- [HTTP3] Verify number of bytes in incoming DATA frames against
content-length.
- [HTTP3] Stop issuing streams credits if peer stops opening QPACK
decoder window. This addresses a potential attack whereby client
can cause the server to keep allocating memory. See Security
Considerations in the QPACK draft.
- [BUGFIX] Mini conn: don't shorten max packet size for Q050 and later.
- [BUGFIX] Init IETF connection flow controller using correct setting.
- Code cleanup and minor fixes.
- [FEATURE] Use occasional packet number gaps to detect optimistic
ACK attacks.
- [BUGFIX] Q050 client: all packet numbers are in the App PNS.
- [OPTIMIZATION] Merge multi-range ACK frames, not just single-range
ACK frames.
- IETF QUIC: use RTT estimate in ack timeout calculation.
- IETF handshake: abort conn when unexpected errors occur.
- Use PING rather than MAX_DATA frames to elicit ACKs from peer.
- Server: enforce 1200 byte Initial minimum packet size.
- [CLEANUP] Remove code to disable gQUIC crypto.
- [CLEANUP] Remove n_timestamps from ACK info struct.
- Optimize driver: reuse previous ancillary message when possible.
- [FEATURE] Add support for Q050.
- [OPTIMIZATION] Reduce mallocs in gQUIC handshake.
- [BUGFIX] Disable redo of failed STREAM frame insertion with debug
logging.
- [DEBUG] Further dedup next advisory tick messages when reason is
the same.
- [BUGFIX] Update size of `a` array in TP struct. Fixes (benign)
GitHub bug #94.
- Use Cubic by default again instead of BBR, as it delivers more
consistent performance.
- [BUGFIX] Send controller: update scheduled bytes when DCID length
changes (IETF client).
- [BUGFIX] Drop alarm check from sanity test. It no longer works now
that we use loss chains.
- [PORTABILITY] Fix build on Alpine Linux.
- [PORTABILITY] Fix build using XCode.
- Client initial DCID length: use RAND_bytes() instead of rand(3).
- Add unit tests for connection min heap.
- [DEBUG] Log CID in gQUIC handshake module
- [DEBUG] Turn on extra checks for IETF client send controller.
- [DEBUG] Dedup next advisory tick messages when reason is IDLE timer.
- [DEBUG] QPACK decoder handler: log header error code.
- [BUGFIX] client: don't call ignore_init() in middle of batch send.
ignore_init() makes an assumption that the send controller has access
to all outgoing packets. This change wraps a few IETF full connection
methods to delay calling ignore_init() until the engine returns all
outgoing packets that were batched.
- [BUGFIX] set errno to EAGAIN if sendmmsg() can't send all of them.
This needs to be done because the value of errno may be lost on
some platforms.
- [BUGFIX] Typo that set all bits in sm_qflags lead to crashes.
- [BUGFIX] Do not cancel header block processing after failure, as
QPACK releases the reference in that case.
- [CLEANUP] IETF encrypt: replace assert(0) with a warning.
- Several small improvements to the test server.
- [API, FEATURE] Close connection immediately when ea_packets_out()
fails with errno != EAGAIN. The API change is that errno is now
examined. Make sure to set it if using something other than
sendmsg() to send packets.
- [CLEANUP] Immediate close logic in IETF full conn.
- [CLEANUP] Fix bogus warning about uninitialized `pair' variable.
- [BUGFIX] set retry token on all resubmitted packets.
- Event log: log sent packet flags. In particular, this allows one
to see whether token was sent.
- Don't migrate client if es_allow_migration is false.
- [BUGFIX] Fix double-free when emptying a packet number space.
- [BUGFIX] http_server: fix md5sum handler: handle EOF correctly.
- [BUGFIX] Use random values in bits 4 and 5 of the first byte of
verneg packets (regression introduced in 2.5.0).
- [OPTIMIZATION] Don't compile in expensive attq checks by default.
- [OPTIMIZATION] http_server: compile regexes only once.
- [API] lsquic_engine_connect() can now be passed QUIC version to use.
- [OPTIMIZATION] Queue opportunistic ACKs if there is data to be sent.
- [BUGFIX] Don't evict streams from priority iterator if there is
only one queue.
- [OPTIMIZATION, BUGFIX] Several other optimizations and bug fixes.
- Use ls-qpack v0.10.7.
- [BUGFIX] IETF QUIC server: fix uninitialized variable use.
- [BUGFIX] make sure TLSv1.3 is not disabled in SSL object.
- [BUGFIX] Use issuer name and serial number to cache certs (SKID
values are not unique).
- [BUGFIX] Always set the idle alarm in IETF connection so that it
can time out.
- Add echo client and server to the distibution.
- Add MD5 client and server to the distibution.
- Fix http_client: check command-line arguments better, prevent crash.
- Fix IETF conn: can_write_ack() should only care about APP PNS.
- Client: delay stream creation until handshake succeds.
- Reset HTTP stream whose write end is closed prematurely.
- Fix tickable(): mirror behavior of tick() wrt buffered packets.
- Log reason why engine is tickable.
- Minor code cleanup and logging improvements.
- Server and client programs: include library version (e.g. 2.4.6)
into `server' and `user-agent' headers.
- [OPTIMIZATION]: flush encoder stream only when necessary.
- [BUGFIX] Use ls-qpack v0.10.2 for new API -- and for a bug fix.
- [BUGFIX] Typo in IETF conn SETTINGS writer.
- Use latest BoringSSL.
- [API] Add lsquic_alpn2ver() to aid parsing Alt-Svc header.
- [BUGFIX] NULL dereference when H3 frame header would be split.
- [BUGFIX] Do not close fixed-size H3 frame prematurely.
- [BUGFIX] Allow PING frames in IETF mini conn.
- [BUGFIX] Mini conns: don't send any packets after receiving
CONNECTION_CLOSE.
- [BUGFIX] Client migration: reserve slot for DCID from transport params.
- [BUGFIX] Allow max_early_data_size=0 -- early_data might not be there.
- [BUGFIX] Use an invalid stream number to reset BPT cache (zero is now a
valid stream number).
- [SPEC] Use FINAL_SIZE_ERROR when FIN mismatch is detected.
- [OPTIMIZATION] Closed connection only gets one chance to send packets.
- [OPTIMIZATION] Flush headers stream before packetizing stream data.
- [OPTIMIZATION] process QPACK encoder STREAM frames immediately.
- Update ls-qpack to v0.10.1.
- Add GQUIC versions to the list of h3 ALPNs for Alt-Svc header.
For example, h3-Q043. Chrome will switch to using this format at
some point in the future.
- [BUGFIX] Send correct value in max_streams_uni transport param
- [SPEC] Abort IETF QUIC connection if max_early_data_size is not set
to 0xFFFFFFFF
- [BUGFIX] H3 framing: fix zero-byte write when space is available
- [BUGFIX] Don't send STREAM frame when incoming unidirectgional stream
is closed
- [BUGFIX] Cancel all pending writes by stream reset by a GOAWAY
- [BUGFIX] Fix use-after-free in IETF full conn
- [OPTIMIZATION] Wait for session tickets for two seconds and then drop
SSL object and crypto streams.
- [BUGFIX] If FIN or RST not received, don't delay stream destruction.
- [OPTIMIZATION] Speed up HPACK encoder by using same hash value to
search static and dynamic tables.
- [BUGFIX] Ensure that Largest Observed does not decrease in ACKs we
send. ACK frames placed in packets in buffered queues (optimization
introduced in 1.17.15) can be preceded by an ACK frame generated later.
In this case, the older ACK frame should not be sent out, as Chromium-
based servers flags decrease in the ACK frame's Largest Observed value
as an error.
- [BUGFIX] Use correct public key from PUBS based on KEXS index.
- [BUGFIX] Check flags before dispatching writes, avoiding assert.
- [BUGFIX] Set :scheme to "https" (instead of "HTTP").
- [BUGFIX] Check buffer bounds when looking up version in 0-RTT blob.
- [BUGFIX] http_client: don't fetch 0-rtt info if handshake failed.
- Log number of pacer calls at DEBUG, rather than NOTICE, level.
- [BUGFIX] Q044: don't encode packet number in 6 bytes. Six-byte
packet number encoding does not exist in Q044. This fixes a
regression introduced in '[BUGFIX] Buffered packets can contain
ACK frames' -- we need to keep QUIC version in mind when selecting
the longest possible packet number encoding used for the buffered
packet that carries the ACK.
- [BUGFIX] Do not increase CWND when timeout occurs.
- http_client: support setting handshake timeout on command line.
Use -o handshake_to=timeout.
- http_client: use -k to connect UDP socket to pick up ICMP errors.
- http_client: allow pathless mode, when only handshake is performed
without issuing any requests. This can be done by simply not
specifying a -p flag on the command line.
- [FEATURE, API Change] 0-RTT support. Add function to export 0-RTT
information; it can be supplied to a subsequent connect() call.
- [FEATURE] Add -0 flag to http_client to exercise 0-RTT support.
- [BUGFIX] Resuscitate the Windows build.
- [BUGFIX] Send HTTP settings (max header list size) if necessary.
- [BUGFIX] Buffered packets can contain ACK frames.
- [BUGFIX] Make packet writeable once all STREAM frames are elided.
- [BUGFIX] Fix potential null dereference when realloc fails.
- cmake: simplify build configuration.
- [API Change] Can specify clock granularity in engine settings.
- [BUGFIX] Pacer uses fixed clock granularity. Since the change on
2018-04-09, it is not necessary to try to approximate the next tick
time in the pacer: it can use fix clock granularity specified by
the user.
- [BUGFIX] Do not tick constantly before handshake is done.
- [BUGFIX] Do not exit tick prematurely: reuse packet with ACK. Even
if we cannot allocate *more* packets, we could still be able to write
to one already allocated.
- [BUGFIX] Do not schedule pacer if there are no lost packets.
- [BUGFIX] http_client: make sure only one read per on_read() callback
is performed in the header conversion bypass (-B) mode.
- http_client: with -E, assign random priority when stream is created.
- [OPTIMIZATION] On immediate write, place an ACK frame into the first
buffered packet if an ACK is queued. This reduces the number of
standalone ACK packets.
- [OPTIMIZATION] Allow placing more than one STREAM frame from the same
stream into an outgoing packet. This change minimizes the number of
buffered packets required to store several small HTTP messages by
virtue of allowing more than one STREAM frame from HEADERS stream in
the same packet.
- [OPTIMIZATION] Flush headers when writing to buffered packets. This
causes the headers to be written to the same buffered packet queue,
thereby improving packet utilization, especially for small HTTP
messages.
- [FEATURE] http_client can now collect stats: time to connect, TTFB,
time to download, requests per seconds, and bandwidth. See -t flag.
- [BUGFIX] http_client: -B, -K, and -r can be used at the same time.
- [BUGFIX] http_client: do not display cert chain before each request.
Now this is only done once per connection, if the handshake is
successful and -a option is given.
- [BUGFIX] Do not wait to dispatch on_close() after reading. If a
stream is scheduled to be closed after on_read() callback returns,
close it immediately instead of waiting until the end of the tick.
If client creates new request from on_close() event, they will be
processed in the same tick instead of waiting for the next one.
- [BUGFIX] HEADERS stream is critical: always treat it with highest
priority.
