Commit graph

484 commits

Author SHA1 Message Date
Saigut
8890b98bb0
Update http_client.c (#474)
Add the '-B Header bypass' parameter description in the Usage of http_client
2023-09-04 08:48:03 -04:00
Hadi Frohar
c7dfaca894
prepare next advisory tick debug only when debug is enabled (#472)
Co-authored-by: hadif <hadif@checkpoint.com>
2023-08-09 17:56:33 -04:00
Hadi Frohar
836b0deadb
fix freeing frame before handling (#463)
Co-authored-by: hadif <hadif@checkpoint.com>
2023-06-23 12:20:30 -04:00
Hadi Frohar
cdb206d29f
HTTP/1.1 conversion host name fix (#466)
Co-authored-by: hadif <hadif@checkpoint.com>
2023-05-31 16:45:24 -04:00
George Wang
8fb7e2c02c Release 4.0.1 2023-05-31 16:37:47 -04:00
George Wang
1b113d192f Release 4.0.1 2023-05-18 23:33:51 -04:00
George Wang
e6987284fd Release 4.0.1 2023-05-15 14:17:23 -04:00
George Wang
2fb39e3567 Release 4.0.1 2023-05-15 00:27:34 -04:00
George Wang
3586b1e691 Release 4.0.0 2023-03-14 16:23:18 -04:00
George Wang
fbde61944b Release 4.0.0 2023-03-14 16:15:17 -04:00
George Wang
3db190c9cc Release 4.0.0 2023-03-14 14:16:13 -04:00
LiteSpeed Tech
5d469f6494
Update README.md 2023-03-14 14:06:12 -04:00
George Wang
5cf9266173 Release 4.0.0 2023-03-14 14:04:18 -04:00
George Wang
79880b469a Release 4.0.0 2023-03-14 13:29:13 -04:00
George Wang
b373fe5220 Release 3.3.1 2023-01-26 11:19:06 -05:00
Kent Ross
839893419c
Fix: do not use private openssl function to copy cert chain (#449)
Re: https://bugs.chromium.org/p/boringssl/issues/detail?id=558#c1

Since a recent change that puts boringssl's public API more in line with OpenSSL, there is a constness mismatch in the function type of `copy_X509` that may cause compilation failures.

As it turns out, the function we are using there (`sk_deep_copy`) is documented as a private API. We could use `sk_X509_deep_copy`, casting away the const in `copy_X509` to increment the refcount, but the existing function `X509_chain_up_ref` does exactly what we want here.
2023-01-19 17:33:24 -05:00
George Wang
b340210fcf Release 3.3.0 2023-01-04 15:30:57 -05:00
George Wang
48365d5741 Release 3.3.0 2023-01-04 15:21:42 -05:00
wangfuyu
b5efa50a5a
m) optimize new conn logic (#443)
1) on_new_conn only be called after handshake_ok
2) on_conn_closed only be called by ietf_full_conn_ci_destroy

Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-12-14 11:30:34 -05:00
linsichen206
850b0a3d10
fix potential memory leak (#441)
Co-authored-by: linsc <linsc@wangus.com>
2022-12-07 14:23:43 -05:00
linsichen206
0fdfb125d7
fix memory leak when gquic handshake (#438)
Co-authored-by: linsc <linsc@wangus.com>
2022-11-27 10:34:18 -05:00
linsichen206
1a4edfcdc6
fix memory leak when gquic50 decrypt packet (#430)
* fix memory leak when gquic50 decrypt packet
fix a suspicious memory leak in gquic and iquic

* drop some redundant checking.

Co-authored-by: linsc <linsc@wangus.com>
2022-11-18 09:21:43 -05:00
wangfuyu
755143fe4a
Fix: http_server might not send MAX_STREAMS to increase limits if client cancel stream prematurely. (#435)
RFC9000 3.5.
A STOP_SENDING frame requests that the receiving endpoint send a RESET_STREAM frame. An endpoint that receives a STOP_SENDING frame MUST send a RESET_STREAM frame if the stream is in the "Ready" or "Send" state. If the stream is in the "Data Sent" state, the endpoint MAY defer sending the RESET_STREAM frame until the packets containing outstanding data are acknowledged or declared lost. If any outstanding data is declared lost, the endpoint SHOULD send a RESET_STREAM frame instead of retransmitting the data.

RFC9000 19.4. RESET_Frames
An endpoint uses a RESET_STREAM frame (type=0x04) to abruptly terminate the sending part of a stream.

Co-authored-by: wangfuyu <wangfuyu@gmail.com>
2022-11-17 21:34:57 -05:00
Simon Karan G
05698c94dc
fix typo (#429)
squic_engine_settings -> lsquic_engine_settings
2022-11-03 10:56:42 -04:00
George Wang
3bbf683f25 Release 3.2.0 2022-10-20 12:02:57 -04:00
George Wang
0e32849de5 Release 3.2.0 2022-10-20 11:47:58 -04:00
George Wang
a5347f2374 Merge branch 'master' of github.com:litespeedtech/lsquic 2022-10-19 18:35:42 -04:00
George Wang
4702105acb Update ls-qpack to v2.5.0 2022-10-19 18:34:53 -04:00
wangfuyu
def7d956d6
m) Fix: http1x memory leak (#427)
[Reproduce]
  http_client send GET/POST request with large headers(val_len > 256Bytes) to http_server, like:
    http_client -H quic.test.com -s ${SERVER_ADDR}:${SERVER_PORT} -p "/test/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" -o version=h3 -n 1 -r 100 -R 100

Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-10-13 08:34:04 -04:00
wangfuyu
8391f907f4
m) Fix: packet_in pool memory leak (#426)
[Reproduce]
       http_client POST large body request to http_server, like:
          http_client -H quic.test.com -s ${SERVER_ADDR}:${SERVER_PORT} -p /1KB_char.txt -M POST -P /test/quic-data/html/10KB_char.txt -o version=h3 -n 100 -r 50000000 -R 500 -w 10 -K

[Notes]
      [RFC5116 AEAD] Section 5.1
       An authentication tag with a length of 16 octets (128bits) is used.

      [RFC9001 QUIC-TLS] Section 5.3
       These cipher suites have a 16-byte authentication tag and
       produce an output 16 bytes larger than their input.

Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-10-12 16:21:29 -04:00
M-BELLAHCENE
108c4e7629
fix useless getopt.h check (#424)
* link fix when using lsquic in a cpp project

* Update CMakeLists.txt

* Fix getopt.h error when not needed

Co-authored-by: MBellahcene <moussa.bellahcene@4d.com>
2022-09-29 09:15:30 -04:00
wangfuyu
5c669eea50
m) Fix: compile test_rechist error (#425)
error: 'for' loop initial declarations are only allowed in C99 mode

Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-09-29 09:04:15 -04:00
Pluto
a5b89b62b5
[fix] assertion failure if poison packet was acked (#416)
Description:
- Error may occur while processing ack frame, e.g. poison packet was
acked by hostile attack. and then conn is supposed to be aborted,
shortly but not immediately;
- if ack frame processing failed while calling lsquic_engine_packet_in,
and IFC_HAVE_SAVED_ACK had been set, then saved ack frame will be
processed while ticking connection before it is aborted, that may
lead to assert failure;

Solution:
- close connection if neccessary before processing ack while ci_tick.
2022-09-20 13:44:39 -04:00
M-BELLAHCENE
d5602cd335
LSQUIC_TESTS=OFF, LSQUIC_BIN=OFF : Remove getopt.h error : Build will succeed. (#420)
* link fix when using lsquic in a cpp project

* Update CMakeLists.txt

Co-authored-by: MBellahcene <moussa.bellahcene@4d.com>
2022-09-20 10:36:21 -04:00
wangfuyu
a4aac39013
m) Fix: ietf connection maybe abort if ack for hsk lost (#422)
1) After handshake done, handshake packets should not be sent or received.
2) IFC_ACK_QUED_HSK will be cancelled from conn->ifc_flags after handshake done, but it maybe set again if ACKs for handshake lost(Function: should_generate_ack).

Co-authored-by: ivanfywang <ivanfywang@gmail.com>
2022-09-20 10:29:10 -04:00
davidleitw
c1664a539b
Remove redundant include (#414) 2022-09-16 09:06:12 -04:00
M-BELLAHCENE
732da98508
link fix when using lsquic in a cpp project (#418)
Co-authored-by: MBellahcene <moussa.bellahcene@4d.com>
2022-09-16 08:56:16 -04:00
Paul Jakma
188c055a9c
Test case and fix for lsquic rechist list problem (#410)
* Test case and debug for lsquic rechist list problem

Add:
- test case
- debug rechist print function (not called)
Modify:
- rechist_test_sanity to be more robust

Test case:
Added test case which produces a corrupt rechist.  The rechist
grows and then is emptied, then a rechist is produced that is nominally
empty (rh_n_used == 0) but has a circular list in rh_elems.  E.g.  (using
debug print at the problem site):

lsquic_rechist_received: insert before done
0x7ffe65ce75a0: cutoff 9 l. acked 12087061905995 masks 1 alloced 4 used 1 max ranges 0 head 0
  (0)[9-9] (0)[9-9] (0)[9-9] (0)[9-9] (0)[9-9] (0)[9-9] (0)[9-9]
test_rechist: /tmp/lsquic/src/liblsquic/lsquic_rechist.c:272: rechist_test_sanity: Assertion `rechist->rh_n_used == n_elems' failed.

Debug print:
Added 'rechist_dump' for ease of debugging, marked as unused.
Useful for calling from gdb or adding to code temporarily.

rechist_test_sanity:
Make it more robust to bad rechists by limiting
how many list items it will follow, to prevent infinite loops or walking off
the end of the list.

* rechist: Fix bug in lsquic_rechist_received causing circular list to be created

Fix bug in lsquic_rechist_received demonstrated by the test6 test-case.

When the list is empty, i.e.  rh_n_used == 0, the 'first_elem' path should
be used.  However, the test for this was using rh_n_alloced, which would
cause the code to continue on incorrectly.  One possibility is that it goes
to insert_before and creates a circular list in the rechist with the head at
index 0 having a next of 0.

This causes history to be lost I think.

The list at this point is still 'empty', however a following call could go
to the insert_before path and then insert an elem pointing to the circular
list, and bump up rh_n_used. Now you have a circular list.

Weird things can happen now.  Notably, ACK generation will exhaust the
packet buffer and generate an error, and so cause connections to be
prematurely aborted.

Fix lsquic_rechist_received to use rh_n_used. Also modify
rechist_alloc_elem to NULL the next pointer for robustness.

It would be nice for rechist_free_elem to also invalidate the elem, but it
is meant for relinking elems in the list and should preserve the next
pointer.
2022-08-26 09:15:35 -04:00
George Wang
0aa00f2369 Release 3.1.3 2022-08-19 11:21:44 -04:00
George Wang
fa39a18664 Release 3.1.2 2022-08-16 14:39:07 -04:00
George Wang
ed0511ca98 Release 3.1.2 2022-08-16 14:24:05 -04:00
George Wang
df8bc70308 Release 3.1.2 2022-08-16 14:11:25 -04:00
George Wang
766edf299c Update ls-qpack to v2.4.0 2022-08-16 12:48:51 -04:00
George Wang
6efb8c5235 Release 3.1.2 2022-08-16 12:16:46 -04:00
wangfuyu
5f073670ba
m) correct qpack decoder stream log (#405)
Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-08-15 08:25:34 -04:00
wangfuyu
43b1739859
m) Fix: quic server assert failed with special request (#403)
Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-08-02 15:43:40 -04:00
msvoelker
d9b2c37837
set socket option IPV6_MTU_DISCOVER=IP_PMTUDISC_PROBE for linux (#399) 2022-07-26 11:47:31 -04:00
wangfuyu
b46a5b19bb
m) Fix: chop regen api may assert fail (#395)
packet's regen size MUST minus frame size which has been pad over
2022-07-19 08:37:28 -04:00
George Wang
9d60540faf Do not force ls-qpack to track branch v0.9.13 . 2022-07-12 15:47:42 -04:00
Ryan A. Pavlik
f3657f1f27
Add back vc_compat.h header install. (#389)
Windows installs are broken without it. Alternative is to inline the important parts
in lsquic.h which is probably better.
2022-06-20 15:02:31 -04:00