Release 2.28.0

- [API] lsquic_ssl_sess_to_resume_info() is the new way to get session info. - [API] Add user pointer to ea_generate_scid callback. - [API] Add lsquic_dcid_from_packet() -- a fast function to parse out DCID. - [API] Add es_max_batch_size to control outgoing packet batch size. - [BUGFIX] Disallow sending of header while promise is being written. - [BUGFIX] Flush stream when buffered bytes exhaust stream cap. - [BUGFIX] Deactivate HQ frame if writing push promise fails. - Perform sanity check on peer transport parameters and fail the handshake if some flow control limits are too low. This can be turned off, see es_check_tp_sanity. - http_server: fix how requests are read in "hq" mode.
2024-08-15 00:53:43 +00:00 · 2021-02-03 11:05:50 -05:00 · 2021-02-03 11:05:50 -05:00 · c2faf03244
commit c2faf03244
parent 9a7f663e1a
19 changed files with 440 additions and 54 deletions
--- a/include/lsquic.h
+++ b/include/lsquic.h
@ -24,8 +24,8 @@ extern "C" {
 #endif

 #define LSQUIC_MAJOR_VERSION 2
-#define LSQUIC_MINOR_VERSION 27
-#define LSQUIC_PATCH_VERSION 6
+#define LSQUIC_MINOR_VERSION 28
+#define LSQUIC_PATCH_VERSION 0

 /**
 * Engine flags:
@ -208,6 +208,11 @@ struct lsquic_stream_if {
    /**
     * This optional callback lets client record information needed to
     * perform a session resumption next time around.
+     *
+     * For IETF QUIC, this is called only if ea_get_ssl_ctx() is *not* set,
+     * in which case the library creates its own SSL_CTX.
+     *
+     * Note: this callback will be deprecated when gQUIC support is removed.
     */
    void (*on_sess_resume_info)(lsquic_conn_t *c, const unsigned char *, size_t);
    /**
@ -234,6 +239,7 @@ struct lsquic_stream_if {

 struct ssl_ctx_st;
 struct ssl_st;
+struct ssl_session_st;
 struct lsxpack_header;

 /**
@ -440,6 +446,9 @@ typedef struct ssl_ctx_st * (*lsquic_lookup_cert_f)(
 */
 #define LSQUIC_DF_MAX_BATCH_SIZE 0

+/** Transport parameter sanity checks are performed by default. */
+#define LSQUIC_DF_CHECK_TP_SANITY 1
+
 struct lsquic_engine_settings {
    /**
     * This is a bit mask wherein each bit corresponds to a value in
@ -1046,13 +1055,22 @@ struct lsquic_engine_settings {
    int             es_delay_onclose;

    /**
-     * If set to a non-zero value, specifies maximum batch size.  (The
+     * If set to a non-zero value, specified maximum batch size.  (The
     * batch of packets passed to @ref ea_packets_out() callback).  Must
     * be no larger than 1024.
     *
     * Default value is @ref LSQUIC_DF_MAX_BATCH_SIZE
     */
    unsigned        es_max_batch_size;
+
+    /**
+     * When true, sanity checks are performed on peer's transport parameter
+     * values.  If some limits are set suspiciously low, the connection won't
+     * be established.
+     *
+     * Default value is @ref LSQUIC_DF_CHECK_TP_SANITY
+     */
+    int             es_check_tp_sanity;
 };

 /* Initialize `settings' to default values */
@ -1337,8 +1355,10 @@ struct lsquic_engine_api
    /**
     * Optional interface to control the creation of connection IDs
     */
-    void                               (*ea_generate_scid)(lsquic_conn_t *,
-                                                    lsquic_cid_t *, unsigned);
+    void                               (*ea_generate_scid)(void *ctx,
+                                lsquic_conn_t *, lsquic_cid_t *, unsigned);
+    /** Passed to ea_generate_scid() */
+    void                                *ea_gen_scid_ctx;
 };

 /**
@ -2022,6 +2042,18 @@ lsquic_is_valid_hs_packet (lsquic_engine_t *, const unsigned char *, size_t);
 int
 lsquic_cid_from_packet (const unsigned char *, size_t bufsz, lsquic_cid_t *cid);

+/**
+ * On success, offset to the CID is returned (a non-negative value).
+ * `cid_len' is set to the length of the CID.  The server perspective
+ * is assumed.  `server_cid_len' is set to the length of the CIDs that
+ * server generates.
+ *
+ * On failure, a negative value is returned.
+ */
+int
+lsquic_dcid_from_packet (const unsigned char *, size_t bufsz,
+                                unsigned server_cid_len, unsigned *cid_len);
+
 /**
 * Returns true if there are connections to be processed, false otherwise.
 * If true, `diff' is set to the difference between the earliest advisory
@ -2065,6 +2097,18 @@ lsquic_ver2str[N_LSQVER];
 lsquic_conn_t *
 lsquic_ssl_to_conn (const struct ssl_st *);

+/* Return session resumption information that can be used on subsequenct
+ * connection as argument to lsquic_engine_connect().  Call from inside
+ * SSL's new session callback.
+ *
+ * Returns 0 on success.  In this case, `buf' is made to point to newly
+ * allocated memory containing `buf_sz' bytes.  It is the caller's
+ * responsibility to free the memory.
+ */
+int
+lsquic_ssl_sess_to_resume_info (struct ssl_st *, struct ssl_session_st *,
+                                        unsigned char **buf, size_t *buf_sz);
+
 #ifdef __cplusplus
 }
 #endif