- [HTTP3] Verify number of bytes in incoming DATA frames against
content-length.
- [HTTP3] Stop issuing streams credits if peer stops opening QPACK
decoder window. This addresses a potential attack whereby client
can cause the server to keep allocating memory. See Security
Considerations in the QPACK draft.
- [BUGFIX] Mini conn: don't shorten max packet size for Q050 and later.
- [BUGFIX] Init IETF connection flow controller using correct setting.
- Code cleanup and minor fixes.
- [FEATURE] Use occasional packet number gaps to detect optimistic
ACK attacks.
- [BUGFIX] Q050 client: all packet numbers are in the App PNS.
- [OPTIMIZATION] Merge multi-range ACK frames, not just single-range
ACK frames.
- IETF QUIC: use RTT estimate in ack timeout calculation.
- IETF handshake: abort conn when unexpected errors occur.
- Use PING rather than MAX_DATA frames to elicit ACKs from peer.
- Server: enforce 1200 byte Initial minimum packet size.
- [CLEANUP] Remove code to disable gQUIC crypto.
- [CLEANUP] Remove n_timestamps from ACK info struct.
- Optimize driver: reuse previous ancillary message when possible.
- [FEATURE] Add support for Q050.
- [OPTIMIZATION] Reduce mallocs in gQUIC handshake.
- [BUGFIX] Disable redo of failed STREAM frame insertion with debug
logging.
- [DEBUG] Further dedup next advisory tick messages when reason is
the same.
- [BUGFIX] Update size of `a` array in TP struct. Fixes (benign)
GitHub bug #94.
- Use Cubic by default again instead of BBR, as it delivers more
consistent performance.
- [BUGFIX] Send controller: update scheduled bytes when DCID length
changes (IETF client).
- [BUGFIX] Drop alarm check from sanity test. It no longer works now
that we use loss chains.
- [PORTABILITY] Fix build on Alpine Linux.
- [PORTABILITY] Fix build using XCode.
- Client initial DCID length: use RAND_bytes() instead of rand(3).
- Add unit tests for connection min heap.
- [DEBUG] Log CID in gQUIC handshake module
- [DEBUG] Turn on extra checks for IETF client send controller.
- [DEBUG] Dedup next advisory tick messages when reason is IDLE timer.
- [DEBUG] QPACK decoder handler: log header error code.
- [BUGFIX] client: don't call ignore_init() in middle of batch send.
ignore_init() makes an assumption that the send controller has access
to all outgoing packets. This change wraps a few IETF full connection
methods to delay calling ignore_init() until the engine returns all
outgoing packets that were batched.
- [BUGFIX] set errno to EAGAIN if sendmmsg() can't send all of them.
This needs to be done because the value of errno may be lost on
some platforms.
- [BUGFIX] Typo that set all bits in sm_qflags lead to crashes.
- [BUGFIX] Do not cancel header block processing after failure, as
QPACK releases the reference in that case.
- [CLEANUP] IETF encrypt: replace assert(0) with a warning.
- Several small improvements to the test server.
- [API, FEATURE] Close connection immediately when ea_packets_out()
fails with errno != EAGAIN. The API change is that errno is now
examined. Make sure to set it if using something other than
sendmsg() to send packets.
- [CLEANUP] Immediate close logic in IETF full conn.
- [CLEANUP] Fix bogus warning about uninitialized `pair' variable.
- [BUGFIX] set retry token on all resubmitted packets.
- Event log: log sent packet flags. In particular, this allows one
to see whether token was sent.
- Don't migrate client if es_allow_migration is false.
- [BUGFIX] Fix double-free when emptying a packet number space.
- [BUGFIX] http_server: fix md5sum handler: handle EOF correctly.
- [BUGFIX] Use random values in bits 4 and 5 of the first byte of
verneg packets (regression introduced in 2.5.0).
- [OPTIMIZATION] Don't compile in expensive attq checks by default.
- [OPTIMIZATION] http_server: compile regexes only once.
- [API] lsquic_engine_connect() can now be passed QUIC version to use.
- [OPTIMIZATION] Queue opportunistic ACKs if there is data to be sent.
- [BUGFIX] Don't evict streams from priority iterator if there is
only one queue.
- [OPTIMIZATION, BUGFIX] Several other optimizations and bug fixes.
- Use ls-qpack v0.10.7.
- [BUGFIX] IETF QUIC server: fix uninitialized variable use.
- [BUGFIX] make sure TLSv1.3 is not disabled in SSL object.
- [BUGFIX] Use issuer name and serial number to cache certs (SKID
values are not unique).
- [BUGFIX] Always set the idle alarm in IETF connection so that it
can time out.
- Add echo client and server to the distibution.
- Add MD5 client and server to the distibution.
- Fix http_client: check command-line arguments better, prevent crash.
- Fix IETF conn: can_write_ack() should only care about APP PNS.
- Client: delay stream creation until handshake succeds.
- Reset HTTP stream whose write end is closed prematurely.
- Fix tickable(): mirror behavior of tick() wrt buffered packets.
- Log reason why engine is tickable.
- Minor code cleanup and logging improvements.
- Server and client programs: include library version (e.g. 2.4.6)
into `server' and `user-agent' headers.
- [OPTIMIZATION]: flush encoder stream only when necessary.
- [BUGFIX] Use ls-qpack v0.10.2 for new API -- and for a bug fix.
- [BUGFIX] Typo in IETF conn SETTINGS writer.
- Use latest BoringSSL.
- [API] Add lsquic_alpn2ver() to aid parsing Alt-Svc header.
- [BUGFIX] NULL dereference when H3 frame header would be split.
- [BUGFIX] Do not close fixed-size H3 frame prematurely.
- [BUGFIX] Allow PING frames in IETF mini conn.
- [BUGFIX] Mini conns: don't send any packets after receiving
CONNECTION_CLOSE.
- [BUGFIX] Client migration: reserve slot for DCID from transport params.
- [BUGFIX] Allow max_early_data_size=0 -- early_data might not be there.
- [BUGFIX] Use an invalid stream number to reset BPT cache (zero is now a
valid stream number).
- [SPEC] Use FINAL_SIZE_ERROR when FIN mismatch is detected.
- [OPTIMIZATION] Closed connection only gets one chance to send packets.
- [OPTIMIZATION] Flush headers stream before packetizing stream data.
- [OPTIMIZATION] process QPACK encoder STREAM frames immediately.
- Update ls-qpack to v0.10.1.
- Add GQUIC versions to the list of h3 ALPNs for Alt-Svc header.
For example, h3-Q043. Chrome will switch to using this format at
some point in the future.
- [BUGFIX] Send correct value in max_streams_uni transport param
- [SPEC] Abort IETF QUIC connection if max_early_data_size is not set
to 0xFFFFFFFF
- [BUGFIX] H3 framing: fix zero-byte write when space is available
- [BUGFIX] Don't send STREAM frame when incoming unidirectgional stream
is closed
- [BUGFIX] Cancel all pending writes by stream reset by a GOAWAY
- [BUGFIX] Fix use-after-free in IETF full conn
- [OPTIMIZATION] Wait for session tickets for two seconds and then drop
SSL object and crypto streams.
