- [BUGFIX] Check whether ECN counts are set in ACK struct before using them.
- [BUGFIX] Calculate TLP timer correctly when only one packet is in flight.
- [BUGFIX] Min RTO delay is 200 milliseconds, not 1 second.
- [BUGFIX] Memory leak in QPACK decoder handler: discard hset when necessary.
- Allow retired and drained CIDs to be reused after a timeout.
- [BUGFIX] Get rough RTT estimate on receipt of Handshake packet.
This prevents BBR on the client from miscalculating pacing rate,
slowing down sending of ACK packets.
- [BUGFIX] Packets sent during handshake are app-limited.
- [BUGFIX] Bandwidth sampler starts in app-limited mode.
- [BUGFIX] Memory leak: free QPACK handler context in stream dtor.
- Logging improvements.
- [BUGFIX] Allow peer to migrate when its SCID is zero-length.
- [BUGFIX] PADDING size calculation: only one Short packet can be
coalesced. (This should have been part of the fix in 2.24.1).
- Abort connect if received NEW_CONNECTION_ID but current DCID is
zero-length.
- Improve log messages
- [API] Allow use of ea_get_ssl_ctx() on the client (optional). PR #186.
- [BUGFIX] Expand datagram with ack-eliciting Initial to 1200 bytes
after connection promotion.
- [BUGFIX] Discard CRYPTO frames from lower encryption levels after
connection promotion.
- [BUGFIX] Cancel path response if path could not be initialized.
- [FEATURE] QUIC and HTTP/3 Internet Draft 31 support. Drop ID-30
and ID-31 support.
- [BUGFIX] Divide-by-zero in newly enabled conn stats code when no
packets were sent.
- [BUGFIX] Memory leak in gQUIC client when server hello cannot be
parsed.
- [BUGFIX] Server Initial packet size calculation.
- Log user-agent and CONN_CLOSE reason when peer reports error.
- Example programs: Specify ALPN for echo and md5 clients and servers
(issue #184).
- Example programs: Don't add "QUIC_" prefix to lines in keylog file
(issue #185).
- http_server: Fix fd leak in preadv mode; fix preadv() usage when
reading from disk.
- Add QPACK stats collection and experimentation mode, see the new
es_qpack_experiment setting.
- Log busy connection stats every second using the new "conn-stats"
log module.
- Log about skipping only once.
- Update HTTP/3 greased frame type formula.
- Use ls-qpack v2.2.1.
- [FEATURE] IETF Client 0-RTT support.
- [BUGFIX] Do not schedule MTU probe on first tick.
- [BUGFIX] Parsing DATAGRAM frame.
- [BUGFIX] If push promise fails, do not invoke hset destructor.
- [BUGFIX] Client: When connections are IDed by port number, check DCID.
Fixes issue #176.
- Revert the 2.22.1 lsquic_is_valid_hs_packet change. All that was
necessary is a change to the way we call it in lsquic_engine. No
change to the function itself is required.
- [FEATURE] Extensible HTTP Priorities (HTTP/3 only).
- [FEATURE] Add conn context to packet-out memory interface (PR #175).
- [BUGFIX] gQUIC proof generation: allocate buffer big enough for
signature (issue #173).
- [BUGFIX] Make library thread-safe: drop use of global variables
(issue #133, issue #167).
- [BUGFIX] Deactivate only *recent* HQ frame, not any HQ frame.
- [BUGFIX] gQUIC server: associate compressed cert with SSL_CTX,
instead of keeping them in a separate hash, potentially leading
to mismatches.
- [BUGFIX] Stream data discard infinite loop: break on FIN.
- cmake: add install target via -DCMAKE_INSTALL_PREFIX (PR #171).
- Support randomized packet number to begin a connection.
- Mini and full IETF connection size optimization.
- http_client: specify HTTP priorities based on stream conditions.
- [FEATURE] QUIC and HTTP/3 Internet Draft 31 support.
- [API] Let user generate Souce Connection IDs.
- [FEATURE] Allow building lsquic as shared library.
- [OPTIMIZATION] Receive history: use a single contiguous memory
block for everything.
- Deprecate QUIC versions ID-27 and ID-30.
- [BUGFIX] Typo in new "validate peer addr by DCID" code. It is
a benign bug (works either way), but better to fix it.
- Simplify Stream Priority Iterator (SPI).
- Minor documentation updates.
- [FEATURE] QUIC and HTTP/3 Internet Draft 30 support.
- [FEATURE] Unreliable Datagram Extension support.
- [FEATURE] Adaptive congestion controller.
- [BUGFIX] Do not send MAX_STREAM_DATA frames on crypto streams.
- [BUGFIX] Fail with CRYPTO_BUFFER_EXCEEDED when too much CRYPTO
data comes in.
- [BUFFIX] Spin bit is now strictly per path; value is reset on
DCID change.
- [BUGFIX] Check that max value of max_streams_uni and
max_streams_bidi TPs is 2^60.
- [BUGFIX] Close IETF mini conn immediately if crypto session
cannot be initialized.
- Deprecate ID-28 (no browser uses it): it's no longer in the
default versions list.
- New programs duck_server and duck_client that implement the
experimental siduck-00 protocol. They quack!
- IETF crypto streams: don't limit ourselves from sending.
- Command-line programs: turn off QL loss bits if -G is used, as
Wireshark cannot decrypt QUIC packets when this extension is used.
- Turn all h3 framing unit tests back on.
- Fix malo initialization when compiled in no-pool mode.
- [FEATURE] Add lsquic_stream_pwritev(). This function allows one to
reduce the number of system calls required to read a file from disk
by using lsquic_stream_pwritev() together with preadv(2).
- [BUGFIX] When stream is reset, it is writeable -- let user collect
the error.
- [BUGFIX] Calculate correct conn flow control if reading ends early.
- [BUGFIX] Remove stream from read and write queues on internal
shutdown. This is a regression introduced in 2.19.7.
- [BUGFIX] Swapped arguments in IETF RESET_FRAME generation.
- Turn off mini conn history when compiling with Visual Studio; this
allows the project to compile on Windows again.
- http_client: Add -3 flag to stop reading from streams early; code
cleanup.
- Don't use -Werror.
- [FEATURE] Update the timestamp extension to latest version.
- [FEATURE] Cope with appearance of ECN blackholes.
- [OPTIMIZATION] return packno offset and size when header is generated.
- [BUGFIX] ignore old ACK frames in mini conns.
- [BUGFIX] Mark initial server path as initialized.
- [BUGFIX] Do not merge ACK if ECN counts do not match.
- Turn incoming packet number history in mini conn back on.
- Record mini conn event history again when compiled in debug mode.
- IETF mini conn: log when ACK is queued.
- Clean up and refactor code in several places.
- Handle ECT-CE event: issue a loss event.
- Log the fact that we ignore SETTINGS_MAX_HEADER_LIST_SIZE.
- Use Max Push ID in GOAWAY frame to cancel promises.
- Add support for HTTP/3 CANCEL_PUSH frame.
- lsquic_stream_is_pushed: streams without headers are never pushed.
- [BUGFIX] Regression in lsquic_stream_shutdown_internal: now it shuts down.
- Improve logic whether to generate CONNECTION_CLOSE.
- [BUGFIX] Do not return an oversize MTU probe to connection twice.
- [FEATURE] Delayed Acks updated to latest draft. Still experimental.
- Minor code cleanup in IETF full connection.
- [FEATURE] DPLPMTUD support. IETF connections now search for the
maximum packet size, improving throughput.
- [DEBUG] Record event in stream history when on_close() is called
in dtor.
- [FEATURE] Implement the "QUIC bit grease" extension.
- [BUGFIX] Selecting CID used for logging on client.
- [BUGFIX] Header protection assertion.
- [BUGFIX] Server: enable SSL key logging when cert lookup callback
is not set.
- Remove some dead code.
- [API] Rename "0-RTT" to "session resumption." In IETF QUIC, "0-RTT"
always refers to early data, meaning a request that the server can
reply to in the very first return flight. A more appropriate name
for what we support on the client site is "session resumption," which
is standard TLS terminology. Later, when we add support for 0-RTT
(early data), we can use the 0-RTT terminology again, this time in
proper context.
- [BUGFIX] Do not set certificate callback if ea_lookup_cert is NULL.
- [BUGFIX] Make connection tickable when it's marked as closed.
- [BUGFIX] Fail certificate lookup if SNI is not present in HTTP mode.
- Several documentation fixes and improvements.
- Minor code cleanup.
- [FEATURE] QUIC and HTTP/3 Internet Draft 29 support.
- [BUGFIX] Check that scheduled packets are also sendable when
calculating a connection's "tickable" property.
- [BUGFIX] Don't count scheduled packets as in-flight when pacer is
checked on tick.
- gQUIC: delay calling on_new for pushed stream until headers are
available.
- Allow nested calls to lsquic_engine_connect().
- [OPTIMIZATION] Stash up to two reordered packets in IETF mini conn
instead of dropping them.
- [BUGFIX] Crash: check decrypt context before using it. This regression
was introduced in 2.16.2.
- [BUGFIX] ID-28: do not use TLS middlebox compatibility mode in
ClientHello. This change requires using a newer version of BoringSSL.
- [BUGFIX] Free connections in Advisory Tick Time Queue in engine dtor.
- [BUGFIX] IETF QUIC client: narrow migration check to a single path.
- [BUGFIX] NULL dereference: set function pointers for alarm for path
challenges 2 and 3.
- [BUGFIX] HTTP/3 headers may be followed immediately by trailers.
- [BUGFIX] Log messages when SCID changes.
- [FEATURE] Use "no-progress timeout" after which connection is closed.
- [BUGFIX] Select new SCID when current SCID is retired.
- [BUGFIX] Don't warn about dropped Initial packet sequence gaps during
mini/full handoff.
- [BUGFIX] Send correct conn error when HTTP/3 frame is truncated.
- [BUGFIX] Mini conn: consider amplification when deciding to return
TICK_SEND.
- [BUGFIX] Don't double-count tag length in amplification logic.
- [BUGFIX] Don't squeeze out lone path challenges.
- [BUGFIX] Log messages dealing with scheduled packet queue squeezing.
- [BUGFIX] don't wipe current path if no path challenge responses
come back.
- [BUGFIX] When path is reset, don't lose path_id which is used for
logging.
- Downgrade flow control violations to info log level from warnings.
- Fix connection cap extra check, avoid checks in nested calls.
- Fix some unit tests when extra checks are enabled.
- Use ls-hpack 2.2.1.
- Turn off unconditional extra checks for IETF clients.
- Extra checks: don't verify sent size of hello packets. Client
changes DCID length and this check will fail.
- [FEATURE] QUIC and HTTP/3 Internet Draft 28 support.
- [BUGFIX] Ignore Retry packets after other packets are decrypted
successfully.
- [BUGFIX] Transport parameter decoding: CID no longer has 4-byte
length minimum.
- http_client: fix and optimize lsxpack_header allocator.
- Drop support for Internet Draft 25.
- [BUGFIX] Fix amplification mitigation in 0-RTT case.
- [BUGFIX] IETF mini connection should not tickable if cannot send
a packet due to amplification.
- [BUGFIX] Fail if active_connection_id_limit TP is smaller than 2.
- [BUGFIX] Qlog server certificates for IETF QUIC connections.
- [BUGFIX] Uninitialized struct padding usage in tokgen (benign).
- [BUGFIX] Incorrect argument to shi_lookup() (benign).
- [BUGFIX] In coalesced datagram, ignore packets whose CID does not match.
- [BUGFIX] Frame reader: skip headers if target stream is not found.
- [BUGFIX] Log message in QPACK decoder handler.
- [BUGFIX] Heed es_rw_once for pushed HTTP/3 streams.
- [BUGFIX] IETF client: set correct flags on bidirectional streams.
- [BUGFIX] Generate Cancel Stream QPACK instructions for abandoned
streams.
- [BUGFIX] Do not call header callbacks after stream is closed.
- Use ls-qpack 2.1.1
- [BUGFIX] Place connections on tickable queue when sending is reenabled.
- [BUGFIX] A connection is tickable if it has unsent packets.
- [BUGFIX] Heed peer's max_packet_size transport parameter.
- [API] Use lsxpack_header structure to process incoming headers.
- [BUGFIX] Fix assertion when zero-padding Initial packet.
- [BUGFIX] Use idle timeout before we learn of peer's value.
- Use ls-hpack 2.0.0 -- has lsxpack_header changes.
- Use ls-qpack 0.14.0 -- new, common with ls-hpack, XXH seed (not used yet).
- Code cleanup: prefix exported functions with "lsquic_".
- [FEATURE] QUIC timestamps extension.
- [API] New: ea_alpn that is used when not in HTTP mode.
- [BUGFIX] SNI is mandatory only for HTTP/3 and gQUIC.
- [BUGFIX] Benign double-free -- issue #110.
- [BUGFIX] Printing of transport parameters.
- [FEATURE] QUIC and HTTP/3 Internet Draft 27 support.
- [FEATURE] Add experimental delayed ACKs extension.
- Drop support for Internet Draft 24.
- Code cleanup.
- [BUGFIX] Send HANDSHAKE_DONE only after Finished is received.
- [BUGFIX] Don't treat garbage UDP padding as library error; ignore
it instead.
- [BUGFIX] Fix compilation on FreeBSD (missing header).
- [BUGFIX] Do not delay ACKs for Initial and Handshake packets.
- [BUGFIX] Send PATH_CHALLENGE if path changed before mini conn promotion.
- Logging improvements.
- http_client: discard data faster.
- [BUGFIX] Coalesced packets could get longer than normal packet size.
- Add spin bit configuration option es_spin (-o spin=[01]).
- Disable spin bit in 1/16 of connections.
- Improve logging a bit.
- [FEATURE] QUIC and HTTP/3 Internet Draft 25 support.
- [API] Drop support for ID-23.
- [BUGFIX] Set key phase bit on outgoing packets correctly.
- Code cleanup.
- [API] Drop support for Q039.
- Improve ACK-queuing logic. Send an ACK once in a while if
peer keeps on sending non-ack-eliciting packets.
- Improve Alt-Svc string: Q050 and later are not included in
the old-style "quic" string.
- Send stateless resets if connection could not be promoted.
- Schedule MAX_DATA if needed when DATA_BLOCKED is received.
- Use ls-qpack 0.11.2 -- needed for server push optimization.
- Code cleanup: handle some error cases, improve logging.
- [BUGFIX] Use ls-qpack 0.11.1
- [OPTIMIZATION] Generate random bytes in batches.
- Change loss_bits transport parameter ID to 0x1057 following latest
draft.
- Randomize period with which PINGs are sent to elicit ACKs.
- Some refactoring and code cleanup.
- [BUGFIX] Invalid read when parsing IETF transport parameters
(this was benign).
- [OPTIMIZATION] Frame bundling when using buffered packets in
IETF QUIC: a) flush QPACK decoder stream and b) include ACKs
in opportunistic fashion.
- Fix HTTP/3 framing unit test.
- Code cleanup.
- [BUGFIX] Initial packet size check for IETF mini conn applies to
UDP payload, not QUIC packet.
- Support old and new school loss_bits transport parameter.
- Use Q run length of 64 as suggested in the loss bits Draft.
- Undo square wave count when packet is delayed.
- Code cleanup; minor fixes.
- [HTTP3] Verify number of bytes in incoming DATA frames against
content-length.
- [HTTP3] Stop issuing streams credits if peer stops opening QPACK
decoder window. This addresses a potential attack whereby client
can cause the server to keep allocating memory. See Security
Considerations in the QPACK draft.
- [BUGFIX] Mini conn: don't shorten max packet size for Q050 and later.
- [BUGFIX] Init IETF connection flow controller using correct setting.
- Code cleanup and minor fixes.
- [FEATURE] Use occasional packet number gaps to detect optimistic
ACK attacks.
- [BUGFIX] Q050 client: all packet numbers are in the App PNS.
- [OPTIMIZATION] Merge multi-range ACK frames, not just single-range
ACK frames.
- IETF QUIC: use RTT estimate in ack timeout calculation.
- IETF handshake: abort conn when unexpected errors occur.
- Use PING rather than MAX_DATA frames to elicit ACKs from peer.
- Server: enforce 1200 byte Initial minimum packet size.
- [CLEANUP] Remove code to disable gQUIC crypto.
- [CLEANUP] Remove n_timestamps from ACK info struct.
- Optimize driver: reuse previous ancillary message when possible.
- [FEATURE] Add support for Q050.
- [OPTIMIZATION] Reduce mallocs in gQUIC handshake.
- [BUGFIX] Disable redo of failed STREAM frame insertion with debug
logging.
- [DEBUG] Further dedup next advisory tick messages when reason is
the same.
- [BUGFIX] Update size of `a` array in TP struct. Fixes (benign)
GitHub bug #94.
- Use Cubic by default again instead of BBR, as it delivers more
consistent performance.
- [BUGFIX] Send controller: update scheduled bytes when DCID length
changes (IETF client).
- [BUGFIX] Drop alarm check from sanity test. It no longer works now
that we use loss chains.
- [PORTABILITY] Fix build on Alpine Linux.
- [PORTABILITY] Fix build using XCode.
- Client initial DCID length: use RAND_bytes() instead of rand(3).
- Add unit tests for connection min heap.
- [DEBUG] Log CID in gQUIC handshake module
- [DEBUG] Turn on extra checks for IETF client send controller.
- [DEBUG] Dedup next advisory tick messages when reason is IDLE timer.
- [DEBUG] QPACK decoder handler: log header error code.
- [BUGFIX] client: don't call ignore_init() in middle of batch send.
ignore_init() makes an assumption that the send controller has access
to all outgoing packets. This change wraps a few IETF full connection
methods to delay calling ignore_init() until the engine returns all
outgoing packets that were batched.
- [BUGFIX] set errno to EAGAIN if sendmmsg() can't send all of them.
This needs to be done because the value of errno may be lost on
some platforms.
- [BUGFIX] Typo that set all bits in sm_qflags lead to crashes.
- [BUGFIX] Do not cancel header block processing after failure, as
QPACK releases the reference in that case.
- [CLEANUP] IETF encrypt: replace assert(0) with a warning.
- Several small improvements to the test server.
- [API, FEATURE] Close connection immediately when ea_packets_out()
fails with errno != EAGAIN. The API change is that errno is now
examined. Make sure to set it if using something other than
sendmsg() to send packets.
- [CLEANUP] Immediate close logic in IETF full conn.
- [CLEANUP] Fix bogus warning about uninitialized `pair' variable.
- [BUGFIX] set retry token on all resubmitted packets.
- Event log: log sent packet flags. In particular, this allows one
to see whether token was sent.
- Don't migrate client if es_allow_migration is false.
- [BUGFIX] Fix double-free when emptying a packet number space.
- [BUGFIX] http_server: fix md5sum handler: handle EOF correctly.
- [BUGFIX] Use random values in bits 4 and 5 of the first byte of
verneg packets (regression introduced in 2.5.0).
- [OPTIMIZATION] Don't compile in expensive attq checks by default.
- [OPTIMIZATION] http_server: compile regexes only once.
- [API] lsquic_engine_connect() can now be passed QUIC version to use.
- [OPTIMIZATION] Queue opportunistic ACKs if there is data to be sent.
- [BUGFIX] Don't evict streams from priority iterator if there is
only one queue.
- [OPTIMIZATION, BUGFIX] Several other optimizations and bug fixes.
- Use ls-qpack v0.10.7.
- [BUGFIX] IETF QUIC server: fix uninitialized variable use.
- [BUGFIX] make sure TLSv1.3 is not disabled in SSL object.
- [BUGFIX] Use issuer name and serial number to cache certs (SKID
values are not unique).
- [BUGFIX] Always set the idle alarm in IETF connection so that it
can time out.
- Add echo client and server to the distibution.
- Add MD5 client and server to the distibution.
- Fix http_client: check command-line arguments better, prevent crash.
- Fix IETF conn: can_write_ack() should only care about APP PNS.
- Client: delay stream creation until handshake succeds.
- Reset HTTP stream whose write end is closed prematurely.
- Fix tickable(): mirror behavior of tick() wrt buffered packets.
- Log reason why engine is tickable.
- Minor code cleanup and logging improvements.
- Server and client programs: include library version (e.g. 2.4.6)
into `server' and `user-agent' headers.
- [OPTIMIZATION]: flush encoder stream only when necessary.
- [BUGFIX] Use ls-qpack v0.10.2 for new API -- and for a bug fix.
- [BUGFIX] Typo in IETF conn SETTINGS writer.
- Use latest BoringSSL.
- [API] Add lsquic_alpn2ver() to aid parsing Alt-Svc header.
- [BUGFIX] NULL dereference when H3 frame header would be split.
- [BUGFIX] Do not close fixed-size H3 frame prematurely.
- [BUGFIX] Allow PING frames in IETF mini conn.
- [BUGFIX] Mini conns: don't send any packets after receiving
CONNECTION_CLOSE.
- [BUGFIX] Client migration: reserve slot for DCID from transport params.
- [BUGFIX] Allow max_early_data_size=0 -- early_data might not be there.
- [BUGFIX] Use an invalid stream number to reset BPT cache (zero is now a
valid stream number).
- [SPEC] Use FINAL_SIZE_ERROR when FIN mismatch is detected.
- [OPTIMIZATION] Closed connection only gets one chance to send packets.
- [OPTIMIZATION] Flush headers stream before packetizing stream data.
- [OPTIMIZATION] process QPACK encoder STREAM frames immediately.
- Update ls-qpack to v0.10.1.
- Add GQUIC versions to the list of h3 ALPNs for Alt-Svc header.
For example, h3-Q043. Chrome will switch to using this format at
some point in the future.
- [BUGFIX] Send correct value in max_streams_uni transport param
- [SPEC] Abort IETF QUIC connection if max_early_data_size is not set
to 0xFFFFFFFF
