Release 2.8.1

- [FEATURE] Use occasional packet number gaps to detect optimistic ACK attacks. - [BUGFIX] Q050 client: all packet numbers are in the App PNS. - [OPTIMIZATION] Merge multi-range ACK frames, not just single-range ACK frames. - IETF QUIC: use RTT estimate in ack timeout calculation. - IETF handshake: abort conn when unexpected errors occur. - Use PING rather than MAX_DATA frames to elicit ACKs from peer. - Server: enforce 1200 byte Initial minimum packet size. - [CLEANUP] Remove code to disable gQUIC crypto. - [CLEANUP] Remove n_timestamps from ACK info struct. - Optimize driver: reuse previous ancillary message when possible.
litespeedtech · Dec 30, 2019 · de46bf2 · de46bf2
1 parent 022d981
commit de46bf2
Show file tree

Hide file tree

Showing 35 changed files with 692 additions and 752 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,3 +1,18 @@
+2019-12-30
+    - 2.8.1
+    - [FEATURE] Use occasional packet number gaps to detect optimistic
+      ACK attacks.
+    - [BUGFIX] Q050 client: all packet numbers are in the App PNS.
+    - [OPTIMIZATION] Merge multi-range ACK frames, not just single-range
+      ACK frames.
+    - IETF QUIC: use RTT estimate in ack timeout calculation.
+    - IETF handshake: abort conn when unexpected errors occur.
+    - Use PING rather than MAX_DATA frames to elicit ACKs from peer.
+    - Server: enforce 1200 byte Initial minimum packet size.
+    - [CLEANUP] Remove code to disable gQUIC crypto.
+    - [CLEANUP] Remove n_timestamps from ACK info struct.
+    - Optimize driver: reuse previous ancillary message when possible.
+
 2019-12-23
     - 2.8.0
     - [FEATURE] Add support for Q050.

diff --git a/EXAMPLES.txt b/EXAMPLES.txt
@@ -166,19 +166,6 @@ LSQUIC_PACKET_OUT_LIMIT
 
     Note 2: see -m option for a related packet-out limitation.
 
-LSQUIC_DISABLE_HANDSHAKE
-
-    If set (to anything, not any particular value), the QUIC handshake is
-    disabled and packets are not encrypted.  This can be useful to:
-        a) profile functions in LSQUIC without accounting for crypto stuff,
-           which tends to dwarf everything else;
-        b) see bytes in the clear on the wire; and
-        c) compare throughput performance to TCP without crypto.
-
-    This functionality is compiled in if the somewhat-awkwardly named
-    LSQUIC_ENABLE_HANDSHAKE_DISABLE is set to 1.  By default, it is enabled
-    in debug builds and disabled in optimized builds.
-
 LSQUIC_LOSE_PACKETS_RE
 
     If set, this regular expression specifies the numbers of packets which
@@ -228,6 +215,10 @@ LSQUIC_USE_POOLS
     malloc() and free().  This facilitates debugging memory issues.
     The default is true.
 
+LSQUIC_ACK_ATTACK
+
+    If set to true, generate optimistic ACKs.
+
 Control Network-Related Stuff
 -----------------------------
 
@@ -246,10 +237,6 @@ Control Network-Related Stuff
 More Compilation Options
 ------------------------
 
--DLSQUIC_ENABLE_HANDSHAKE_DISABLE=1
-
-    Support disabling of handshake.  See above.
-
 -DLSQUIC_CONN_STATS=1
 
     Track some statistics about connections -- packets in, sent, delayed,
@@ -296,3 +283,8 @@ More Compilation Options
     When compiled with this flag, setting environment variable
     LSQUIC_ECN_BLACK_HOLE to 1 will emulate ECN black hole: all received
     packets with ECN markings are dropped on the floor.
+
+-DLSQUIC_ACK_ATTACK=1
+
+    Enable ACK attack mode.  See LSQUIC_ACK_ATTACK environment variable
+    entry above.
diff --git a/include/lsquic.h b/include/lsquic.h
@@ -25,7 +25,7 @@ extern "C" {
 
 #define LSQUIC_MAJOR_VERSION 2
 #define LSQUIC_MINOR_VERSION 8
-#define LSQUIC_PATCH_VERSION 0
+#define LSQUIC_PATCH_VERSION 1
 
 /**
  * Engine flags:

diff --git a/src/liblsquic/lsquic_chsk_stream.c b/src/liblsquic/lsquic_chsk_stream.c
@@ -38,16 +38,6 @@ hsk_client_on_new_stream (void *stream_if_ctx, lsquic_stream_t *stream)
 
     LSQ_DEBUG("stream created");
 
-#if LSQUIC_ENABLE_HANDSHAKE_DISABLE
-    if (getenv("LSQUIC_DISABLE_HANDSHAKE"))
-    {
-        LSQ_WARN("Handshake disabled: faking it");
-        c_hsk->lconn->cn_flags |= LSCONN_NO_CRYPTO;
-        c_hsk->lconn->cn_if->ci_handshake_ok(c_hsk->lconn);
-        return (void *) c_hsk;
-    }
-#endif
-
     lsquic_stream_wantwrite(stream, 1);
 
     return (void *) c_hsk;

diff --git a/src/liblsquic/lsquic_conn.h b/src/liblsquic/lsquic_conn.h
@@ -52,9 +52,7 @@ enum lsquic_conn_flags {
     LSCONN_UNUSED_18      = (1 <<18),
     LSCONN_ATTQ           = (1 <<19),
     LSCONN_SKIP_ON_PROC   = (1 <<20),
-#if LSQUIC_ENABLE_HANDSHAKE_DISABLE
-    LSCONN_NO_CRYPTO      = (1 <<21),
-#endif
+    LSCONN_UNUSED_21      = (1 <<21),
     LSCONN_SERVER         = (1 <<22),
     LSCONN_IETF           = (1 <<23),
     LSCONN_RETRY_CONN     = (1 <<24),   /* This is a retry connection */
@@ -362,7 +360,7 @@ struct conn_stats {
                             err_packets;        /* Error packets(?) */
         unsigned long       n_acks,
                             n_acks_proc,
-                            n_acks_merged[2];
+                            n_acks_merged;
         unsigned long       bytes;              /* Overall bytes in */
         unsigned long       headers_uncomp;     /* Sum of uncompressed header bytes */
         unsigned long       headers_comp;       /* Sum of compressed header bytes */

diff --git a/src/liblsquic/lsquic_enc_sess.h b/src/liblsquic/lsquic_enc_sess.h
@@ -51,8 +51,6 @@ enum handshake_error            /* TODO: rename this enum */
     HS_SHLO = 0,
     HS_1RTT = 1,
     HS_SREJ = 2,
-    HS_DELAYED = 3,
-    HS_PK_OFFLOAD = 4,
 };
 
 #ifndef LSQUIC_KEEP_ENC_SESS_HISTORY
@@ -208,11 +206,6 @@ struct enc_session_funcs_gquic
     (*esf_get_dec_key_nonce_f) (enc_session_t *);
 #endif /* !defined(NDEBUG) */
 
-#if LSQUIC_ENABLE_HANDSHAKE_DISABLE
-    void
-    (*esf_set_handshake_completed) (enc_session_t *);
-#endif
-
     /* Create client session */
     enc_session_t *
     (*esf_create_client) (struct lsquic_conn *, const char *domain,

diff --git a/src/liblsquic/lsquic_enc_sess_ietf.c b/src/liblsquic/lsquic_enc_sess_ietf.c
@@ -58,14 +58,6 @@
 #define LSQUIC_LOG_CONN_ID lsquic_conn_log_cid(enc_sess->esi_conn)
 #include "lsquic_logger.h"
 
-/* [draft-ietf-quic-tls-11] Section 5.3.2 */
-#define HSK_SECRET_SZ SHA256_DIGEST_LENGTH
-
-/* TODO: Specify ciphers */
-#define HSK_CIPHERS "TLS13-AES-128-GCM-SHA256"  \
-                   ":TLS13-AES-256-GCM-SHA384"  \
-                   ":TLS13-CHACHA20-POLY1305-SHA256"
-
 #define KEY_LABEL "quic key"
 #define KEY_LABEL_SZ (sizeof(KEY_LABEL) - 1)
 #define IV_LABEL "quic iv"
@@ -1585,7 +1577,8 @@ iquic_esfi_post_handshake (struct enc_sess_iquic *enc_sess)
         return IHS_WANT_READ;
     else
     {
-        LSQ_DEBUG("TODO: abort connection?");
+        enc_sess->esi_conn->cn_if->ci_internal_error(enc_sess->esi_conn,
+                                        "post-handshake error, code %d", s);
         return IHS_STOP;
     }
 }
@@ -2735,8 +2728,8 @@ maybe_write_from_fral (struct enc_sess_iquic *enc_sess,
     }
     else
     {
-        /* TODO: abort connection */
-        LSQ_WARN("cannot write to stream: %s", strerror(errno));
+        enc_sess->esi_conn->cn_if->ci_internal_error(enc_sess->esi_conn,
+                            "cannot write to stream: %s", strerror(errno));
         lsquic_stream_wantwrite(stream, 0);
     }
 }

diff --git a/src/liblsquic/lsquic_engine.c b/src/liblsquic/lsquic_engine.c
@@ -2237,10 +2237,6 @@ iov_size (const struct iovec *iov, const struct iovec *const end)
 }
 
 
-/* XXX A lot of extra setup -- two extra arguments to this function, two extra
- * connection ref flags and queues -- is just to handle the ENCPA_BADCRYPT case,
- * which never really happens.
- */
 static void
 send_packets_out (struct lsquic_engine *engine,
                   struct conns_tailq *ticked_conns,
@@ -2417,7 +2413,6 @@ reset_deadline (lsquic_engine_t *engine, lsquic_time_t now)
 }
 
 
-/* TODO: this is a user-facing function, account for load */
 void
 lsquic_engine_send_unsent_packets (lsquic_engine_t *engine)
 {

diff --git a/src/liblsquic/lsquic_engine_public.h b/src/liblsquic/lsquic_engine_public.h
@@ -21,6 +21,7 @@ enum warning_type
 {
     WT_ACKPARSE_MINI,
     WT_ACKPARSE_FULL,
+    WT_NO_POISON,
     N_WARNING_TYPES,
 };
 

diff --git a/src/liblsquic/lsquic_ev_log.c b/src/liblsquic/lsquic_ev_log.c
@@ -93,14 +93,10 @@ void
 lsquic_ev_log_ack_frame_in (const lsquic_cid_t *cid,
                                         const struct ack_info *acki)
 {
-    size_t sz;
-    char *buf;
+    char buf[MAX_ACKI_STR_SZ];
 
-    if ((buf = acki2str(acki, &sz)))
-    {
-        LCID("ACK frame in: %.*s", (int) sz, buf);
-        free(buf);
-    }
+    lsquic_acki2str(acki, buf, sizeof(buf));
+    LCID("ACK frame in: %s", buf);
 }
 
 
@@ -361,9 +357,8 @@ lsquic_ev_log_generated_ack_frame (const lsquic_cid_t *cid,
                 size_t ack_buf_sz)
 {
     struct ack_info acki;
-    size_t sz;
-    char *buf;
     int len;
+    char buf[MAX_ACKI_STR_SZ];
 
     len = pf->pf_parse_ack_frame(ack_buf, ack_buf_sz, &acki,
                                                     TP_DEF_ACK_DELAY_EXP);
@@ -373,11 +368,8 @@ lsquic_ev_log_generated_ack_frame (const lsquic_cid_t *cid,
         return;
     }
 
-    if ((buf = acki2str(&acki, &sz)))
-    {
-        LCID("generated ACK frame: %.*s", (int) sz, buf);
-        free(buf);
-    }
+    lsquic_acki2str(&acki, buf, sizeof(buf));
+    LCID("generated ACK frame: %s", buf);
 }