_worker_t *app_wrk;
1877 quicly_conn_t *conn;
1880 u32 thread_index = vlib_get_thread_index ();
1883 ctx = quic_ctx_get (ctx_index, thread_index);
1889 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1892 api_context = ctx->c_s_index;
1893 app_worker_connect_notify (app_wrk, 0, api_context);
1898 app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1901 QUIC_DBG (1, "Appwrk not found");
1904 app = application_get (app_wrk->app_index);
1906 ctx->c_thread_index = thread_index;
1907 ctx->c_c_index = ctx_index;
1909 QUIC_DBG (2, "Quic connect returned %u. New ctx [%u]%x",
1910 is_fail, thread_index, (ctx) ? ctx_index : ~0);
1912 ctx->udp_session_handle = session_handle (udp_session);
1913 udp_session->opaque = ctx->parent_app_id;
1914 udp_session->session_state = SESSION_STATE_READY;
1916 /* Init QUIC lib connection
1917 * Generate required sockaddr & salen */
1918 tc = session_get_transport (udp_session);
1919 quic_build_sockaddr (sa, &salen, &tc->rmt_ip, tc->rmt_port, tc->is_ip4);
1922 quicly_connect (&ctx->c_quic_ctx_id.conn,
1923 (quicly_context_t *) app->quicly_ctx,
1924 (char *) ctx->c_quic_ctx_id.srv_hostname, sa, salen,
1925 &quic_main.next_cid, &quic_main.hs_properties, NULL);
1926 ++quic_main.next_cid.master_id;
1927 /* Save context handle in quicly connection */
1928 quic_store_conn_ctx (ctx->c_quic_ctx_id.conn, ctx);
1931 /* Register connection in connections map */
1932 conn = ctx->c_quic_ctx_id.conn;
1933 quic_make_connection_key (&kv, quicly_get_master_id (conn));
1934 kv.value = ((u64) thread_index) << 32 | (u64) ctx_index;
1935 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
1936 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
1938 quic_send_packets (ctx);
1940 /* UDP stack quirk? preemptively transfer connection if that happens */
1941 if (udp_session->thread_index != thread_index)
1942 quic_transfer_connection (ctx_index, udp_session->thread_index);
1948 quic_session_disconnect_callback (session_t * s)
1950 clib_warning ("UDP session disconnected???");
1954 quic_session_reset_callback (session_t * s)
1956 clib_warning ("UDP session reset???");
1960 quic_session_accepted_callback (session_t * udp_session)
1962 /* New UDP connection, try to accept it */
1965 quic_ctx_t *ctx, *lctx;
1966 session_t *udp_listen_session;
1967 u32 thread_index = vlib_get_thread_index ();
1969 udp_listen_session =
1970 listen_session_get_from_handle (udp_session->listener_handle);
1972 ctx_index = quic_ctx_alloc (thread_index);
1973 ctx = quic_ctx_get (ctx_index, thread_index);
1974 ctx->c_thread_index = udp_session->thread_index;
1975 ctx->c_c_index = ctx_index;
1976 ctx->c_s_index = QUIC_SESSION_INVALID;
1977 ctx->udp_session_handle = session_handle (udp_session);
1978 QUIC_DBG (2, "ACCEPTED UDP 0x%lx", ctx->udp_session_handle);
1979 ctx->c_quic_ctx_id.listener_ctx_id = udp_listen_session->opaque;
1980 lctx = quic_ctx_get (udp_listen_session->opaque,
1981 udp_listen_session->thread_index);
1982 ctx->c_quic_ctx_id.udp_is_ip4 = lctx->c_is_ip4;
1983 ctx->parent_app_id = lctx->parent_app_id;
1984 ctx->parent_app_wrk_id = lctx->parent_app_wrk_id;
1985 ctx->timer_handle = QUIC_TIMER_HANDLE_INVALID;
1986 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_OPENED;
1987 ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1989 udp_session->opaque = ctx->parent_app_id;
1991 /* Put this ctx in the "opening" pool */
1992 pool_get (quic_main.wrk_ctx[ctx->c_thread_index].opening_ctx_pool,
1994 *pool_index = ctx_index;
1996 /* TODO timeout to delete these if they never connect */
2001 quic_add_segment_callback (u32 client_index, u64 seg_handle)
2003 QUIC_DBG (2, "Called quic_add_segment_callback");
2004 QUIC_DBG (2, "NOT IMPLEMENTED");
2005 /* No-op for builtin */
2010 quic_del_segment_callback (u32 client_index, u64 seg_handle)
2012 QUIC_DBG (2, "Called quic_del_segment_callback");
2013 QUIC_DBG (2, "NOT IMPLEMENTED");
2014 /* No-op for builtin */
2020 quic_custom_app_rx_callback (transport_connection_t * tc)
2023 session_t *stream_session = session_get (tc->s_index, tc->thread_index);
2024 QUIC_DBG (3, "Received app READ notification");
2025 quic_ack_rx_data (stream_session);
2026 svm_fifo_reset_has_deq_ntf (stream_session->rx_fifo);
2028 /* Need to send packets (acks may never be sent otherwise) */
2029 ctx = quic_ctx_get (stream_session->connection_index,
2030 stream_session->thread_index);
2031 quic_send_packets (ctx);
2036 quic_custom_tx_callback (void *s)
2038 session_t *stream_session = (session_t *) s;
2039 quicly_stream_t *stream;
2044 (stream_session->session_state >= SESSION_STATE_TRANSPORT_CLOSING))
2047 quic_ctx_get (stream_session->connection_index,
2048 stream_session->thread_index);
2049 if (PREDICT_FALSE (!quic_ctx_is_stream (ctx)))
2051 goto tx_end; /* Most probably a reschedule */
2054 QUIC_DBG (3, "Stream TX event");
2055 quic_ack_rx_data (stream_session);
2056 if (!svm_fifo_max_dequeue (stream_session->tx_fifo))
2059 stream = ctx->c_quic_ctx_id.stream;
2060 if (!quicly_sendstate_is_open (&stream->sendstate))
2062 QUIC_DBG (1, "Warning: tried to send on closed stream");
2066 if ((rv = quicly_stream_sync_sendbuf (stream, 1)) != 0)
2070 quic_send_packets (ctx);
2076 * Returns 0 if a matching connection is found and is on the right thread.
2077 * If a connection is found, even on the wrong thread, ctx_thread and ctx_index
2081 quic_find_packet_ctx (u32 * ctx_thread, u32 * ctx_index,
2082 struct sockaddr *sa, socklen_t salen,
2083 quicly_decoded_packet_t * packet,
2084 u32 caller_thread_index)
2087 quicly_conn_t *conn_;
2088 clib_bihash_kv_16_8_t kv;
2089 clib_bihash_16_8_t *h;
2091 h = &quic_main.connection_hash;
2092 quic_make_connection_key (&kv, &packet->cid.dest.plaintext);
2093 QUIC_DBG (3, "Searching conn with id %lu %lu", kv.key[0], kv.key[1]);
2095 if (clib_bihash_search_16_8 (h, &kv, &kv) == 0)
2097 u32 index = kv.value & UINT32_MAX;
2098 u8 thread_id = kv.value >> 32;
2099 /* Check if this connection belongs to this thread, otherwise
2100 * ask for it to be moved */
2101 if (thread_id != caller_thread_index)
2103 QUIC_DBG (2, "Connection is on wrong thread");
2104 /* Cannot make full check with quicly_is_destination... */
2106 *ctx_thread = thread_id;
2109 ctx_ = quic_ctx_get (index, vlib_get_thread_index ());
2110 conn_ = ctx_->c_quic_ctx_id.conn;
2111 if (conn_ && quicly_is_destination (conn_, sa, salen, packet))
2113 QUIC_DBG (3, "Connection found");
2115 *ctx_thread = thread_id;
2119 QUIC_DBG (3, "connection not found");
2124 quic_receive (quic_ctx_t * ctx, quicly_conn_t * conn,
2125 quicly_decoded_packet_t packet)
2128 u32 ctx_id = ctx->c_c_index;
2129 u32 thread_index = ctx->c_thread_index;
2130 /* TODO : QUICLY_ERROR_PACKET_IGNORED sould be handled */
2131 rv = quicly_receive (conn, &packet);
2134 QUIC_DBG (2, "quicly_receive errored %U", quic_format_err, rv);
2137 /* ctx pointer may change if a new stream is opened */
2138 ctx = quic_ctx_get (ctx_id, thread_index);
2139 /* Conn may be set to null if the connection is terminated */
2140 if (ctx->c_quic_ctx_id.conn
2141 && ctx->c_quic_ctx_id.conn_state == QUIC_CONN_STATE_HANDSHAKE)
2143 if (quicly_connection_is_ready (conn))
2145 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_READY;
2146 if (quicly_is_client (conn))
2148 quic_on_client_connected (ctx);
2149 ctx = quic_ctx_get (ctx_id, thread_index);
2153 return quic_send_packets (ctx);
2157 quic_create_quic_session (quic_ctx_t * ctx)
2159 session_t *quic_session;
2160 app_worker_t *app_wrk;
2164 quic_session = session_alloc (ctx->c_thread_index);
2165 QUIC_DBG (2, "Allocated quic_session, 0x%lx ctx %u",
2166 session_handle (quic_session), ctx->c_c_index);
2167 quic_session->session_state = SESSION_STATE_LISTENING;
2168 ctx->c_s_index = quic_session->session_index;
2170 lctx = quic_ctx_get (ctx->c_quic_ctx_id.listener_ctx_id, 0);
2172 quic_session->app_wrk_index = lctx->parent_app_wrk_id;
2173 quic_session->connection_index = ctx->c_c_index;
2174 quic_session->session_type =
2175 session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC,
2176 ctx->c_quic_ctx_id.udp_is_ip4);
2177 quic_session->listener_handle = lctx->c_s_index;
2179 /* TODO: don't alloc fifos when we don't transfer data on this session
2180 * but we still need fifos for the events? */
2181 if ((rv = app_worker_init_accepted (quic_session)))
2183 QUIC_DBG (1, "failed to allocate fifos");
2184 session_free (quic_session);
2187 app_wrk = app_worker_get (quic_session->app_wrk_index);
2188 rv = app_worker_accept_notify (app_wrk, quic_session);
2191 QUIC_DBG (1, "failed to notify accept worker app");
2198 quic_create_connection (quicly_context_t * quicly_ctx,
2199 u32 ctx_index, struct sockaddr *sa,
2200 socklen_t salen, quicly_decoded_packet_t packet)
2202 clib_bihash_kv_16_8_t kv;
2204 quicly_conn_t *conn;
2205 u32 thread_index = vlib_get_thread_index ();
2208 /* new connection, accept and create context if packet is valid
2209 * TODO: check if socket is actually listening? */
2210 if ((rv = quicly_accept (&conn, quicly_ctx, sa, salen,
2211 &packet, ptls_iovec_init (NULL, 0),
2212 &quic_main.next_cid, NULL)))
2214 /* Invalid packet, pass */
2215 assert (conn == NULL);
2216 QUIC_DBG (1, "Accept failed with %d", rv);
2217 /* TODO: cleanup created quic ctx and UDP session */
2220 assert (conn != NULL);
2222 ++quic_main.next_cid.master_id;
2223 ctx = quic_ctx_get (ctx_index, thread_index);
2224 /* Save ctx handle in quicly connection */
2225 quic_store_conn_ctx (conn, ctx);
2226 ctx->c_quic_ctx_id.conn = conn;
2227 ctx->c_quic_ctx_id.conn_state = QUIC_CONN_STATE_HANDSHAKE;
2229 quic_create_quic_session (ctx);
2231 /* Register connection in connections map */
2232 quic_make_connection_key (&kv, quicly_get_master_id (conn));
2233 kv.value = ((u64) thread_index) << 32 | (u64) ctx_index;
2234 clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
2235 QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
2237 return quic_send_packets (ctx);
2241 quic_reset_connection (quicly_context_t * quicly_ctx, u64 udp_session_handle,
2242 struct sockaddr *sa, socklen_t salen,
2243 quicly_decoded_packet_t packet)
2245 /* short header packet; potentially a dead connection. No need to check the
2246 * length of the incoming packet, because loop is prevented by authenticating
2247 * the CID (by checking node_id and thread_id). If the peer is also sending a
2248 * reset, then the next CID is highly likely to contain a non-authenticating
2250 QUIC_DBG (2, "Sending stateless reset");
2252 quicly_datagram_t *dgram;
2253 session_t *udp_session;
2254 if (packet.cid.dest.plaintext.node_id == 0
2255 && packet.cid.dest.plaintext.thread_id == 0)
2257 dgram = quicly_send_stateless_reset (quicly_ctx, sa, salen,
2258 &packet.cid.dest.plaintext);
2261 udp_session = session_get_from_handle (udp_session_handle);
2262 rv = quic_send_datagram (udp_session, dgram);
2263 if (svm_fifo_set_event (udp_session->tx_fifo))
2264 session_send_io_evt_to_thread (udp_session->tx_fifo,
2272 quic_app_rx_callback (session_t * udp_session)
2274 /* Read data from UDP rx_fifo and pass it to the quicly conn. */
2275 quicly_decoded_packet_t packet;
2276 session_dgram_hdr_t ph;
2278 quic_ctx_t *ctx = NULL;
2281 struct sockaddr_in6 sa6;
2282 struct sockaddr *sa = (struct sockaddr *) &sa6;
2284 u32 max_deq, full_len, ctx_index = UINT32_MAX, ctx_thread = UINT32_MAX, ret;
2287 u32 *opening_ctx_pool, *ctx_index_ptr;
2288 u32 app_index = udp_session->opaque;
2289 u64 udp_session_handle = session_handle (udp_session);
2291 u32 thread_index = vlib_get_thread_index ();
2292 app = application_get_if_valid (app_index);
2295 QUIC_DBG (1, "Got RX on detached app");
2296 /* TODO: close this session, cleanup state? */
2302 udp_session = session_get_from_handle (udp_session_handle); /* session alloc might have happened */
2303 f = udp_session->rx_fifo;
2304 max_deq = svm_fifo_max_dequeue (f);
2308 if (max_deq < SESSION_CONN_HDR_LEN)
2310 QUIC_DBG (1, "Not enough data for even a header in RX");
2313 ret = svm_fifo_peek (f, 0, SESSION_CONN_HDR_LEN, (u8 *) & ph);
2314 if (ret != SESSION_CONN_HDR_LEN)
2316 QUIC_DBG (1, "Not enough data for header in RX");
2319 ASSERT (ph.data_offset == 0);
2320 full_len = ph.data_length + SESSION_CONN_HDR_LEN;
2321 if (full_len > max_deq)
2323 QUIC_DBG (1, "Not enough data in fifo RX");
2327 /* Quicly can read len bytes from the fifo at offset:
2328 * ph.data_offset + SESSION_CONN_HDR_LEN */
2329 data = malloc (ph.data_length);
2330 ret = svm_fifo_peek (f, SESSION_CONN_HDR_LEN, ph.data_length, data);
2331 if (ret != ph.data_length)
2333 QUIC_DBG (1, "Not enough data peeked in RX");
2339 quic_build_sockaddr (sa, &salen, &ph.rmt_ip, ph.rmt_port, ph.is_ip4);
2340 plen = quicly_decode_packet ((quicly_context_t *) app->quicly_ctx,
2341 &packet, data, ph.data_length);
2343 if (plen != SIZE_MAX)
2346 err = quic_find_packet_ctx (&ctx_thread, &ctx_index, sa, salen,
2347 &packet, thread_index);
2350 ctx = quic_ctx_get (ctx_index, thread_index);
2351 quic_receive (ctx, ctx->c_quic_ctx_id.conn, packet);
2353 else if (ctx_thread != UINT32_MAX)
2355 /* Connection found but on wrong thread, ask move */
2356 quic_move_connection_to_thread (ctx_index, ctx_thread,
2359 else if ((packet.octets.base[0] & QUICLY_PACKET_TYPE_BITMASK) ==
2360 QUICLY_PACKET_TYPE_INITIAL)
2362 /* Try to find matching "opening" ctx */
2364 quic_main.wrk_ctx[thread_index].opening_ctx_pool;
2367 pool_foreach (ctx_index_ptr, opening_ctx_pool,
2369 ctx = quic_ctx_get (*ctx_index_ptr, thread_index);
2370 if (ctx->udp_session_handle == udp_session_handle)
2372 /* Right ctx found, create conn & remove from pool */
2373 quic_create_connection ((quicly_context_t *) app->quicly_ctx,
2374 *ctx_index_ptr, sa, salen, packet);
2375 pool_put (opening_ctx_pool, ctx_index_ptr);
2376 goto ctx_search_done;
2384 quic_reset_connection ((quicly_context_t *) app->quicly_ctx,
2385 udp_session_handle, sa, salen, packet);
2389 svm_fifo_dequeue_drop (f, full_len);
2397 quic_common_get_transport_endpoint (quic_ctx_t * ctx,
2398 transport_endpoint_t * tep, u8 is_lcl)
2400 session_t *udp_session;
2401 if (!quic_ctx_is_stream (ctx))
2403 udp_session = session_get_from_handle (ctx->udp_session_handle);
2404 session_get_endpoint (udp_session, tep, is_lcl);
2409 quic_get_transport_listener_endpoint (u32 listener_index,
2410 transport_endpoint_t * tep, u8 is_lcl)
2413 app_listener_t *app_listener;
2414 session_t *udp_listen_session;
2415 ctx = quic_ctx_get (listener_index, vlib_get_thread_index ());
2416 if (quic_ctx_is_listener (ctx))
2418 app_listener = app_listener_get_w_handle (ctx->udp_session_handle);
2419 udp_listen_session = app_listener_get_session (app_listener);
2420 return session_get_endpoint (udp_listen_session, tep, is_lcl);
2422 quic_common_get_transport_endpoint (ctx, tep, is_lcl);
2426 quic_get_transport_endpoint (u32 ctx_index, u32 thread_index,
2427 transport_endpoint_t * tep, u8 is_lcl)
2430 ctx = quic_ctx_get (ctx_index, thread_index);
2431 quic_common_get_transport_endpoint (ctx, tep, is_lcl);
2434 /*****************************************************************************
2435 * END TRANSPORT PROTO FUNCTIONS
2436 *****************************************************************************/
2439 static session_cb_vft_t quic_app_cb_vft = {
2440 .session_accept_callback = quic_session_accepted_callback,
2441 .session_disconnect_callback = quic_session_disconnect_callback,
2442 .session_connected_callback = quic_session_connected_callback,
2443 .session_reset_callback = quic_session_reset_callback,
2444 .add_segment_callback = quic_add_segment_callback,
2445 .del_segment_callback = quic_del_segment_callback,
2446 .builtin_app_rx_callback = quic_app_rx_callback,
2449 static const transport_proto_vft_t quic_proto = {
2450 .connect = quic_connect,
2451 .close = quic_proto_on_close,
2452 .start_listen = quic_start_listen,
2453 .stop_listen = quic_stop_listen,
2454 .get_connection = quic_connection_get,
2455 .get_listener = quic_listener_get,
2456 .update_time = quic_update_time,
2457 .app_rx_evt = quic_custom_app_rx_callback,
2458 .custom_tx = quic_custom_tx_callback,
2459 .format_connection = format_quic_connection,
2460 .format_half_open = format_quic_half_open,
2461 .format_listener = format_quic_listener,
2462 .get_transport_endpoint = quic_get_transport_endpoint,
2463 .get_transport_listener_endpoint = quic_get_transport_listener_endpoint,
2464 .transport_options = {
2465 .tx_type = TRANSPORT_TX_INTERNAL,
2466 .service_type = TRANSPORT_SERVICE_APP,
2471 static clib_error_t *
2472 quic_init (vlib_main_t * vm)
2474 u32 add_segment_size = (4096ULL << 20) - 1, segment_size = 512 << 20;
2475 vlib_thread_main_t *vtm = vlib_get_thread_main ();
2476 tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
2477 vnet_app_attach_args_t _a, *a = &_a;
2478 u64 options[APP_OPTIONS_N_OPTIONS];
2479 quic_main_t *qm = &quic_main;
2480 u32 fifo_size = QUIC_FIFO_SIZE;
2483 num_threads = 1 /* main thread */ + vtm->n_threads;
2485 memset (a, 0, sizeof (*a));
2486 memset (options, 0, sizeof (options));
2488 a->session_cb_vft = &quic_app_cb_vft;
2489 a->api_client_index = APP_INVALID_INDEX;
2490 a->options = options;
2491 a->name = format (0, "quic");
2492 a->options[APP_OPTIONS_SEGMENT_SIZE] = segment_size;
2493 a->options[APP_OPTIONS_ADD_SEGMENT_SIZE] = add_segment_size;
2494 a->options[APP_OPTIONS_RX_FIFO_SIZE] = fifo_size;
2495 a->options[APP_OPTIONS_TX_FIFO_SIZE] = fifo_size;
2496 a->options[APP_OPTIONS_FLAGS] = APP_OPTIONS_FLAGS_IS_BUILTIN;
2497 a->options[APP_OPTIONS_FLAGS] |= APP_OPTIONS_FLAGS_USE_GLOBAL_SCOPE;
2498 a->options[APP_OPTIONS_FLAGS] |= APP_OPTIONS_FLAGS_IS_TRANSPORT_APP;
2500 if (vnet_application_attach (a))
2502 clib_warning ("failed to attach quic app");
2503 return clib_error_return (0, "failed to attach quic app");
2506 vec_validate (qm->ctx_pool, num_threads - 1);
2507 vec_validate (qm->wrk_ctx, num_threads - 1);
2508 /* Timer wheels, one per thread. */
2509 for (i = 0; i < num_threads; i++)
2511 tw = &qm->wrk_ctx[i].timer_wheel;
2512 tw_timer_wheel_init_1t_3w_1024sl_ov (tw, quic_expired_timers_dispatch,
2513 1e-3 /* timer period 1ms */ , ~0);
2514 tw->last_run_time = vlib_time_now (vlib_get_main ());
2517 clib_bihash_init_16_8 (&qm->connection_hash, "quic connections", 1024,
2521 qm->app_index = a->app_index;
2522 qm->tstamp_ticks_per_clock = vm->clib_time.seconds_per_clock
2523 / QUIC_TSTAMP_RESOLUTION;
2525 transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
2526 FIB_PROTOCOL_IP4, ~0);
2527 transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
2528 FIB_PROTOCOL_IP6, ~0);
2534 VLIB_INIT_FUNCTION (quic_init);
2537 VLIB_PLUGIN_REGISTER () =
2539 .version = VPP_BUILD_VER,
2540 .description = "Quic transport protocol",
2545 * fd.io coding-style-patch-verification: ON
2548 * eval: (c-set-style "gnu")