github.com/tumi8/quic-go@v0.37.4-tum/connection.go (about) 1 package quic 2 3 import ( 4 "bytes" 5 "context" 6 "crypto/tls" 7 "errors" 8 "fmt" 9 "io" 10 "net" 11 "reflect" 12 "sync" 13 "sync/atomic" 14 "time" 15 16 "github.com/tumi8/quic-go/noninternal/ackhandler" 17 "github.com/tumi8/quic-go/noninternal/flowcontrol" 18 "github.com/tumi8/quic-go/noninternal/handshake" 19 "github.com/tumi8/quic-go/noninternal/logutils" 20 "github.com/tumi8/quic-go/noninternal/protocol" 21 "github.com/tumi8/quic-go/noninternal/qerr" 22 "github.com/tumi8/quic-go/noninternal/utils" 23 "github.com/tumi8/quic-go/noninternal/wire" 24 "github.com/tumi8/quic-go/logging" 25 ) 26 27 type unpacker interface { 28 UnpackLongHeader(hdr *wire.Header, rcvTime time.Time, data []byte, v protocol.VersionNumber) (*unpackedPacket, error) 29 UnpackShortHeader(rcvTime time.Time, data []byte) (protocol.PacketNumber, protocol.PacketNumberLen, protocol.KeyPhaseBit, []byte, error) 30 } 31 32 type streamGetter interface { 33 GetOrOpenReceiveStream(protocol.StreamID) (receiveStreamI, error) 34 GetOrOpenSendStream(protocol.StreamID) (sendStreamI, error) 35 } 36 37 type streamManager interface { 38 GetOrOpenSendStream(protocol.StreamID) (sendStreamI, error) 39 GetOrOpenReceiveStream(protocol.StreamID) (receiveStreamI, error) 40 OpenStream() (Stream, error) 41 OpenUniStream() (SendStream, error) 42 OpenStreamSync(context.Context) (Stream, error) 43 OpenUniStreamSync(context.Context) (SendStream, error) 44 AcceptStream(context.Context) (Stream, error) 45 AcceptUniStream(context.Context) (ReceiveStream, error) 46 DeleteStream(protocol.StreamID) error 47 UpdateLimits(*wire.TransportParameters) 48 HandleMaxStreamsFrame(*wire.MaxStreamsFrame) 49 CloseWithError(error) 50 ResetFor0RTT() 51 UseResetMaps() 52 } 53 54 type cryptoStreamHandler interface { 55 StartHandshake() error 56 ChangeConnectionID(protocol.ConnectionID) 57 SetLargest1RTTAcked(protocol.PacketNumber) error 58 SetHandshakeConfirmed() 59 GetSessionTicket() ([]byte, error) 60 NextEvent() handshake.Event 61 DiscardInitialKeys() 62 io.Closer 63 ConnectionState() handshake.ConnectionState 64 } 65 66 type receivedPacket struct { 67 buffer *packetBuffer 68 69 remoteAddr net.Addr 70 rcvTime time.Time 71 data []byte 72 73 ecn protocol.ECN 74 75 info packetInfo // only valid if the contained IP address is valid 76 } 77 78 func (p *receivedPacket) Size() protocol.ByteCount { return protocol.ByteCount(len(p.data)) } 79 80 func (p *receivedPacket) Clone() *receivedPacket { 81 return &receivedPacket{ 82 remoteAddr: p.remoteAddr, 83 rcvTime: p.rcvTime, 84 data: p.data, 85 buffer: p.buffer, 86 ecn: p.ecn, 87 info: p.info, 88 } 89 } 90 91 type connRunner interface { 92 Add(protocol.ConnectionID, packetHandler) bool 93 GetStatelessResetToken(protocol.ConnectionID) protocol.StatelessResetToken 94 Retire(protocol.ConnectionID) 95 Remove(protocol.ConnectionID) 96 ReplaceWithClosed([]protocol.ConnectionID, protocol.Perspective, []byte) 97 AddResetToken(protocol.StatelessResetToken, packetHandler) 98 RemoveResetToken(protocol.StatelessResetToken) 99 } 100 101 type closeError struct { 102 err error 103 remote bool 104 immediate bool 105 } 106 107 type errCloseForRecreating struct { 108 nextPacketNumber protocol.PacketNumber 109 nextVersion protocol.VersionNumber 110 } 111 112 func (e *errCloseForRecreating) Error() string { 113 return "closing connection in order to recreate it" 114 } 115 116 var connTracingID uint64 // to be accessed atomically 117 func nextConnTracingID() uint64 { return atomic.AddUint64(&connTracingID, 1) } 118 119 // A Connection is a QUIC connection 120 type connection struct { 121 // Destination connection ID used during the handshake. 122 // Used to check source connection ID on incoming packets. 123 handshakeDestConnID protocol.ConnectionID 124 // Set for the client. Destination connection ID used on the first Initial sent. 125 origDestConnID protocol.ConnectionID 126 retrySrcConnID *protocol.ConnectionID // only set for the client (and if a Retry was performed) 127 128 srcConnIDLen int 129 130 perspective protocol.Perspective 131 version protocol.VersionNumber 132 config *Config 133 134 conn sendConn 135 sendQueue sender 136 137 streamsMap streamManager 138 connIDManager *connIDManager 139 connIDGenerator *connIDGenerator 140 141 rttStats *utils.RTTStats 142 143 cryptoStreamManager *cryptoStreamManager 144 sentPacketHandler ackhandler.SentPacketHandler 145 receivedPacketHandler ackhandler.ReceivedPacketHandler 146 retransmissionQueue *retransmissionQueue 147 framer framer 148 windowUpdateQueue *windowUpdateQueue 149 connFlowController flowcontrol.ConnectionFlowController 150 tokenStoreKey string // only set for the client 151 tokenGenerator *handshake.TokenGenerator // only set for the server 152 153 unpacker unpacker 154 frameParser wire.FrameParser 155 packer packer 156 mtuDiscoverer mtuDiscoverer // initialized when the handshake completes 157 158 initialStream cryptoStream 159 handshakeStream cryptoStream 160 oneRTTStream cryptoStream // only set for the server 161 cryptoStreamHandler cryptoStreamHandler 162 163 receivedPackets chan receivedPacket 164 sendingScheduled chan struct{} 165 166 closeOnce sync.Once 167 // closeChan is used to notify the run loop that it should terminate 168 closeChan chan closeError 169 170 ctx context.Context 171 ctxCancel context.CancelCauseFunc 172 handshakeCtx context.Context 173 handshakeCtxCancel context.CancelFunc 174 175 undecryptablePackets []receivedPacket // undecryptable packets, waiting for a change in encryption level 176 undecryptablePacketsToProcess []receivedPacket 177 178 earlyConnReadyChan chan struct{} 179 sentFirstPacket bool 180 handshakeComplete bool 181 handshakeConfirmed bool 182 183 ReceivedRetry bool 184 versionNegotiated bool 185 receivedFirstPacket bool 186 187 // the minimum of the max_idle_timeout values advertised by both endpoints 188 idleTimeout time.Duration 189 creationTime time.Time 190 // The idle timeout is set based on the max of the time we received the last packet... 191 lastPacketReceivedTime time.Time 192 // ... and the time we sent a new ack-eliciting packet after receiving a packet. 193 firstAckElicitingPacketAfterIdleSentTime time.Time 194 // pacingDeadline is the time when the next packet should be sent 195 pacingDeadline time.Time 196 197 // Exposes PeerParams 198 PeerParams *wire.TransportParameters 199 200 timer connectionTimer 201 // keepAlivePingSent stores whether a keep alive PING is in flight. 202 // It is reset as soon as we receive a packet from the peer. 203 keepAlivePingSent bool 204 keepAliveInterval time.Duration 205 206 datagramQueue *datagramQueue 207 208 connStateMutex sync.Mutex 209 connState ConnectionState 210 211 logID string 212 tracer logging.ConnectionTracer 213 logger utils.Logger 214 } 215 216 var ( 217 _ Connection = &connection{} 218 _ EarlyConnection = &connection{} 219 _ streamSender = &connection{} 220 ) 221 222 var newConnection = func( 223 conn sendConn, 224 runner connRunner, 225 origDestConnID protocol.ConnectionID, 226 retrySrcConnID *protocol.ConnectionID, 227 clientDestConnID protocol.ConnectionID, 228 destConnID protocol.ConnectionID, 229 srcConnID protocol.ConnectionID, 230 connIDGenerator ConnectionIDGenerator, 231 statelessResetToken protocol.StatelessResetToken, 232 conf *Config, 233 tlsConf *tls.Config, 234 tokenGenerator *handshake.TokenGenerator, 235 clientAddressValidated bool, 236 tracer logging.ConnectionTracer, 237 tracingID uint64, 238 logger utils.Logger, 239 v protocol.VersionNumber, 240 ) quicConn { 241 s := &connection{ 242 conn: conn, 243 config: conf, 244 handshakeDestConnID: destConnID, 245 srcConnIDLen: srcConnID.Len(), 246 tokenGenerator: tokenGenerator, 247 oneRTTStream: newCryptoStream(), 248 perspective: protocol.PerspectiveServer, 249 tracer: tracer, 250 logger: logger, 251 version: v, 252 } 253 if origDestConnID.Len() > 0 { 254 s.logID = origDestConnID.String() 255 } else { 256 s.logID = destConnID.String() 257 } 258 s.connIDManager = newConnIDManager( 259 destConnID, 260 func(token protocol.StatelessResetToken) { runner.AddResetToken(token, s) }, 261 runner.RemoveResetToken, 262 s.queueControlFrame, 263 ) 264 s.connIDGenerator = newConnIDGenerator( 265 srcConnID, 266 &clientDestConnID, 267 func(connID protocol.ConnectionID) { runner.Add(connID, s) }, 268 runner.GetStatelessResetToken, 269 runner.Remove, 270 runner.Retire, 271 runner.ReplaceWithClosed, 272 s.queueControlFrame, 273 connIDGenerator, 274 ) 275 s.preSetup() 276 s.ctx, s.ctxCancel = context.WithCancelCause(context.WithValue(context.Background(), ConnectionTracingKey, tracingID)) 277 s.sentPacketHandler, s.receivedPacketHandler = ackhandler.NewAckHandler( 278 0, 279 getMaxPacketSize(s.conn.RemoteAddr()), 280 s.rttStats, 281 clientAddressValidated, 282 s.perspective, 283 s.tracer, 284 s.logger, 285 ) 286 s.mtuDiscoverer = newMTUDiscoverer(s.rttStats, getMaxPacketSize(s.conn.RemoteAddr()), s.sentPacketHandler.SetMaxDatagramSize) 287 params := &wire.TransportParameters{ 288 InitialMaxStreamDataBidiLocal: protocol.ByteCount(s.config.InitialStreamReceiveWindow), 289 InitialMaxStreamDataBidiRemote: protocol.ByteCount(s.config.InitialStreamReceiveWindow), 290 InitialMaxStreamDataUni: protocol.ByteCount(s.config.InitialStreamReceiveWindow), 291 InitialMaxData: protocol.ByteCount(s.config.InitialConnectionReceiveWindow), 292 MaxIdleTimeout: s.config.MaxIdleTimeout, 293 MaxBidiStreamNum: protocol.StreamNum(s.config.MaxIncomingStreams), 294 MaxUniStreamNum: protocol.StreamNum(s.config.MaxIncomingUniStreams), 295 MaxAckDelay: protocol.MaxAckDelayInclGranularity, 296 AckDelayExponent: protocol.AckDelayExponent, 297 DisableActiveMigration: true, 298 StatelessResetToken: &statelessResetToken, 299 OriginalDestinationConnectionID: origDestConnID, 300 // For interoperability with quic-go versions before May 2023, this value must be set to a value 301 // different from protocol.DefaultActiveConnectionIDLimit. 302 // If set to the default value, it will be omitted from the transport parameters, which will make 303 // old quic-go versions interpret it as 0, instead of the default value of 2. 304 // See https://github.com/tumi8/quic-go/pull/3806. 305 ActiveConnectionIDLimit: protocol.MaxActiveConnectionIDs, 306 InitialSourceConnectionID: srcConnID, 307 RetrySourceConnectionID: retrySrcConnID, 308 } 309 if s.config.EnableDatagrams { 310 params.MaxDatagramFrameSize = protocol.MaxDatagramFrameSize 311 } else { 312 params.MaxDatagramFrameSize = protocol.InvalidByteCount 313 } 314 if s.tracer != nil { 315 s.tracer.SentTransportParameters(params) 316 } 317 cs := handshake.NewCryptoSetupServer( 318 clientDestConnID, 319 conn.LocalAddr(), 320 conn.RemoteAddr(), 321 params, 322 tlsConf, 323 conf.Allow0RTT, 324 s.rttStats, 325 tracer, 326 logger, 327 s.version, 328 ) 329 s.cryptoStreamHandler = cs 330 s.packer = newPacketPacker(srcConnID, s.connIDManager.Get, s.initialStream, s.handshakeStream, s.sentPacketHandler, s.retransmissionQueue, cs, s.framer, s.receivedPacketHandler, s.datagramQueue, s.perspective) 331 s.unpacker = newPacketUnpacker(cs, s.srcConnIDLen) 332 s.cryptoStreamManager = newCryptoStreamManager(cs, s.initialStream, s.handshakeStream, s.oneRTTStream) 333 return s 334 } 335 336 // declare this as a variable, such that we can it mock it in the tests 337 var newClientConnection = func( 338 conn sendConn, 339 runner connRunner, 340 destConnID protocol.ConnectionID, 341 srcConnID protocol.ConnectionID, 342 connIDGenerator ConnectionIDGenerator, 343 conf *Config, 344 tlsConf *tls.Config, 345 initialPacketNumber protocol.PacketNumber, 346 enable0RTT bool, 347 hasNegotiatedVersion bool, 348 tracer logging.ConnectionTracer, 349 tracingID uint64, 350 logger utils.Logger, 351 v protocol.VersionNumber, 352 ) quicConn { 353 s := &connection{ 354 conn: conn, 355 config: conf, 356 origDestConnID: destConnID, 357 handshakeDestConnID: destConnID, 358 srcConnIDLen: srcConnID.Len(), 359 perspective: protocol.PerspectiveClient, 360 logID: destConnID.String(), 361 logger: logger, 362 tracer: tracer, 363 versionNegotiated: hasNegotiatedVersion, 364 version: v, 365 } 366 s.connIDManager = newConnIDManager( 367 destConnID, 368 func(token protocol.StatelessResetToken) { runner.AddResetToken(token, s) }, 369 runner.RemoveResetToken, 370 s.queueControlFrame, 371 ) 372 s.connIDGenerator = newConnIDGenerator( 373 srcConnID, 374 nil, 375 func(connID protocol.ConnectionID) { runner.Add(connID, s) }, 376 runner.GetStatelessResetToken, 377 runner.Remove, 378 runner.Retire, 379 runner.ReplaceWithClosed, 380 s.queueControlFrame, 381 connIDGenerator, 382 ) 383 s.preSetup() 384 s.ctx, s.ctxCancel = context.WithCancelCause(context.WithValue(context.Background(), ConnectionTracingKey, tracingID)) 385 s.sentPacketHandler, s.receivedPacketHandler = ackhandler.NewAckHandler( 386 initialPacketNumber, 387 getMaxPacketSize(s.conn.RemoteAddr()), 388 s.rttStats, 389 false, /* has no effect */ 390 s.perspective, 391 s.tracer, 392 s.logger, 393 ) 394 s.mtuDiscoverer = newMTUDiscoverer(s.rttStats, getMaxPacketSize(s.conn.RemoteAddr()), s.sentPacketHandler.SetMaxDatagramSize) 395 oneRTTStream := newCryptoStream() 396 params := &wire.TransportParameters{ 397 InitialMaxStreamDataBidiRemote: protocol.ByteCount(s.config.InitialStreamReceiveWindow), 398 InitialMaxStreamDataBidiLocal: protocol.ByteCount(s.config.InitialStreamReceiveWindow), 399 InitialMaxStreamDataUni: protocol.ByteCount(s.config.InitialStreamReceiveWindow), 400 InitialMaxData: protocol.ByteCount(s.config.InitialConnectionReceiveWindow), 401 MaxIdleTimeout: s.config.MaxIdleTimeout, 402 MaxBidiStreamNum: protocol.StreamNum(s.config.MaxIncomingStreams), 403 MaxUniStreamNum: protocol.StreamNum(s.config.MaxIncomingUniStreams), 404 MaxAckDelay: protocol.MaxAckDelayInclGranularity, 405 AckDelayExponent: protocol.AckDelayExponent, 406 DisableActiveMigration: true, 407 // For interoperability with quic-go versions before May 2023, this value must be set to a value 408 // different from protocol.DefaultActiveConnectionIDLimit. 409 // If set to the default value, it will be omitted from the transport parameters, which will make 410 // old quic-go versions interpret it as 0, instead of the default value of 2. 411 // See https://github.com/tumi8/quic-go/pull/3806. 412 ActiveConnectionIDLimit: protocol.MaxActiveConnectionIDs, 413 InitialSourceConnectionID: srcConnID, 414 } 415 if s.config.EnableDatagrams { 416 params.MaxDatagramFrameSize = protocol.MaxDatagramFrameSize 417 } else { 418 params.MaxDatagramFrameSize = protocol.InvalidByteCount 419 } 420 if s.tracer != nil { 421 s.tracer.SentTransportParameters(params) 422 } 423 cs := handshake.NewCryptoSetupClient( 424 destConnID, 425 params, 426 tlsConf, 427 enable0RTT, 428 s.rttStats, 429 tracer, 430 logger, 431 s.version, 432 ) 433 s.cryptoStreamHandler = cs 434 s.cryptoStreamManager = newCryptoStreamManager(cs, s.initialStream, s.handshakeStream, oneRTTStream) 435 s.unpacker = newPacketUnpacker(cs, s.srcConnIDLen) 436 s.packer = newPacketPacker(srcConnID, s.connIDManager.Get, s.initialStream, s.handshakeStream, s.sentPacketHandler, s.retransmissionQueue, cs, s.framer, s.receivedPacketHandler, s.datagramQueue, s.perspective) 437 if len(tlsConf.ServerName) > 0 { 438 s.tokenStoreKey = tlsConf.ServerName 439 } else { 440 s.tokenStoreKey = conn.RemoteAddr().String() 441 } 442 if s.config.TokenStore != nil { 443 if token := s.config.TokenStore.Pop(s.tokenStoreKey); token != nil { 444 s.packer.SetToken(token.data) 445 } 446 } 447 return s 448 } 449 450 func (s *connection) preSetup() { 451 s.initialStream = newCryptoStream() 452 s.handshakeStream = newCryptoStream() 453 s.sendQueue = newSendQueue(s.conn) 454 s.retransmissionQueue = newRetransmissionQueue() 455 s.frameParser = wire.NewFrameParser(s.config.EnableDatagrams) 456 s.rttStats = &utils.RTTStats{} 457 s.connFlowController = flowcontrol.NewConnectionFlowController( 458 protocol.ByteCount(s.config.InitialConnectionReceiveWindow), 459 protocol.ByteCount(s.config.MaxConnectionReceiveWindow), 460 s.onHasConnectionWindowUpdate, 461 func(size protocol.ByteCount) bool { 462 if s.config.AllowConnectionWindowIncrease == nil { 463 return true 464 } 465 return s.config.AllowConnectionWindowIncrease(s, uint64(size)) 466 }, 467 s.rttStats, 468 s.logger, 469 ) 470 s.earlyConnReadyChan = make(chan struct{}) 471 s.streamsMap = newStreamsMap( 472 s, 473 s.newFlowController, 474 uint64(s.config.MaxIncomingStreams), 475 uint64(s.config.MaxIncomingUniStreams), 476 s.perspective, 477 ) 478 s.framer = newFramer(s.streamsMap) 479 s.receivedPackets = make(chan receivedPacket, protocol.MaxConnUnprocessedPackets) 480 s.closeChan = make(chan closeError, 1) 481 s.sendingScheduled = make(chan struct{}, 1) 482 s.handshakeCtx, s.handshakeCtxCancel = context.WithCancel(context.Background()) 483 484 now := time.Now() 485 s.lastPacketReceivedTime = now 486 s.creationTime = now 487 488 s.windowUpdateQueue = newWindowUpdateQueue(s.streamsMap, s.connFlowController, s.framer.QueueControlFrame) 489 s.datagramQueue = newDatagramQueue(s.scheduleSending, s.logger) 490 s.connState.Version = s.version 491 } 492 493 // run the connection main loop 494 func (s *connection) run() error { 495 var closeErr closeError 496 defer func() { 497 s.ctxCancel(closeErr.err) 498 }() 499 500 s.timer = *newTimer() 501 502 if err := s.cryptoStreamHandler.StartHandshake(); err != nil { 503 return err 504 } 505 if err := s.handleHandshakeEvents(); err != nil { 506 return err 507 } 508 go func() { 509 if err := s.sendQueue.Run(); err != nil { 510 s.destroyImpl(err) 511 } 512 }() 513 514 if s.perspective == protocol.PerspectiveClient { 515 s.scheduleSending() // so the ClientHello actually gets sent 516 } 517 518 var sendQueueAvailable <-chan struct{} 519 520 runLoop: 521 for { 522 // Close immediately if requested 523 select { 524 case closeErr = <-s.closeChan: 525 break runLoop 526 default: 527 } 528 529 s.maybeResetTimer() 530 531 var processedUndecryptablePacket bool 532 if len(s.undecryptablePacketsToProcess) > 0 { 533 queue := s.undecryptablePacketsToProcess 534 s.undecryptablePacketsToProcess = nil 535 for _, p := range queue { 536 if processed := s.handlePacketImpl(p); processed { 537 processedUndecryptablePacket = true 538 } 539 // Don't set timers and send packets if the packet made us close the connection. 540 select { 541 case closeErr = <-s.closeChan: 542 break runLoop 543 default: 544 } 545 } 546 } 547 // If we processed any undecryptable packets, jump to the resetting of the timers directly. 548 if !processedUndecryptablePacket { 549 select { 550 case closeErr = <-s.closeChan: 551 break runLoop 552 case <-s.timer.Chan(): 553 s.timer.SetRead() 554 // We do all the interesting stuff after the switch statement, so 555 // nothing to see here. 556 case <-s.sendingScheduled: 557 // We do all the interesting stuff after the switch statement, so 558 // nothing to see here. 559 case <-sendQueueAvailable: 560 case firstPacket := <-s.receivedPackets: 561 wasProcessed := s.handlePacketImpl(firstPacket) 562 // Don't set timers and send packets if the packet made us close the connection. 563 select { 564 case closeErr = <-s.closeChan: 565 break runLoop 566 default: 567 } 568 if s.handshakeComplete { 569 // Now process all packets in the receivedPackets channel. 570 // Limit the number of packets to the length of the receivedPackets channel, 571 // so we eventually get a chance to send out an ACK when receiving a lot of packets. 572 numPackets := len(s.receivedPackets) 573 receiveLoop: 574 for i := 0; i < numPackets; i++ { 575 select { 576 case p := <-s.receivedPackets: 577 if processed := s.handlePacketImpl(p); processed { 578 wasProcessed = true 579 } 580 select { 581 case closeErr = <-s.closeChan: 582 break runLoop 583 default: 584 } 585 default: 586 break receiveLoop 587 } 588 } 589 } 590 // Only reset the timers if this packet was actually processed. 591 // This avoids modifying any state when handling undecryptable packets, 592 // which could be injected by an attacker. 593 if !wasProcessed { 594 continue 595 } 596 } 597 } 598 599 now := time.Now() 600 if timeout := s.sentPacketHandler.GetLossDetectionTimeout(); !timeout.IsZero() && timeout.Before(now) { 601 // This could cause packets to be retransmitted. 602 // Check it before trying to send packets. 603 if err := s.sentPacketHandler.OnLossDetectionTimeout(); err != nil { 604 s.closeLocal(err) 605 } 606 } 607 608 if keepAliveTime := s.nextKeepAliveTime(); !keepAliveTime.IsZero() && !now.Before(keepAliveTime) { 609 // send a PING frame since there is no activity in the connection 610 s.logger.Debugf("Sending a keep-alive PING to keep the connection alive.") 611 s.framer.QueueControlFrame(&wire.PingFrame{}) 612 s.keepAlivePingSent = true 613 } else if !s.handshakeComplete && now.Sub(s.creationTime) >= s.config.handshakeTimeout() { 614 s.destroyImpl(qerr.ErrHandshakeTimeout) 615 continue 616 } else { 617 idleTimeoutStartTime := s.idleTimeoutStartTime() 618 if (!s.handshakeComplete && now.Sub(idleTimeoutStartTime) >= s.config.HandshakeIdleTimeout) || 619 (s.handshakeComplete && now.After(s.nextIdleTimeoutTime())) { 620 s.destroyImpl(qerr.ErrIdleTimeout) 621 continue 622 } 623 } 624 625 if s.sendQueue.WouldBlock() { 626 // The send queue is still busy sending out packets. 627 // Wait until there's space to enqueue new packets. 628 sendQueueAvailable = s.sendQueue.Available() 629 continue 630 } 631 if err := s.triggerSending(); err != nil { 632 s.closeLocal(err) 633 } 634 if s.sendQueue.WouldBlock() { 635 sendQueueAvailable = s.sendQueue.Available() 636 } else { 637 sendQueueAvailable = nil 638 } 639 } 640 641 s.cryptoStreamHandler.Close() 642 s.sendQueue.Close() // close the send queue before sending the CONNECTION_CLOSE 643 s.handleCloseError(&closeErr) 644 if e := (&errCloseForRecreating{}); !errors.As(closeErr.err, &e) && s.tracer != nil { 645 s.tracer.Close() 646 } 647 s.logger.Infof("Connection %s closed.", s.logID) 648 s.timer.Stop() 649 return closeErr.err 650 } 651 652 // blocks until the early connection can be used 653 func (s *connection) earlyConnReady() <-chan struct{} { 654 return s.earlyConnReadyChan 655 } 656 657 func (s *connection) HandshakeComplete() <-chan struct{} { 658 return s.handshakeCtx.Done() 659 } 660 661 func (s *connection) Context() context.Context { 662 return s.ctx 663 } 664 665 func (s *connection) supportsDatagrams() bool { 666 return s.PeerParams.MaxDatagramFrameSize > 0 667 } 668 669 func (s *connection) ConnectionState() ConnectionState { 670 s.connStateMutex.Lock() 671 defer s.connStateMutex.Unlock() 672 cs := s.cryptoStreamHandler.ConnectionState() 673 s.connState.TLS = cs.ConnectionState 674 s.connState.Info = cs.ConnectionInfo 675 s.connState.Used0RTT = cs.Used0RTT 676 return s.connState 677 } 678 679 // Time when the connection should time out 680 func (s *connection) nextIdleTimeoutTime() time.Time { 681 idleTimeout := utils.Max(s.idleTimeout, s.rttStats.PTO(true)*3) 682 return s.idleTimeoutStartTime().Add(idleTimeout) 683 } 684 685 // Time when the next keep-alive packet should be sent. 686 // It returns a zero time if no keep-alive should be sent. 687 func (s *connection) nextKeepAliveTime() time.Time { 688 if s.config.KeepAlivePeriod == 0 || s.keepAlivePingSent || !s.firstAckElicitingPacketAfterIdleSentTime.IsZero() { 689 return time.Time{} 690 } 691 keepAliveInterval := utils.Max(s.keepAliveInterval, s.rttStats.PTO(true)*3/2) 692 return s.lastPacketReceivedTime.Add(keepAliveInterval) 693 } 694 695 func (s *connection) maybeResetTimer() { 696 var deadline time.Time 697 if !s.handshakeComplete { 698 deadline = utils.MinTime( 699 s.creationTime.Add(s.config.handshakeTimeout()), 700 s.idleTimeoutStartTime().Add(s.config.HandshakeIdleTimeout), 701 ) 702 } else { 703 if keepAliveTime := s.nextKeepAliveTime(); !keepAliveTime.IsZero() { 704 deadline = keepAliveTime 705 } else { 706 deadline = s.nextIdleTimeoutTime() 707 } 708 } 709 710 s.timer.SetTimer( 711 deadline, 712 s.receivedPacketHandler.GetAlarmTimeout(), 713 s.sentPacketHandler.GetLossDetectionTimeout(), 714 s.pacingDeadline, 715 ) 716 } 717 718 func (s *connection) idleTimeoutStartTime() time.Time { 719 return utils.MaxTime(s.lastPacketReceivedTime, s.firstAckElicitingPacketAfterIdleSentTime) 720 } 721 722 func (s *connection) handleHandshakeComplete() error { 723 defer s.handshakeCtxCancel() 724 // Once the handshake completes, we have derived 1-RTT keys. 725 // There's no point in queueing undecryptable packets for later decryption anymore. 726 s.undecryptablePackets = nil 727 728 s.connIDManager.SetHandshakeComplete() 729 s.connIDGenerator.SetHandshakeComplete() 730 731 // The server applies transport parameters right away, but the client side has to wait for handshake completion. 732 // During a 0-RTT connection, the client is only allowed to use the new transport parameters for 1-RTT packets. 733 if s.perspective == protocol.PerspectiveClient { 734 s.applyTransportParameters() 735 return nil 736 } 737 738 // All these only apply to the server side. 739 if err := s.handleHandshakeConfirmed(); err != nil { 740 return err 741 } 742 743 ticket, err := s.cryptoStreamHandler.GetSessionTicket() 744 if err != nil { 745 return err 746 } 747 if ticket != nil { // may be nil if session tickets are disabled via tls.Config.SessionTicketsDisabled 748 s.oneRTTStream.Write(ticket) 749 for s.oneRTTStream.HasData() { 750 s.queueControlFrame(s.oneRTTStream.PopCryptoFrame(protocol.MaxPostHandshakeCryptoFrameSize)) 751 } 752 } 753 token, err := s.tokenGenerator.NewToken(s.conn.RemoteAddr()) 754 if err != nil { 755 return err 756 } 757 s.queueControlFrame(&wire.NewTokenFrame{Token: token}) 758 s.queueControlFrame(&wire.HandshakeDoneFrame{}) 759 return nil 760 } 761 762 func (s *connection) handleHandshakeConfirmed() error { 763 if err := s.dropEncryptionLevel(protocol.EncryptionHandshake); err != nil { 764 return err 765 } 766 767 s.handshakeConfirmed = true 768 s.sentPacketHandler.SetHandshakeConfirmed() 769 s.cryptoStreamHandler.SetHandshakeConfirmed() 770 771 if !s.config.DisablePathMTUDiscovery && s.conn.capabilities().DF { 772 maxPacketSize := s.PeerParams.MaxUDPPayloadSize 773 if maxPacketSize == 0 { 774 maxPacketSize = protocol.MaxByteCount 775 } 776 s.mtuDiscoverer.Start(utils.Min(maxPacketSize, protocol.MaxPacketBufferSize)) 777 } 778 return nil 779 } 780 781 func (s *connection) handlePacketImpl(rp receivedPacket) bool { 782 s.sentPacketHandler.ReceivedBytes(rp.Size()) 783 784 if wire.IsVersionNegotiationPacket(rp.data) { 785 s.handleVersionNegotiationPacket(rp) 786 return false 787 } 788 789 var counter uint8 790 var lastConnID protocol.ConnectionID 791 var processed bool 792 data := rp.data 793 p := rp 794 for len(data) > 0 { 795 var destConnID protocol.ConnectionID 796 if counter > 0 { 797 p = *(p.Clone()) 798 p.data = data 799 800 var err error 801 destConnID, err = wire.ParseConnectionID(p.data, s.srcConnIDLen) 802 if err != nil { 803 if s.tracer != nil { 804 s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, protocol.ByteCount(len(data)), logging.PacketDropHeaderParseError) 805 } 806 s.logger.Debugf("error parsing packet, couldn't parse connection ID: %s", err) 807 break 808 } 809 if destConnID != lastConnID { 810 if s.tracer != nil { 811 s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, protocol.ByteCount(len(data)), logging.PacketDropUnknownConnectionID) 812 } 813 s.logger.Debugf("coalesced packet has different destination connection ID: %s, expected %s", destConnID, lastConnID) 814 break 815 } 816 } 817 818 if wire.IsLongHeaderPacket(p.data[0]) { 819 hdr, packetData, rest, err := wire.ParsePacket(p.data) 820 if err != nil { 821 if s.tracer != nil { 822 dropReason := logging.PacketDropHeaderParseError 823 if err == wire.ErrUnsupportedVersion { 824 dropReason = logging.PacketDropUnsupportedVersion 825 } 826 s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, protocol.ByteCount(len(data)), dropReason) 827 } 828 s.logger.Debugf("error parsing packet: %s", err) 829 break 830 } 831 lastConnID = hdr.DestConnectionID 832 833 if hdr.Version != s.version { 834 if s.tracer != nil { 835 s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), protocol.ByteCount(len(data)), logging.PacketDropUnexpectedVersion) 836 } 837 s.logger.Debugf("Dropping packet with version %x. Expected %x.", hdr.Version, s.version) 838 break 839 } 840 841 if counter > 0 { 842 p.buffer.Split() 843 } 844 counter++ 845 846 // only log if this actually a coalesced packet 847 if s.logger.Debug() && (counter > 1 || len(rest) > 0) { 848 s.logger.Debugf("Parsed a coalesced packet. Part %d: %d bytes. Remaining: %d bytes.", counter, len(packetData), len(rest)) 849 } 850 851 p.data = packetData 852 853 if wasProcessed := s.handleLongHeaderPacket(p, hdr); wasProcessed { 854 processed = true 855 } 856 data = rest 857 } else { 858 if counter > 0 { 859 p.buffer.Split() 860 } 861 processed = s.handleShortHeaderPacket(p, destConnID) 862 break 863 } 864 } 865 866 p.buffer.MaybeRelease() 867 return processed 868 } 869 870 func (s *connection) handleShortHeaderPacket(p receivedPacket, destConnID protocol.ConnectionID) bool { 871 var wasQueued bool 872 873 defer func() { 874 // Put back the packet buffer if the packet wasn't queued for later decryption. 875 if !wasQueued { 876 p.buffer.Decrement() 877 } 878 }() 879 880 pn, pnLen, keyPhase, data, err := s.unpacker.UnpackShortHeader(p.rcvTime, p.data) 881 if err != nil { 882 wasQueued = s.handleUnpackError(err, p, logging.PacketType1RTT) 883 return false 884 } 885 886 if s.logger.Debug() { 887 s.logger.Debugf("<- Reading packet %d (%d bytes) for connection %s, 1-RTT", pn, p.Size(), destConnID) 888 wire.LogShortHeader(s.logger, destConnID, pn, pnLen, keyPhase) 889 } 890 891 if s.receivedPacketHandler.IsPotentiallyDuplicate(pn, protocol.Encryption1RTT) { 892 s.logger.Debugf("Dropping (potentially) duplicate packet.") 893 if s.tracer != nil { 894 s.tracer.DroppedPacket(logging.PacketType1RTT, p.Size(), logging.PacketDropDuplicate) 895 } 896 return false 897 } 898 899 var log func([]logging.Frame) 900 if s.tracer != nil { 901 log = func(frames []logging.Frame) { 902 s.tracer.ReceivedShortHeaderPacket( 903 &logging.ShortHeader{ 904 DestConnectionID: destConnID, 905 PacketNumber: pn, 906 PacketNumberLen: pnLen, 907 KeyPhase: keyPhase, 908 }, 909 p.Size(), 910 frames, 911 ) 912 } 913 } 914 if err := s.handleUnpackedShortHeaderPacket(destConnID, pn, data, p.ecn, p.rcvTime, log); err != nil { 915 s.closeLocal(err) 916 return false 917 } 918 return true 919 } 920 921 func (s *connection) handleLongHeaderPacket(p receivedPacket, hdr *wire.Header) bool /* was the packet successfully processed */ { 922 var wasQueued bool 923 924 defer func() { 925 // Put back the packet buffer if the packet wasn't queued for later decryption. 926 if !wasQueued { 927 p.buffer.Decrement() 928 } 929 }() 930 931 if hdr.Type == protocol.PacketTypeRetry { 932 return s.handleRetryPacket(hdr, p.data) 933 } 934 935 // The server can change the source connection ID with the first Handshake packet. 936 // After this, all packets with a different source connection have to be ignored. 937 if s.receivedFirstPacket && hdr.Type == protocol.PacketTypeInitial && hdr.SrcConnectionID != s.handshakeDestConnID { 938 if s.tracer != nil { 939 s.tracer.DroppedPacket(logging.PacketTypeInitial, p.Size(), logging.PacketDropUnknownConnectionID) 940 } 941 s.logger.Debugf("Dropping Initial packet (%d bytes) with unexpected source connection ID: %s (expected %s)", p.Size(), hdr.SrcConnectionID, s.handshakeDestConnID) 942 return false 943 } 944 // drop 0-RTT packets, if we are a client 945 if s.perspective == protocol.PerspectiveClient && hdr.Type == protocol.PacketType0RTT { 946 if s.tracer != nil { 947 s.tracer.DroppedPacket(logging.PacketType0RTT, p.Size(), logging.PacketDropKeyUnavailable) 948 } 949 return false 950 } 951 952 packet, err := s.unpacker.UnpackLongHeader(hdr, p.rcvTime, p.data, s.version) 953 if err != nil { 954 wasQueued = s.handleUnpackError(err, p, logging.PacketTypeFromHeader(hdr)) 955 return false 956 } 957 958 if s.logger.Debug() { 959 s.logger.Debugf("<- Reading packet %d (%d bytes) for connection %s, %s", packet.hdr.PacketNumber, p.Size(), hdr.DestConnectionID, packet.encryptionLevel) 960 packet.hdr.Log(s.logger) 961 } 962 963 if s.receivedPacketHandler.IsPotentiallyDuplicate(packet.hdr.PacketNumber, packet.encryptionLevel) { 964 s.logger.Debugf("Dropping (potentially) duplicate packet.") 965 if s.tracer != nil { 966 s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), p.Size(), logging.PacketDropDuplicate) 967 } 968 return false 969 } 970 971 if err := s.handleUnpackedLongHeaderPacket(packet, p.ecn, p.rcvTime, p.Size()); err != nil { 972 s.closeLocal(err) 973 return false 974 } 975 return true 976 } 977 978 func (s *connection) handleUnpackError(err error, p receivedPacket, pt logging.PacketType) (wasQueued bool) { 979 switch err { 980 case handshake.ErrKeysDropped: 981 if s.tracer != nil { 982 s.tracer.DroppedPacket(pt, p.Size(), logging.PacketDropKeyUnavailable) 983 } 984 s.logger.Debugf("Dropping %s packet (%d bytes) because we already dropped the keys.", pt, p.Size()) 985 case handshake.ErrKeysNotYetAvailable: 986 // Sealer for this encryption level not yet available. 987 // Try again later. 988 s.tryQueueingUndecryptablePacket(p, pt) 989 return true 990 case wire.ErrInvalidReservedBits: 991 s.closeLocal(&qerr.TransportError{ 992 ErrorCode: qerr.ProtocolViolation, 993 ErrorMessage: err.Error(), 994 }) 995 case handshake.ErrDecryptionFailed: 996 // This might be a packet injected by an attacker. Drop it. 997 if s.tracer != nil { 998 s.tracer.DroppedPacket(pt, p.Size(), logging.PacketDropPayloadDecryptError) 999 } 1000 s.logger.Debugf("Dropping %s packet (%d bytes) that could not be unpacked. Error: %s", pt, p.Size(), err) 1001 default: 1002 var headerErr *headerParseError 1003 if errors.As(err, &headerErr) { 1004 // This might be a packet injected by an attacker. Drop it. 1005 if s.tracer != nil { 1006 s.tracer.DroppedPacket(pt, p.Size(), logging.PacketDropHeaderParseError) 1007 } 1008 s.logger.Debugf("Dropping %s packet (%d bytes) for which we couldn't unpack the header. Error: %s", pt, p.Size(), err) 1009 } else { 1010 // This is an error returned by the AEAD (other than ErrDecryptionFailed). 1011 // For example, a PROTOCOL_VIOLATION due to key updates. 1012 s.closeLocal(err) 1013 } 1014 } 1015 return false 1016 } 1017 1018 func (s *connection) handleRetryPacket(hdr *wire.Header, data []byte) bool /* was this a valid Retry */ { 1019 if s.perspective == protocol.PerspectiveServer { 1020 if s.tracer != nil { 1021 s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket) 1022 } 1023 s.logger.Debugf("Ignoring Retry.") 1024 return false 1025 } 1026 if s.receivedFirstPacket { 1027 if s.tracer != nil { 1028 s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket) 1029 } 1030 s.logger.Debugf("Ignoring Retry, since we already received a packet.") 1031 return false 1032 } 1033 destConnID := s.connIDManager.Get() 1034 if hdr.SrcConnectionID == destConnID { 1035 if s.tracer != nil { 1036 s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket) 1037 } 1038 s.logger.Debugf("Ignoring Retry, since the server didn't change the Source Connection ID.") 1039 return false 1040 } 1041 // If a token is already set, this means that we already received a Retry from the server. 1042 // Ignore this Retry packet. 1043 if s.ReceivedRetry { 1044 s.logger.Debugf("Ignoring Retry, since a Retry was already received.") 1045 return false 1046 } 1047 1048 tag := handshake.GetRetryIntegrityTag(data[:len(data)-16], destConnID, hdr.Version) 1049 if !bytes.Equal(data[len(data)-16:], tag[:]) { 1050 if s.tracer != nil { 1051 s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropPayloadDecryptError) 1052 } 1053 s.logger.Debugf("Ignoring spoofed Retry. Integrity Tag doesn't match.") 1054 return false 1055 } 1056 1057 if s.logger.Debug() { 1058 s.logger.Debugf("<- Received Retry:") 1059 (&wire.ExtendedHeader{Header: *hdr}).Log(s.logger) 1060 s.logger.Debugf("Switching destination connection ID to: %s", hdr.SrcConnectionID) 1061 } 1062 if s.tracer != nil { 1063 s.tracer.ReceivedRetry(hdr) 1064 } 1065 newDestConnID := hdr.SrcConnectionID 1066 s.ReceivedRetry = true 1067 if err := s.sentPacketHandler.ResetForRetry(); err != nil { 1068 s.closeLocal(err) 1069 return false 1070 } 1071 s.handshakeDestConnID = newDestConnID 1072 s.retrySrcConnID = &newDestConnID 1073 s.cryptoStreamHandler.ChangeConnectionID(newDestConnID) 1074 s.packer.SetToken(hdr.Token) 1075 s.connIDManager.ChangeInitialConnID(newDestConnID) 1076 s.scheduleSending() 1077 return true 1078 } 1079 1080 func (s *connection) handleVersionNegotiationPacket(p receivedPacket) { 1081 if s.perspective == protocol.PerspectiveServer || // servers never receive version negotiation packets 1082 s.receivedFirstPacket || s.versionNegotiated { // ignore delayed / duplicated version negotiation packets 1083 if s.tracer != nil { 1084 s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropUnexpectedPacket) 1085 } 1086 return 1087 } 1088 1089 src, dest, supportedVersions, err := wire.ParseVersionNegotiationPacket(p.data) 1090 if err != nil { 1091 if s.tracer != nil { 1092 s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropHeaderParseError) 1093 } 1094 s.logger.Debugf("Error parsing Version Negotiation packet: %s", err) 1095 return 1096 } 1097 1098 for _, v := range supportedVersions { 1099 if v == s.version { 1100 if s.tracer != nil { 1101 s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropUnexpectedVersion) 1102 } 1103 // The Version Negotiation packet contains the version that we offered. 1104 // This might be a packet sent by an attacker, or it was corrupted. 1105 return 1106 } 1107 } 1108 1109 s.logger.Infof("Received a Version Negotiation packet. Supported Versions: %s", supportedVersions) 1110 if s.tracer != nil { 1111 s.tracer.ReceivedVersionNegotiationPacket(dest, src, supportedVersions) 1112 } 1113 newVersion, ok := protocol.ChooseSupportedVersion(s.config.Versions, supportedVersions) 1114 if !ok { 1115 s.destroyImpl(&VersionNegotiationError{ 1116 Ours: s.config.Versions, 1117 Theirs: supportedVersions, 1118 }) 1119 s.logger.Infof("No compatible QUIC version found.") 1120 return 1121 } 1122 if s.tracer != nil { 1123 s.tracer.NegotiatedVersion(newVersion, s.config.Versions, supportedVersions) 1124 } 1125 1126 s.logger.Infof("Switching to QUIC version %s.", newVersion) 1127 nextPN, _ := s.sentPacketHandler.PeekPacketNumber(protocol.EncryptionInitial) 1128 s.destroyImpl(&errCloseForRecreating{ 1129 nextPacketNumber: nextPN, 1130 nextVersion: newVersion, 1131 }) 1132 } 1133 1134 func (s *connection) handleUnpackedLongHeaderPacket( 1135 packet *unpackedPacket, 1136 ecn protocol.ECN, 1137 rcvTime time.Time, 1138 packetSize protocol.ByteCount, // only for logging 1139 ) error { 1140 if !s.receivedFirstPacket { 1141 s.receivedFirstPacket = true 1142 if !s.versionNegotiated && s.tracer != nil { 1143 var clientVersions, serverVersions []protocol.VersionNumber 1144 switch s.perspective { 1145 case protocol.PerspectiveClient: 1146 clientVersions = s.config.Versions 1147 case protocol.PerspectiveServer: 1148 serverVersions = s.config.Versions 1149 } 1150 s.tracer.NegotiatedVersion(s.version, clientVersions, serverVersions) 1151 } 1152 // The server can change the source connection ID with the first Handshake packet. 1153 if s.perspective == protocol.PerspectiveClient && packet.hdr.SrcConnectionID != s.handshakeDestConnID { 1154 cid := packet.hdr.SrcConnectionID 1155 s.logger.Debugf("Received first packet. Switching destination connection ID to: %s", cid) 1156 s.handshakeDestConnID = cid 1157 s.connIDManager.ChangeInitialConnID(cid) 1158 } 1159 // We create the connection as soon as we receive the first packet from the client. 1160 // We do that before authenticating the packet. 1161 // That means that if the source connection ID was corrupted, 1162 // we might have created a connection with an incorrect source connection ID. 1163 // Once we authenticate the first packet, we need to update it. 1164 if s.perspective == protocol.PerspectiveServer { 1165 if packet.hdr.SrcConnectionID != s.handshakeDestConnID { 1166 s.handshakeDestConnID = packet.hdr.SrcConnectionID 1167 s.connIDManager.ChangeInitialConnID(packet.hdr.SrcConnectionID) 1168 } 1169 if s.tracer != nil { 1170 s.tracer.StartedConnection( 1171 s.conn.LocalAddr(), 1172 s.conn.RemoteAddr(), 1173 packet.hdr.SrcConnectionID, 1174 packet.hdr.DestConnectionID, 1175 ) 1176 } 1177 } 1178 } 1179 1180 if s.perspective == protocol.PerspectiveServer && packet.encryptionLevel == protocol.EncryptionHandshake { 1181 // On the server side, Initial keys are dropped as soon as the first Handshake packet is received. 1182 // See Section 4.9.1 of RFC 9001. 1183 if err := s.dropEncryptionLevel(protocol.EncryptionInitial); err != nil { 1184 return err 1185 } 1186 } 1187 1188 s.lastPacketReceivedTime = rcvTime 1189 s.firstAckElicitingPacketAfterIdleSentTime = time.Time{} 1190 s.keepAlivePingSent = false 1191 1192 var log func([]logging.Frame) 1193 if s.tracer != nil { 1194 log = func(frames []logging.Frame) { 1195 s.tracer.ReceivedLongHeaderPacket(packet.hdr, packetSize, frames) 1196 } 1197 } 1198 isAckEliciting, err := s.handleFrames(packet.data, packet.hdr.DestConnectionID, packet.encryptionLevel, log) 1199 if err != nil { 1200 return err 1201 } 1202 return s.receivedPacketHandler.ReceivedPacket(packet.hdr.PacketNumber, ecn, packet.encryptionLevel, rcvTime, isAckEliciting) 1203 } 1204 1205 func (s *connection) handleUnpackedShortHeaderPacket( 1206 destConnID protocol.ConnectionID, 1207 pn protocol.PacketNumber, 1208 data []byte, 1209 ecn protocol.ECN, 1210 rcvTime time.Time, 1211 log func([]logging.Frame), 1212 ) error { 1213 s.lastPacketReceivedTime = rcvTime 1214 s.firstAckElicitingPacketAfterIdleSentTime = time.Time{} 1215 s.keepAlivePingSent = false 1216 1217 isAckEliciting, err := s.handleFrames(data, destConnID, protocol.Encryption1RTT, log) 1218 if err != nil { 1219 return err 1220 } 1221 return s.receivedPacketHandler.ReceivedPacket(pn, ecn, protocol.Encryption1RTT, rcvTime, isAckEliciting) 1222 } 1223 1224 func (s *connection) handleFrames( 1225 data []byte, 1226 destConnID protocol.ConnectionID, 1227 encLevel protocol.EncryptionLevel, 1228 log func([]logging.Frame), 1229 ) (isAckEliciting bool, _ error) { 1230 // Only used for tracing. 1231 // If we're not tracing, this slice will always remain empty. 1232 var frames []logging.Frame 1233 if log != nil { 1234 frames = make([]logging.Frame, 0, 4) 1235 } 1236 handshakeWasComplete := s.handshakeComplete 1237 var handleErr error 1238 for len(data) > 0 { 1239 l, frame, err := s.frameParser.ParseNext(data, encLevel, s.version) 1240 if err != nil { 1241 return false, err 1242 } 1243 data = data[l:] 1244 if frame == nil { 1245 break 1246 } 1247 if ackhandler.IsFrameAckEliciting(frame) { 1248 isAckEliciting = true 1249 } 1250 if log != nil { 1251 frames = append(frames, logutils.ConvertFrame(frame)) 1252 } 1253 // An error occurred handling a previous frame. 1254 // Don't handle the current frame. 1255 if handleErr != nil { 1256 continue 1257 } 1258 if err := s.handleFrame(frame, encLevel, destConnID); err != nil { 1259 if log == nil { 1260 return false, err 1261 } 1262 // If we're logging, we need to keep parsing (but not handling) all frames. 1263 handleErr = err 1264 } 1265 } 1266 1267 if log != nil { 1268 log(frames) 1269 if handleErr != nil { 1270 return false, handleErr 1271 } 1272 } 1273 1274 // Handle completion of the handshake after processing all the frames. 1275 // This ensures that we correctly handle the following case on the server side: 1276 // We receive a Handshake packet that contains the CRYPTO frame that allows us to complete the handshake, 1277 // and an ACK serialized after that CRYPTO frame. In this case, we still want to process the ACK frame. 1278 if !handshakeWasComplete && s.handshakeComplete { 1279 if err := s.handleHandshakeComplete(); err != nil { 1280 return false, err 1281 } 1282 } 1283 1284 return 1285 } 1286 1287 func (s *connection) handleFrame(f wire.Frame, encLevel protocol.EncryptionLevel, destConnID protocol.ConnectionID) error { 1288 var err error 1289 wire.LogFrame(s.logger, f, false) 1290 switch frame := f.(type) { 1291 case *wire.CryptoFrame: 1292 err = s.handleCryptoFrame(frame, encLevel) 1293 case *wire.StreamFrame: 1294 err = s.handleStreamFrame(frame) 1295 case *wire.AckFrame: 1296 err = s.handleAckFrame(frame, encLevel) 1297 case *wire.ConnectionCloseFrame: 1298 s.handleConnectionCloseFrame(frame) 1299 case *wire.ResetStreamFrame: 1300 err = s.handleResetStreamFrame(frame) 1301 case *wire.MaxDataFrame: 1302 s.handleMaxDataFrame(frame) 1303 case *wire.MaxStreamDataFrame: 1304 err = s.handleMaxStreamDataFrame(frame) 1305 case *wire.MaxStreamsFrame: 1306 s.handleMaxStreamsFrame(frame) 1307 case *wire.DataBlockedFrame: 1308 case *wire.StreamDataBlockedFrame: 1309 case *wire.StreamsBlockedFrame: 1310 case *wire.StopSendingFrame: 1311 err = s.handleStopSendingFrame(frame) 1312 case *wire.PingFrame: 1313 case *wire.PathChallengeFrame: 1314 s.handlePathChallengeFrame(frame) 1315 case *wire.PathResponseFrame: 1316 // since we don't send PATH_CHALLENGEs, we don't expect PATH_RESPONSEs 1317 err = errors.New("unexpected PATH_RESPONSE frame") 1318 case *wire.NewTokenFrame: 1319 err = s.handleNewTokenFrame(frame) 1320 case *wire.NewConnectionIDFrame: 1321 err = s.handleNewConnectionIDFrame(frame) 1322 case *wire.RetireConnectionIDFrame: 1323 err = s.handleRetireConnectionIDFrame(frame, destConnID) 1324 case *wire.HandshakeDoneFrame: 1325 err = s.handleHandshakeDoneFrame() 1326 case *wire.DatagramFrame: 1327 err = s.handleDatagramFrame(frame) 1328 default: 1329 err = fmt.Errorf("unexpected frame type: %s", reflect.ValueOf(&frame).Elem().Type().Name()) 1330 } 1331 return err 1332 } 1333 1334 // handlePacket is called by the server with a new packet 1335 func (s *connection) handlePacket(p receivedPacket) { 1336 // Discard packets once the amount of queued packets is larger than 1337 // the channel size, protocol.MaxConnUnprocessedPackets 1338 select { 1339 case s.receivedPackets <- p: 1340 default: 1341 if s.tracer != nil { 1342 s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, p.Size(), logging.PacketDropDOSPrevention) 1343 } 1344 } 1345 } 1346 1347 func (s *connection) handleConnectionCloseFrame(frame *wire.ConnectionCloseFrame) { 1348 if frame.IsApplicationError { 1349 s.closeRemote(&qerr.ApplicationError{ 1350 Remote: true, 1351 ErrorCode: qerr.ApplicationErrorCode(frame.ErrorCode), 1352 ErrorMessage: frame.ReasonPhrase, 1353 }) 1354 return 1355 } 1356 s.closeRemote(&qerr.TransportError{ 1357 Remote: true, 1358 ErrorCode: qerr.TransportErrorCode(frame.ErrorCode), 1359 FrameType: frame.FrameType, 1360 ErrorMessage: frame.ReasonPhrase, 1361 }) 1362 } 1363 1364 func (s *connection) handleCryptoFrame(frame *wire.CryptoFrame, encLevel protocol.EncryptionLevel) error { 1365 if err := s.cryptoStreamManager.HandleCryptoFrame(frame, encLevel); err != nil { 1366 return err 1367 } 1368 return s.handleHandshakeEvents() 1369 } 1370 1371 func (s *connection) handleHandshakeEvents() error { 1372 for { 1373 ev := s.cryptoStreamHandler.NextEvent() 1374 var err error 1375 switch ev.Kind { 1376 case handshake.EventNoEvent: 1377 return nil 1378 case handshake.EventHandshakeComplete: 1379 // Don't call handleHandshakeComplete yet. 1380 // It's advantageous to process ACK frames that might be serialized after the CRYPTO frame first. 1381 s.handshakeComplete = true 1382 case handshake.EventReceivedTransportParameters: 1383 err = s.handleTransportParameters(ev.TransportParameters) 1384 case handshake.EventRestoredTransportParameters: 1385 s.restoreTransportParameters(ev.TransportParameters) 1386 close(s.earlyConnReadyChan) 1387 case handshake.EventReceivedReadKeys: 1388 // Queue all packets for decryption that have been undecryptable so far. 1389 s.undecryptablePacketsToProcess = s.undecryptablePackets 1390 s.undecryptablePackets = nil 1391 case handshake.EventDiscard0RTTKeys: 1392 err = s.dropEncryptionLevel(protocol.Encryption0RTT) 1393 case handshake.EventWriteInitialData: 1394 _, err = s.initialStream.Write(ev.Data) 1395 case handshake.EventWriteHandshakeData: 1396 _, err = s.handshakeStream.Write(ev.Data) 1397 } 1398 if err != nil { 1399 return err 1400 } 1401 } 1402 } 1403 1404 func (s *connection) handleStreamFrame(frame *wire.StreamFrame) error { 1405 str, err := s.streamsMap.GetOrOpenReceiveStream(frame.StreamID) 1406 if err != nil { 1407 return err 1408 } 1409 if str == nil { 1410 // Stream is closed and already garbage collected 1411 // ignore this StreamFrame 1412 return nil 1413 } 1414 return str.handleStreamFrame(frame) 1415 } 1416 1417 func (s *connection) handleMaxDataFrame(frame *wire.MaxDataFrame) { 1418 s.connFlowController.UpdateSendWindow(frame.MaximumData) 1419 } 1420 1421 func (s *connection) handleMaxStreamDataFrame(frame *wire.MaxStreamDataFrame) error { 1422 str, err := s.streamsMap.GetOrOpenSendStream(frame.StreamID) 1423 if err != nil { 1424 return err 1425 } 1426 if str == nil { 1427 // stream is closed and already garbage collected 1428 return nil 1429 } 1430 str.updateSendWindow(frame.MaximumStreamData) 1431 return nil 1432 } 1433 1434 func (s *connection) handleMaxStreamsFrame(frame *wire.MaxStreamsFrame) { 1435 s.streamsMap.HandleMaxStreamsFrame(frame) 1436 } 1437 1438 func (s *connection) handleResetStreamFrame(frame *wire.ResetStreamFrame) error { 1439 str, err := s.streamsMap.GetOrOpenReceiveStream(frame.StreamID) 1440 if err != nil { 1441 return err 1442 } 1443 if str == nil { 1444 // stream is closed and already garbage collected 1445 return nil 1446 } 1447 return str.handleResetStreamFrame(frame) 1448 } 1449 1450 func (s *connection) handleStopSendingFrame(frame *wire.StopSendingFrame) error { 1451 str, err := s.streamsMap.GetOrOpenSendStream(frame.StreamID) 1452 if err != nil { 1453 return err 1454 } 1455 if str == nil { 1456 // stream is closed and already garbage collected 1457 return nil 1458 } 1459 str.handleStopSendingFrame(frame) 1460 return nil 1461 } 1462 1463 func (s *connection) handlePathChallengeFrame(frame *wire.PathChallengeFrame) { 1464 s.queueControlFrame(&wire.PathResponseFrame{Data: frame.Data}) 1465 } 1466 1467 func (s *connection) handleNewTokenFrame(frame *wire.NewTokenFrame) error { 1468 if s.perspective == protocol.PerspectiveServer { 1469 return &qerr.TransportError{ 1470 ErrorCode: qerr.ProtocolViolation, 1471 ErrorMessage: "received NEW_TOKEN frame from the client", 1472 } 1473 } 1474 if s.config.TokenStore != nil { 1475 s.config.TokenStore.Put(s.tokenStoreKey, &ClientToken{data: frame.Token}) 1476 } 1477 return nil 1478 } 1479 1480 func (s *connection) handleNewConnectionIDFrame(f *wire.NewConnectionIDFrame) error { 1481 return s.connIDManager.Add(f) 1482 } 1483 1484 func (s *connection) handleRetireConnectionIDFrame(f *wire.RetireConnectionIDFrame, destConnID protocol.ConnectionID) error { 1485 return s.connIDGenerator.Retire(f.SequenceNumber, destConnID) 1486 } 1487 1488 func (s *connection) handleHandshakeDoneFrame() error { 1489 if s.perspective == protocol.PerspectiveServer { 1490 return &qerr.TransportError{ 1491 ErrorCode: qerr.ProtocolViolation, 1492 ErrorMessage: "received a HANDSHAKE_DONE frame", 1493 } 1494 } 1495 if !s.handshakeConfirmed { 1496 return s.handleHandshakeConfirmed() 1497 } 1498 return nil 1499 } 1500 1501 func (s *connection) handleAckFrame(frame *wire.AckFrame, encLevel protocol.EncryptionLevel) error { 1502 acked1RTTPacket, err := s.sentPacketHandler.ReceivedAck(frame, encLevel, s.lastPacketReceivedTime) 1503 if err != nil { 1504 return err 1505 } 1506 if !acked1RTTPacket { 1507 return nil 1508 } 1509 // On the client side: If the packet acknowledged a 1-RTT packet, this confirms the handshake. 1510 // This is only possible if the ACK was sent in a 1-RTT packet. 1511 // This is an optimization over simply waiting for a HANDSHAKE_DONE frame, see section 4.1.2 of RFC 9001. 1512 if s.perspective == protocol.PerspectiveClient && !s.handshakeConfirmed { 1513 if err := s.handleHandshakeConfirmed(); err != nil { 1514 return err 1515 } 1516 } 1517 return s.cryptoStreamHandler.SetLargest1RTTAcked(frame.LargestAcked()) 1518 } 1519 1520 func (s *connection) handleDatagramFrame(f *wire.DatagramFrame) error { 1521 if f.Length(s.version) > protocol.MaxDatagramFrameSize { 1522 return &qerr.TransportError{ 1523 ErrorCode: qerr.ProtocolViolation, 1524 ErrorMessage: "DATAGRAM frame too large", 1525 } 1526 } 1527 s.datagramQueue.HandleDatagramFrame(f) 1528 return nil 1529 } 1530 1531 // closeLocal closes the connection and send a CONNECTION_CLOSE containing the error 1532 func (s *connection) closeLocal(e error) { 1533 s.closeOnce.Do(func() { 1534 if e == nil { 1535 s.logger.Infof("Closing connection.") 1536 } else { 1537 s.logger.Errorf("Closing connection with error: %s", e) 1538 } 1539 s.closeChan <- closeError{err: e, immediate: false, remote: false} 1540 }) 1541 } 1542 1543 // destroy closes the connection without sending the error on the wire 1544 func (s *connection) destroy(e error) { 1545 s.destroyImpl(e) 1546 <-s.ctx.Done() 1547 } 1548 1549 func (s *connection) destroyImpl(e error) { 1550 s.closeOnce.Do(func() { 1551 if nerr, ok := e.(net.Error); ok && nerr.Timeout() { 1552 s.logger.Errorf("Destroying connection: %s", e) 1553 } else { 1554 s.logger.Errorf("Destroying connection with error: %s", e) 1555 } 1556 s.closeChan <- closeError{err: e, immediate: true, remote: false} 1557 }) 1558 } 1559 1560 func (s *connection) closeRemote(e error) { 1561 s.closeOnce.Do(func() { 1562 s.logger.Errorf("Peer closed connection with error: %s", e) 1563 s.closeChan <- closeError{err: e, immediate: true, remote: true} 1564 }) 1565 } 1566 1567 // Close the connection. It sends a NO_ERROR application error. 1568 // It waits until the run loop has stopped before returning 1569 func (s *connection) shutdown() { 1570 s.closeLocal(nil) 1571 <-s.ctx.Done() 1572 } 1573 1574 func (s *connection) CloseWithError(code ApplicationErrorCode, desc string) error { 1575 s.closeLocal(&qerr.ApplicationError{ 1576 ErrorCode: code, 1577 ErrorMessage: desc, 1578 }) 1579 <-s.ctx.Done() 1580 return nil 1581 } 1582 1583 func (s *connection) handleCloseError(closeErr *closeError) { 1584 e := closeErr.err 1585 if e == nil { 1586 e = &qerr.ApplicationError{} 1587 } else { 1588 defer func() { 1589 closeErr.err = e 1590 }() 1591 } 1592 1593 var ( 1594 statelessResetErr *StatelessResetError 1595 versionNegotiationErr *VersionNegotiationError 1596 recreateErr *errCloseForRecreating 1597 applicationErr *ApplicationError 1598 transportErr *TransportError 1599 ) 1600 switch { 1601 case errors.Is(e, qerr.ErrIdleTimeout), 1602 errors.Is(e, qerr.ErrHandshakeTimeout), 1603 errors.As(e, &statelessResetErr), 1604 errors.As(e, &versionNegotiationErr), 1605 errors.As(e, &recreateErr), 1606 errors.As(e, &applicationErr), 1607 errors.As(e, &transportErr): 1608 default: 1609 e = &qerr.TransportError{ 1610 ErrorCode: qerr.InternalError, 1611 ErrorMessage: e.Error(), 1612 } 1613 } 1614 1615 s.streamsMap.CloseWithError(e) 1616 s.connIDManager.Close() 1617 if s.datagramQueue != nil { 1618 s.datagramQueue.CloseWithError(e) 1619 } 1620 1621 if s.tracer != nil && !errors.As(e, &recreateErr) { 1622 s.tracer.ClosedConnection(e) 1623 } 1624 1625 // If this is a remote close we're done here 1626 if closeErr.remote { 1627 s.connIDGenerator.ReplaceWithClosed(s.perspective, nil) 1628 return 1629 } 1630 if closeErr.immediate { 1631 s.connIDGenerator.RemoveAll() 1632 return 1633 } 1634 // Don't send out any CONNECTION_CLOSE if this is an error that occurred 1635 // before we even sent out the first packet. 1636 if s.perspective == protocol.PerspectiveClient && !s.sentFirstPacket { 1637 s.connIDGenerator.RemoveAll() 1638 return 1639 } 1640 connClosePacket, err := s.sendConnectionClose(e) 1641 if err != nil { 1642 s.logger.Debugf("Error sending CONNECTION_CLOSE: %s", err) 1643 } 1644 s.connIDGenerator.ReplaceWithClosed(s.perspective, connClosePacket) 1645 } 1646 1647 func (s *connection) dropEncryptionLevel(encLevel protocol.EncryptionLevel) error { 1648 if s.tracer != nil { 1649 s.tracer.DroppedEncryptionLevel(encLevel) 1650 } 1651 s.sentPacketHandler.DropPackets(encLevel) 1652 s.receivedPacketHandler.DropPackets(encLevel) 1653 //nolint:exhaustive // only Initial and 0-RTT need special treatment 1654 switch encLevel { 1655 case protocol.EncryptionInitial: 1656 s.cryptoStreamHandler.DiscardInitialKeys() 1657 case protocol.Encryption0RTT: 1658 s.streamsMap.ResetFor0RTT() 1659 if err := s.connFlowController.Reset(); err != nil { 1660 return err 1661 } 1662 return s.framer.Handle0RTTRejection() 1663 } 1664 return s.cryptoStreamManager.Drop(encLevel) 1665 } 1666 1667 // is called for the client, when restoring transport parameters saved for 0-RTT 1668 func (s *connection) restoreTransportParameters(params *wire.TransportParameters) { 1669 if s.logger.Debug() { 1670 s.logger.Debugf("Restoring Transport Parameters: %s", params) 1671 } 1672 1673 s.PeerParams = params 1674 s.connIDGenerator.SetMaxActiveConnIDs(params.ActiveConnectionIDLimit) 1675 s.connFlowController.UpdateSendWindow(params.InitialMaxData) 1676 s.streamsMap.UpdateLimits(params) 1677 s.connStateMutex.Lock() 1678 s.connState.SupportsDatagrams = s.supportsDatagrams() 1679 s.connStateMutex.Unlock() 1680 } 1681 1682 func (s *connection) handleTransportParameters(params *wire.TransportParameters) error { 1683 if s.tracer != nil { 1684 s.tracer.ReceivedTransportParameters(params) 1685 } 1686 if err := s.checkTransportParameters(params); err != nil { 1687 return &qerr.TransportError{ 1688 ErrorCode: qerr.TransportParameterError, 1689 ErrorMessage: err.Error(), 1690 } 1691 } 1692 1693 if s.perspective == protocol.PerspectiveClient && s.PeerParams != nil && s.ConnectionState().Used0RTT && !params.ValidForUpdate(s.PeerParams) { 1694 return &qerr.TransportError{ 1695 ErrorCode: qerr.ProtocolViolation, 1696 ErrorMessage: "server sent reduced limits after accepting 0-RTT data", 1697 } 1698 } 1699 1700 s.PeerParams = params 1701 // On the client side we have to wait for handshake completion. 1702 // During a 0-RTT connection, we are only allowed to use the new transport parameters for 1-RTT packets. 1703 if s.perspective == protocol.PerspectiveServer { 1704 s.applyTransportParameters() 1705 // On the server side, the early connection is ready as soon as we processed 1706 // the client's transport parameters. 1707 close(s.earlyConnReadyChan) 1708 } 1709 1710 s.connStateMutex.Lock() 1711 s.connState.SupportsDatagrams = s.supportsDatagrams() 1712 s.connStateMutex.Unlock() 1713 return nil 1714 } 1715 1716 func (s *connection) checkTransportParameters(params *wire.TransportParameters) error { 1717 if s.logger.Debug() { 1718 s.logger.Debugf("Processed Transport Parameters: %s", params) 1719 } 1720 1721 // check the initial_source_connection_id 1722 if params.InitialSourceConnectionID != s.handshakeDestConnID { 1723 return fmt.Errorf("expected initial_source_connection_id to equal %s, is %s", s.handshakeDestConnID, params.InitialSourceConnectionID) 1724 } 1725 1726 if s.perspective == protocol.PerspectiveServer { 1727 return nil 1728 } 1729 // check the original_destination_connection_id 1730 if params.OriginalDestinationConnectionID != s.origDestConnID { 1731 return fmt.Errorf("expected original_destination_connection_id to equal %s, is %s", s.origDestConnID, params.OriginalDestinationConnectionID) 1732 } 1733 if s.retrySrcConnID != nil { // a Retry was performed 1734 if params.RetrySourceConnectionID == nil { 1735 return errors.New("missing retry_source_connection_id") 1736 } 1737 if *params.RetrySourceConnectionID != *s.retrySrcConnID { 1738 return fmt.Errorf("expected retry_source_connection_id to equal %s, is %s", s.retrySrcConnID, *params.RetrySourceConnectionID) 1739 } 1740 } else if params.RetrySourceConnectionID != nil { 1741 return errors.New("received retry_source_connection_id, although no Retry was performed") 1742 } 1743 return nil 1744 } 1745 1746 func (s *connection) applyTransportParameters() { 1747 params := s.PeerParams 1748 // Our local idle timeout will always be > 0. 1749 s.idleTimeout = utils.MinNonZeroDuration(s.config.MaxIdleTimeout, params.MaxIdleTimeout) 1750 s.keepAliveInterval = utils.Min(s.config.KeepAlivePeriod, utils.Min(s.idleTimeout/2, protocol.MaxKeepAliveInterval)) 1751 s.streamsMap.UpdateLimits(params) 1752 s.frameParser.SetAckDelayExponent(params.AckDelayExponent) 1753 s.connFlowController.UpdateSendWindow(params.InitialMaxData) 1754 s.rttStats.SetMaxAckDelay(params.MaxAckDelay) 1755 s.connIDGenerator.SetMaxActiveConnIDs(params.ActiveConnectionIDLimit) 1756 if params.StatelessResetToken != nil { 1757 s.connIDManager.SetStatelessResetToken(*params.StatelessResetToken) 1758 } 1759 // We don't support connection migration yet, so we don't have any use for the preferred_address. 1760 if params.PreferredAddress != nil { 1761 // Retire the connection ID. 1762 s.connIDManager.AddFromPreferredAddress(params.PreferredAddress.ConnectionID, params.PreferredAddress.StatelessResetToken) 1763 } 1764 } 1765 1766 func (s *connection) triggerSending() error { 1767 s.pacingDeadline = time.Time{} 1768 now := time.Now() 1769 1770 sendMode := s.sentPacketHandler.SendMode(now) 1771 //nolint:exhaustive // No need to handle pacing limited here. 1772 switch sendMode { 1773 case ackhandler.SendAny: 1774 return s.sendPackets(now) 1775 case ackhandler.SendNone: 1776 return nil 1777 case ackhandler.SendPacingLimited: 1778 deadline := s.sentPacketHandler.TimeUntilSend() 1779 if deadline.IsZero() { 1780 deadline = deadlineSendImmediately 1781 } 1782 s.pacingDeadline = deadline 1783 // Allow sending of an ACK if we're pacing limit. 1784 // This makes sure that a peer that is mostly receiving data (and thus has an inaccurate cwnd estimate) 1785 // sends enough ACKs to allow its peer to utilize the bandwidth. 1786 fallthrough 1787 case ackhandler.SendAck: 1788 // We can at most send a single ACK only packet. 1789 // There will only be a new ACK after receiving new packets. 1790 // SendAck is only returned when we're congestion limited, so we don't need to set the pacinggs timer. 1791 return s.maybeSendAckOnlyPacket(now) 1792 case ackhandler.SendPTOInitial: 1793 if err := s.sendProbePacket(protocol.EncryptionInitial, now); err != nil { 1794 return err 1795 } 1796 if s.sendQueue.WouldBlock() { 1797 s.scheduleSending() 1798 return nil 1799 } 1800 return s.triggerSending() 1801 case ackhandler.SendPTOHandshake: 1802 if err := s.sendProbePacket(protocol.EncryptionHandshake, now); err != nil { 1803 return err 1804 } 1805 if s.sendQueue.WouldBlock() { 1806 s.scheduleSending() 1807 return nil 1808 } 1809 return s.triggerSending() 1810 case ackhandler.SendPTOAppData: 1811 if err := s.sendProbePacket(protocol.Encryption1RTT, now); err != nil { 1812 return err 1813 } 1814 if s.sendQueue.WouldBlock() { 1815 s.scheduleSending() 1816 return nil 1817 } 1818 return s.triggerSending() 1819 default: 1820 return fmt.Errorf("BUG: invalid send mode %d", sendMode) 1821 } 1822 } 1823 1824 func (s *connection) sendPackets(now time.Time) error { 1825 // Path MTU Discovery 1826 // Can't use GSO, since we need to send a single packet that's larger than our current maximum size. 1827 // Performance-wise, this doesn't matter, since we only send a very small (<10) number of 1828 // MTU probe packets per connection. 1829 if s.handshakeConfirmed && s.mtuDiscoverer != nil && s.mtuDiscoverer.ShouldSendProbe(now) { 1830 ping, size := s.mtuDiscoverer.GetPing() 1831 p, buf, err := s.packer.PackMTUProbePacket(ping, size, s.version) 1832 if err != nil { 1833 return err 1834 } 1835 s.logShortHeaderPacket(p.DestConnID, p.Ack, p.Frames, p.StreamFrames, p.PacketNumber, p.PacketNumberLen, p.KeyPhase, buf.Len(), false) 1836 s.registerPackedShortHeaderPacket(p, now) 1837 s.sendQueue.Send(buf, buf.Len()) 1838 // This is kind of a hack. We need to trigger sending again somehow. 1839 s.pacingDeadline = deadlineSendImmediately 1840 return nil 1841 } 1842 1843 if isBlocked, offset := s.connFlowController.IsNewlyBlocked(); isBlocked { 1844 s.framer.QueueControlFrame(&wire.DataBlockedFrame{MaximumData: offset}) 1845 } 1846 s.windowUpdateQueue.QueueAll() 1847 if cf := s.cryptoStreamManager.GetPostHandshakeData(protocol.MaxPostHandshakeCryptoFrameSize); cf != nil { 1848 s.queueControlFrame(cf) 1849 } 1850 1851 if !s.handshakeConfirmed { 1852 packet, err := s.packer.PackCoalescedPacket(false, s.mtuDiscoverer.CurrentSize(), s.version) 1853 if err != nil || packet == nil { 1854 return err 1855 } 1856 s.sentFirstPacket = true 1857 if err := s.sendPackedCoalescedPacket(packet, now); err != nil { 1858 return err 1859 } 1860 sendMode := s.sentPacketHandler.SendMode(now) 1861 if sendMode == ackhandler.SendPacingLimited { 1862 s.resetPacingDeadline() 1863 } else if sendMode == ackhandler.SendAny { 1864 s.pacingDeadline = deadlineSendImmediately 1865 } 1866 return nil 1867 } 1868 1869 if s.conn.capabilities().GSO { 1870 return s.sendPacketsWithGSO(now) 1871 } 1872 return s.sendPacketsWithoutGSO(now) 1873 } 1874 1875 func (s *connection) sendPacketsWithoutGSO(now time.Time) error { 1876 for { 1877 buf := getPacketBuffer() 1878 if _, err := s.appendPacket(buf, s.mtuDiscoverer.CurrentSize(), now); err != nil { 1879 if err == errNothingToPack { 1880 buf.Release() 1881 return nil 1882 } 1883 return err 1884 } 1885 1886 s.sendQueue.Send(buf, buf.Len()) 1887 1888 if s.sendQueue.WouldBlock() { 1889 return nil 1890 } 1891 sendMode := s.sentPacketHandler.SendMode(now) 1892 if sendMode == ackhandler.SendPacingLimited { 1893 s.resetPacingDeadline() 1894 return nil 1895 } 1896 if sendMode != ackhandler.SendAny { 1897 return nil 1898 } 1899 // Prioritize receiving of packets over sending out more packets. 1900 if len(s.receivedPackets) > 0 { 1901 s.pacingDeadline = deadlineSendImmediately 1902 return nil 1903 } 1904 } 1905 } 1906 1907 func (s *connection) sendPacketsWithGSO(now time.Time) error { 1908 buf := getLargePacketBuffer() 1909 maxSize := s.mtuDiscoverer.CurrentSize() 1910 1911 for { 1912 var dontSendMore bool 1913 size, err := s.appendPacket(buf, maxSize, now) 1914 if err != nil { 1915 if err != errNothingToPack { 1916 return err 1917 } 1918 if buf.Len() == 0 { 1919 buf.Release() 1920 return nil 1921 } 1922 dontSendMore = true 1923 } 1924 1925 if !dontSendMore { 1926 sendMode := s.sentPacketHandler.SendMode(now) 1927 if sendMode == ackhandler.SendPacingLimited { 1928 s.resetPacingDeadline() 1929 } 1930 if sendMode != ackhandler.SendAny { 1931 dontSendMore = true 1932 } 1933 } 1934 1935 // Append another packet if 1936 // 1. The congestion controller and pacer allow sending more 1937 // 2. The last packet appended was a full-size packet 1938 // 3. We still have enough space for another full-size packet in the buffer 1939 if !dontSendMore && size == maxSize && buf.Len()+maxSize <= buf.Cap() { 1940 continue 1941 } 1942 1943 s.sendQueue.Send(buf, maxSize) 1944 1945 if dontSendMore { 1946 return nil 1947 } 1948 if s.sendQueue.WouldBlock() { 1949 return nil 1950 } 1951 1952 // Prioritize receiving of packets over sending out more packets. 1953 if len(s.receivedPackets) > 0 { 1954 s.pacingDeadline = deadlineSendImmediately 1955 return nil 1956 } 1957 1958 buf = getLargePacketBuffer() 1959 } 1960 } 1961 1962 func (s *connection) resetPacingDeadline() { 1963 deadline := s.sentPacketHandler.TimeUntilSend() 1964 if deadline.IsZero() { 1965 deadline = deadlineSendImmediately 1966 } 1967 s.pacingDeadline = deadline 1968 } 1969 1970 func (s *connection) maybeSendAckOnlyPacket(now time.Time) error { 1971 if !s.handshakeConfirmed { 1972 packet, err := s.packer.PackCoalescedPacket(true, s.mtuDiscoverer.CurrentSize(), s.version) 1973 if err != nil { 1974 return err 1975 } 1976 if packet == nil { 1977 return nil 1978 } 1979 return s.sendPackedCoalescedPacket(packet, time.Now()) 1980 } 1981 1982 p, buf, err := s.packer.PackAckOnlyPacket(s.mtuDiscoverer.CurrentSize(), s.version) 1983 if err != nil { 1984 if err == errNothingToPack { 1985 return nil 1986 } 1987 return err 1988 } 1989 s.logShortHeaderPacket(p.DestConnID, p.Ack, p.Frames, p.StreamFrames, p.PacketNumber, p.PacketNumberLen, p.KeyPhase, buf.Len(), false) 1990 s.registerPackedShortHeaderPacket(p, now) 1991 s.sendQueue.Send(buf, buf.Len()) 1992 return nil 1993 } 1994 1995 func (s *connection) sendProbePacket(encLevel protocol.EncryptionLevel, now time.Time) error { 1996 // Queue probe packets until we actually send out a packet, 1997 // or until there are no more packets to queue. 1998 var packet *coalescedPacket 1999 for { 2000 if wasQueued := s.sentPacketHandler.QueueProbePacket(encLevel); !wasQueued { 2001 break 2002 } 2003 var err error 2004 packet, err = s.packer.MaybePackProbePacket(encLevel, s.mtuDiscoverer.CurrentSize(), s.version) 2005 if err != nil { 2006 return err 2007 } 2008 if packet != nil { 2009 break 2010 } 2011 } 2012 if packet == nil { 2013 s.retransmissionQueue.AddPing(encLevel) 2014 var err error 2015 packet, err = s.packer.MaybePackProbePacket(encLevel, s.mtuDiscoverer.CurrentSize(), s.version) 2016 if err != nil { 2017 return err 2018 } 2019 } 2020 if packet == nil || (len(packet.longHdrPackets) == 0 && packet.shortHdrPacket == nil) { 2021 return fmt.Errorf("connection BUG: couldn't pack %s probe packet", encLevel) 2022 } 2023 return s.sendPackedCoalescedPacket(packet, now) 2024 } 2025 2026 // appendPacket appends a new packet to the given packetBuffer. 2027 // If there was nothing to pack, the returned size is 0. 2028 func (s *connection) appendPacket(buf *packetBuffer, maxSize protocol.ByteCount, now time.Time) (protocol.ByteCount, error) { 2029 startLen := buf.Len() 2030 p, err := s.packer.AppendPacket(buf, maxSize, s.version) 2031 if err != nil { 2032 return 0, err 2033 } 2034 size := buf.Len() - startLen 2035 s.logShortHeaderPacket(p.DestConnID, p.Ack, p.Frames, p.StreamFrames, p.PacketNumber, p.PacketNumberLen, p.KeyPhase, size, false) 2036 s.registerPackedShortHeaderPacket(p, now) 2037 return size, nil 2038 } 2039 2040 func (s *connection) registerPackedShortHeaderPacket(p shortHeaderPacket, now time.Time) { 2041 if s.firstAckElicitingPacketAfterIdleSentTime.IsZero() && (len(p.StreamFrames) > 0 || ackhandler.HasAckElicitingFrames(p.Frames)) { 2042 s.firstAckElicitingPacketAfterIdleSentTime = now 2043 } 2044 2045 largestAcked := protocol.InvalidPacketNumber 2046 if p.Ack != nil { 2047 largestAcked = p.Ack.LargestAcked() 2048 } 2049 s.sentPacketHandler.SentPacket(now, p.PacketNumber, largestAcked, p.StreamFrames, p.Frames, protocol.Encryption1RTT, p.Length, p.IsPathMTUProbePacket) 2050 s.connIDManager.SentPacket() 2051 } 2052 2053 func (s *connection) sendPackedCoalescedPacket(packet *coalescedPacket, now time.Time) error { 2054 s.logCoalescedPacket(packet) 2055 for _, p := range packet.longHdrPackets { 2056 if s.firstAckElicitingPacketAfterIdleSentTime.IsZero() && p.IsAckEliciting() { 2057 s.firstAckElicitingPacketAfterIdleSentTime = now 2058 } 2059 largestAcked := protocol.InvalidPacketNumber 2060 if p.ack != nil { 2061 largestAcked = p.ack.LargestAcked() 2062 } 2063 s.sentPacketHandler.SentPacket(now, p.header.PacketNumber, largestAcked, p.streamFrames, p.frames, p.EncryptionLevel(), p.length, false) 2064 if s.perspective == protocol.PerspectiveClient && p.EncryptionLevel() == protocol.EncryptionHandshake { 2065 // On the client side, Initial keys are dropped as soon as the first Handshake packet is sent. 2066 // See Section 4.9.1 of RFC 9001. 2067 if err := s.dropEncryptionLevel(protocol.EncryptionInitial); err != nil { 2068 return err 2069 } 2070 } 2071 } 2072 if p := packet.shortHdrPacket; p != nil { 2073 if s.firstAckElicitingPacketAfterIdleSentTime.IsZero() && p.IsAckEliciting() { 2074 s.firstAckElicitingPacketAfterIdleSentTime = now 2075 } 2076 largestAcked := protocol.InvalidPacketNumber 2077 if p.Ack != nil { 2078 largestAcked = p.Ack.LargestAcked() 2079 } 2080 s.sentPacketHandler.SentPacket(now, p.PacketNumber, largestAcked, p.StreamFrames, p.Frames, protocol.Encryption1RTT, p.Length, p.IsPathMTUProbePacket) 2081 } 2082 s.connIDManager.SentPacket() 2083 s.sendQueue.Send(packet.buffer, packet.buffer.Len()) 2084 return nil 2085 } 2086 2087 func (s *connection) sendConnectionClose(e error) ([]byte, error) { 2088 var packet *coalescedPacket 2089 var err error 2090 var transportErr *qerr.TransportError 2091 var applicationErr *qerr.ApplicationError 2092 if errors.As(e, &transportErr) { 2093 packet, err = s.packer.PackConnectionClose(transportErr, s.mtuDiscoverer.CurrentSize(), s.version) 2094 } else if errors.As(e, &applicationErr) { 2095 packet, err = s.packer.PackApplicationClose(applicationErr, s.mtuDiscoverer.CurrentSize(), s.version) 2096 } else { 2097 packet, err = s.packer.PackConnectionClose(&qerr.TransportError{ 2098 ErrorCode: qerr.InternalError, 2099 ErrorMessage: fmt.Sprintf("connection BUG: unspecified error type (msg: %s)", e.Error()), 2100 }, s.mtuDiscoverer.CurrentSize(), s.version) 2101 } 2102 if err != nil { 2103 return nil, err 2104 } 2105 s.logCoalescedPacket(packet) 2106 return packet.buffer.Data, s.conn.Write(packet.buffer.Data, packet.buffer.Len()) 2107 } 2108 2109 func (s *connection) logLongHeaderPacket(p *longHeaderPacket) { 2110 // quic-go logging 2111 if s.logger.Debug() { 2112 p.header.Log(s.logger) 2113 if p.ack != nil { 2114 wire.LogFrame(s.logger, p.ack, true) 2115 } 2116 for _, frame := range p.frames { 2117 wire.LogFrame(s.logger, frame.Frame, true) 2118 } 2119 for _, frame := range p.streamFrames { 2120 wire.LogFrame(s.logger, frame.Frame, true) 2121 } 2122 } 2123 2124 // tracing 2125 if s.tracer != nil { 2126 frames := make([]logging.Frame, 0, len(p.frames)) 2127 for _, f := range p.frames { 2128 frames = append(frames, logutils.ConvertFrame(f.Frame)) 2129 } 2130 for _, f := range p.streamFrames { 2131 frames = append(frames, logutils.ConvertFrame(f.Frame)) 2132 } 2133 var ack *logging.AckFrame 2134 if p.ack != nil { 2135 ack = logutils.ConvertAckFrame(p.ack) 2136 } 2137 s.tracer.SentLongHeaderPacket(p.header, p.length, ack, frames) 2138 } 2139 } 2140 2141 func (s *connection) logShortHeaderPacket( 2142 destConnID protocol.ConnectionID, 2143 ackFrame *wire.AckFrame, 2144 frames []ackhandler.Frame, 2145 streamFrames []ackhandler.StreamFrame, 2146 pn protocol.PacketNumber, 2147 pnLen protocol.PacketNumberLen, 2148 kp protocol.KeyPhaseBit, 2149 size protocol.ByteCount, 2150 isCoalesced bool, 2151 ) { 2152 if s.logger.Debug() && !isCoalesced { 2153 s.logger.Debugf("-> Sending packet %d (%d bytes) for connection %s, 1-RTT", pn, size, s.logID) 2154 } 2155 // quic-go logging 2156 if s.logger.Debug() { 2157 wire.LogShortHeader(s.logger, destConnID, pn, pnLen, kp) 2158 if ackFrame != nil { 2159 wire.LogFrame(s.logger, ackFrame, true) 2160 } 2161 for _, f := range frames { 2162 wire.LogFrame(s.logger, f.Frame, true) 2163 } 2164 for _, f := range streamFrames { 2165 wire.LogFrame(s.logger, f.Frame, true) 2166 } 2167 } 2168 2169 // tracing 2170 if s.tracer != nil { 2171 fs := make([]logging.Frame, 0, len(frames)+len(streamFrames)) 2172 for _, f := range frames { 2173 fs = append(fs, logutils.ConvertFrame(f.Frame)) 2174 } 2175 for _, f := range streamFrames { 2176 fs = append(fs, logutils.ConvertFrame(f.Frame)) 2177 } 2178 var ack *logging.AckFrame 2179 if ackFrame != nil { 2180 ack = logutils.ConvertAckFrame(ackFrame) 2181 } 2182 s.tracer.SentShortHeaderPacket( 2183 &logging.ShortHeader{ 2184 DestConnectionID: destConnID, 2185 PacketNumber: pn, 2186 PacketNumberLen: pnLen, 2187 KeyPhase: kp, 2188 }, 2189 size, 2190 ack, 2191 fs, 2192 ) 2193 } 2194 } 2195 2196 func (s *connection) logCoalescedPacket(packet *coalescedPacket) { 2197 if s.logger.Debug() { 2198 // There's a short period between dropping both Initial and Handshake keys and completion of the handshake, 2199 // during which we might call PackCoalescedPacket but just pack a short header packet. 2200 if len(packet.longHdrPackets) == 0 && packet.shortHdrPacket != nil { 2201 s.logShortHeaderPacket( 2202 packet.shortHdrPacket.DestConnID, 2203 packet.shortHdrPacket.Ack, 2204 packet.shortHdrPacket.Frames, 2205 packet.shortHdrPacket.StreamFrames, 2206 packet.shortHdrPacket.PacketNumber, 2207 packet.shortHdrPacket.PacketNumberLen, 2208 packet.shortHdrPacket.KeyPhase, 2209 packet.shortHdrPacket.Length, 2210 false, 2211 ) 2212 return 2213 } 2214 if len(packet.longHdrPackets) > 1 { 2215 s.logger.Debugf("-> Sending coalesced packet (%d parts, %d bytes) for connection %s", len(packet.longHdrPackets), packet.buffer.Len(), s.logID) 2216 } else { 2217 s.logger.Debugf("-> Sending packet %d (%d bytes) for connection %s, %s", packet.longHdrPackets[0].header.PacketNumber, packet.buffer.Len(), s.logID, packet.longHdrPackets[0].EncryptionLevel()) 2218 } 2219 } 2220 for _, p := range packet.longHdrPackets { 2221 s.logLongHeaderPacket(p) 2222 } 2223 if p := packet.shortHdrPacket; p != nil { 2224 s.logShortHeaderPacket(p.DestConnID, p.Ack, p.Frames, p.StreamFrames, p.PacketNumber, p.PacketNumberLen, p.KeyPhase, p.Length, true) 2225 } 2226 } 2227 2228 // AcceptStream returns the next stream openend by the peer 2229 func (s *connection) AcceptStream(ctx context.Context) (Stream, error) { 2230 return s.streamsMap.AcceptStream(ctx) 2231 } 2232 2233 func (s *connection) AcceptUniStream(ctx context.Context) (ReceiveStream, error) { 2234 return s.streamsMap.AcceptUniStream(ctx) 2235 } 2236 2237 // OpenStream opens a stream 2238 func (s *connection) OpenStream() (Stream, error) { 2239 return s.streamsMap.OpenStream() 2240 } 2241 2242 func (s *connection) OpenStreamSync(ctx context.Context) (Stream, error) { 2243 return s.streamsMap.OpenStreamSync(ctx) 2244 } 2245 2246 func (s *connection) OpenUniStream() (SendStream, error) { 2247 return s.streamsMap.OpenUniStream() 2248 } 2249 2250 func (s *connection) OpenUniStreamSync(ctx context.Context) (SendStream, error) { 2251 return s.streamsMap.OpenUniStreamSync(ctx) 2252 } 2253 2254 func (s *connection) newFlowController(id protocol.StreamID) flowcontrol.StreamFlowController { 2255 initialSendWindow := s.PeerParams.InitialMaxStreamDataUni 2256 if id.Type() == protocol.StreamTypeBidi { 2257 if id.InitiatedBy() == s.perspective { 2258 initialSendWindow = s.PeerParams.InitialMaxStreamDataBidiRemote 2259 } else { 2260 initialSendWindow = s.PeerParams.InitialMaxStreamDataBidiLocal 2261 } 2262 } 2263 return flowcontrol.NewStreamFlowController( 2264 id, 2265 s.connFlowController, 2266 protocol.ByteCount(s.config.InitialStreamReceiveWindow), 2267 protocol.ByteCount(s.config.MaxStreamReceiveWindow), 2268 initialSendWindow, 2269 s.onHasStreamWindowUpdate, 2270 s.rttStats, 2271 s.logger, 2272 ) 2273 } 2274 2275 // scheduleSending signals that we have data for sending 2276 func (s *connection) scheduleSending() { 2277 select { 2278 case s.sendingScheduled <- struct{}{}: 2279 default: 2280 } 2281 } 2282 2283 // tryQueueingUndecryptablePacket queues a packet for which we're missing the decryption keys. 2284 // The logging.PacketType is only used for logging purposes. 2285 func (s *connection) tryQueueingUndecryptablePacket(p receivedPacket, pt logging.PacketType) { 2286 if s.handshakeComplete { 2287 panic("shouldn't queue undecryptable packets after handshake completion") 2288 } 2289 if len(s.undecryptablePackets)+1 > protocol.MaxUndecryptablePackets { 2290 if s.tracer != nil { 2291 s.tracer.DroppedPacket(pt, p.Size(), logging.PacketDropDOSPrevention) 2292 } 2293 s.logger.Infof("Dropping undecryptable packet (%d bytes). Undecryptable packet queue full.", p.Size()) 2294 return 2295 } 2296 s.logger.Infof("Queueing packet (%d bytes) for later decryption", p.Size()) 2297 if s.tracer != nil { 2298 s.tracer.BufferedPacket(pt, p.Size()) 2299 } 2300 s.undecryptablePackets = append(s.undecryptablePackets, p) 2301 } 2302 2303 func (s *connection) queueControlFrame(f wire.Frame) { 2304 s.framer.QueueControlFrame(f) 2305 s.scheduleSending() 2306 } 2307 2308 func (s *connection) onHasStreamWindowUpdate(id protocol.StreamID) { 2309 s.windowUpdateQueue.AddStream(id) 2310 s.scheduleSending() 2311 } 2312 2313 func (s *connection) onHasConnectionWindowUpdate() { 2314 s.windowUpdateQueue.AddConnection() 2315 s.scheduleSending() 2316 } 2317 2318 func (s *connection) onHasStreamData(id protocol.StreamID) { 2319 s.framer.AddActiveStream(id) 2320 s.scheduleSending() 2321 } 2322 2323 func (s *connection) onStreamCompleted(id protocol.StreamID) { 2324 if err := s.streamsMap.DeleteStream(id); err != nil { 2325 s.closeLocal(err) 2326 } 2327 } 2328 2329 func (s *connection) SendMessage(p []byte) error { 2330 if !s.supportsDatagrams() { 2331 return errors.New("datagram support disabled") 2332 } 2333 2334 f := &wire.DatagramFrame{DataLenPresent: true} 2335 if protocol.ByteCount(len(p)) > f.MaxDataLen(s.PeerParams.MaxDatagramFrameSize, s.version) { 2336 return errors.New("message too large") 2337 } 2338 f.Data = make([]byte, len(p)) 2339 copy(f.Data, p) 2340 return s.datagramQueue.AddAndWait(f) 2341 } 2342 2343 func (s *connection) ReceiveMessage(ctx context.Context) ([]byte, error) { 2344 if !s.config.EnableDatagrams { 2345 return nil, errors.New("datagram support disabled") 2346 } 2347 return s.datagramQueue.Receive(ctx) 2348 } 2349 2350 func (s *connection) LocalAddr() net.Addr { 2351 return s.conn.LocalAddr() 2352 } 2353 2354 func (s *connection) RemoteAddr() net.Addr { 2355 return s.conn.RemoteAddr() 2356 } 2357 2358 func (s *connection) getPerspective() protocol.Perspective { 2359 return s.perspective 2360 } 2361 2362 func (s *connection) GetVersion() protocol.VersionNumber { 2363 return s.version 2364 } 2365 2366 func (s *connection) NextConnection() Connection { 2367 <-s.HandshakeComplete() 2368 s.streamsMap.UseResetMaps() 2369 return s 2370 } 2371 2372 func (s *connection) GetConnection() *connection { 2373 return s 2374 }