Commit graph

323 commits

Author SHA1 Message Date
wangfuyu
95bc8f9663
Fix handshake hole assert failed and coredump (#479)
Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2023-10-07 10:02:56 -04:00
Hadi Frohar
c7dfaca894
prepare next advisory tick debug only when debug is enabled (#472)
Co-authored-by: hadif <hadif@checkpoint.com>
2023-08-09 17:56:33 -04:00
Hadi Frohar
836b0deadb
fix freeing frame before handling (#463)
Co-authored-by: hadif <hadif@checkpoint.com>
2023-06-23 12:20:30 -04:00
Hadi Frohar
cdb206d29f
HTTP/1.1 conversion host name fix (#466)
Co-authored-by: hadif <hadif@checkpoint.com>
2023-05-31 16:45:24 -04:00
George Wang
1b113d192f Release 4.0.1 2023-05-18 23:33:51 -04:00
George Wang
2fb39e3567 Release 4.0.1 2023-05-15 00:27:34 -04:00
George Wang
3586b1e691 Release 4.0.0 2023-03-14 16:23:18 -04:00
George Wang
fbde61944b Release 4.0.0 2023-03-14 16:15:17 -04:00
George Wang
3db190c9cc Release 4.0.0 2023-03-14 14:16:13 -04:00
George Wang
5cf9266173 Release 4.0.0 2023-03-14 14:04:18 -04:00
George Wang
79880b469a Release 4.0.0 2023-03-14 13:29:13 -04:00
George Wang
b373fe5220 Release 3.3.1 2023-01-26 11:19:06 -05:00
Kent Ross
839893419c
Fix: do not use private openssl function to copy cert chain (#449)
Re: https://bugs.chromium.org/p/boringssl/issues/detail?id=558#c1

Since a recent change that puts boringssl's public API more in line with OpenSSL, there is a constness mismatch in the function type of `copy_X509` that may cause compilation failures.

As it turns out, the function we are using there (`sk_deep_copy`) is documented as a private API. We could use `sk_X509_deep_copy`, casting away the const in `copy_X509` to increment the refcount, but the existing function `X509_chain_up_ref` does exactly what we want here.
2023-01-19 17:33:24 -05:00
George Wang
48365d5741 Release 3.3.0 2023-01-04 15:21:42 -05:00
wangfuyu
b5efa50a5a
m) optimize new conn logic (#443)
1) on_new_conn only be called after handshake_ok
2) on_conn_closed only be called by ietf_full_conn_ci_destroy

Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-12-14 11:30:34 -05:00
linsichen206
850b0a3d10
fix potential memory leak (#441)
Co-authored-by: linsc <linsc@wangus.com>
2022-12-07 14:23:43 -05:00
linsichen206
0fdfb125d7
fix memory leak when gquic handshake (#438)
Co-authored-by: linsc <linsc@wangus.com>
2022-11-27 10:34:18 -05:00
linsichen206
1a4edfcdc6
fix memory leak when gquic50 decrypt packet (#430)
* fix memory leak when gquic50 decrypt packet
fix a suspicious memory leak in gquic and iquic

* drop some redundant checking.

Co-authored-by: linsc <linsc@wangus.com>
2022-11-18 09:21:43 -05:00
wangfuyu
755143fe4a
Fix: http_server might not send MAX_STREAMS to increase limits if client cancel stream prematurely. (#435)
RFC9000 3.5.
A STOP_SENDING frame requests that the receiving endpoint send a RESET_STREAM frame. An endpoint that receives a STOP_SENDING frame MUST send a RESET_STREAM frame if the stream is in the "Ready" or "Send" state. If the stream is in the "Data Sent" state, the endpoint MAY defer sending the RESET_STREAM frame until the packets containing outstanding data are acknowledged or declared lost. If any outstanding data is declared lost, the endpoint SHOULD send a RESET_STREAM frame instead of retransmitting the data.

RFC9000 19.4. RESET_Frames
An endpoint uses a RESET_STREAM frame (type=0x04) to abruptly terminate the sending part of a stream.

Co-authored-by: wangfuyu <wangfuyu@gmail.com>
2022-11-17 21:34:57 -05:00
George Wang
0e32849de5 Release 3.2.0 2022-10-20 11:47:58 -04:00
George Wang
a5347f2374 Merge branch 'master' of github.com:litespeedtech/lsquic 2022-10-19 18:35:42 -04:00
George Wang
4702105acb Update ls-qpack to v2.5.0 2022-10-19 18:34:53 -04:00
wangfuyu
def7d956d6
m) Fix: http1x memory leak (#427)
[Reproduce]
  http_client send GET/POST request with large headers(val_len > 256Bytes) to http_server, like:
    http_client -H quic.test.com -s ${SERVER_ADDR}:${SERVER_PORT} -p "/test/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" -o version=h3 -n 1 -r 100 -R 100

Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-10-13 08:34:04 -04:00
wangfuyu
8391f907f4
m) Fix: packet_in pool memory leak (#426)
[Reproduce]
       http_client POST large body request to http_server, like:
          http_client -H quic.test.com -s ${SERVER_ADDR}:${SERVER_PORT} -p /1KB_char.txt -M POST -P /test/quic-data/html/10KB_char.txt -o version=h3 -n 100 -r 50000000 -R 500 -w 10 -K

[Notes]
      [RFC5116 AEAD] Section 5.1
       An authentication tag with a length of 16 octets (128bits) is used.

      [RFC9001 QUIC-TLS] Section 5.3
       These cipher suites have a 16-byte authentication tag and
       produce an output 16 bytes larger than their input.

Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-10-12 16:21:29 -04:00
Pluto
a5b89b62b5
[fix] assertion failure if poison packet was acked (#416)
Description:
- Error may occur while processing ack frame, e.g. poison packet was
acked by hostile attack. and then conn is supposed to be aborted,
shortly but not immediately;
- if ack frame processing failed while calling lsquic_engine_packet_in,
and IFC_HAVE_SAVED_ACK had been set, then saved ack frame will be
processed while ticking connection before it is aborted, that may
lead to assert failure;

Solution:
- close connection if neccessary before processing ack while ci_tick.
2022-09-20 13:44:39 -04:00
wangfuyu
a4aac39013
m) Fix: ietf connection maybe abort if ack for hsk lost (#422)
1) After handshake done, handshake packets should not be sent or received.
2) IFC_ACK_QUED_HSK will be cancelled from conn->ifc_flags after handshake done, but it maybe set again if ACKs for handshake lost(Function: should_generate_ack).

Co-authored-by: ivanfywang <ivanfywang@gmail.com>
2022-09-20 10:29:10 -04:00
davidleitw
c1664a539b
Remove redundant include (#414) 2022-09-16 09:06:12 -04:00
M-BELLAHCENE
732da98508
link fix when using lsquic in a cpp project (#418)
Co-authored-by: MBellahcene <moussa.bellahcene@4d.com>
2022-09-16 08:56:16 -04:00
Paul Jakma
188c055a9c
Test case and fix for lsquic rechist list problem (#410)
* Test case and debug for lsquic rechist list problem

Add:
- test case
- debug rechist print function (not called)
Modify:
- rechist_test_sanity to be more robust

Test case:
Added test case which produces a corrupt rechist.  The rechist
grows and then is emptied, then a rechist is produced that is nominally
empty (rh_n_used == 0) but has a circular list in rh_elems.  E.g.  (using
debug print at the problem site):

lsquic_rechist_received: insert before done
0x7ffe65ce75a0: cutoff 9 l. acked 12087061905995 masks 1 alloced 4 used 1 max ranges 0 head 0
  (0)[9-9] (0)[9-9] (0)[9-9] (0)[9-9] (0)[9-9] (0)[9-9] (0)[9-9]
test_rechist: /tmp/lsquic/src/liblsquic/lsquic_rechist.c:272: rechist_test_sanity: Assertion `rechist->rh_n_used == n_elems' failed.

Debug print:
Added 'rechist_dump' for ease of debugging, marked as unused.
Useful for calling from gdb or adding to code temporarily.

rechist_test_sanity:
Make it more robust to bad rechists by limiting
how many list items it will follow, to prevent infinite loops or walking off
the end of the list.

* rechist: Fix bug in lsquic_rechist_received causing circular list to be created

Fix bug in lsquic_rechist_received demonstrated by the test6 test-case.

When the list is empty, i.e.  rh_n_used == 0, the 'first_elem' path should
be used.  However, the test for this was using rh_n_alloced, which would
cause the code to continue on incorrectly.  One possibility is that it goes
to insert_before and creates a circular list in the rechist with the head at
index 0 having a next of 0.

This causes history to be lost I think.

The list at this point is still 'empty', however a following call could go
to the insert_before path and then insert an elem pointing to the circular
list, and bump up rh_n_used. Now you have a circular list.

Weird things can happen now.  Notably, ACK generation will exhaust the
packet buffer and generate an error, and so cause connections to be
prematurely aborted.

Fix lsquic_rechist_received to use rh_n_used. Also modify
rechist_alloc_elem to NULL the next pointer for robustness.

It would be nice for rechist_free_elem to also invalidate the elem, but it
is meant for relinking elems in the list and should preserve the next
pointer.
2022-08-26 09:15:35 -04:00
George Wang
fa39a18664 Release 3.1.2 2022-08-16 14:39:07 -04:00
George Wang
ed0511ca98 Release 3.1.2 2022-08-16 14:24:05 -04:00
George Wang
df8bc70308 Release 3.1.2 2022-08-16 14:11:25 -04:00
George Wang
766edf299c Update ls-qpack to v2.4.0 2022-08-16 12:48:51 -04:00
George Wang
6efb8c5235 Release 3.1.2 2022-08-16 12:16:46 -04:00
wangfuyu
5f073670ba
m) correct qpack decoder stream log (#405)
Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-08-15 08:25:34 -04:00
wangfuyu
43b1739859
m) Fix: quic server assert failed with special request (#403)
Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-08-02 15:43:40 -04:00
wangfuyu
b46a5b19bb
m) Fix: chop regen api may assert fail (#395)
packet's regen size MUST minus frame size which has been pad over
2022-07-19 08:37:28 -04:00
Ryan A. Pavlik
4e852fc0b9
Fix sign comparison warning, which broke 32-bit builds. (#388) 2022-06-20 15:01:50 -04:00
Ryan A. Pavlik
c7e856a2b1
Fix consistency in use of Perl. (#387)
FindPerl.cmake populates PERL_EXECUTABLE.
Corresponding fix also required in ls-qpack.
2022-06-20 14:59:58 -04:00
George Wang
0a4f8953dc Release 3.1.1 2022-05-13 10:52:37 -04:00
George Wang
a74702c630 Release 3.1.0 2022-05-06 12:49:46 -04:00
Ryan A. Pavlik
d755d26ed2
CMake-only computation of whether librt is needed. (#374) 2022-05-06 10:47:16 -04:00
George Wang
c4854d203f Merge branch 'master' of github.com:litespeedtech/lsquic 2022-05-05 18:58:03 -04:00
George Wang
e9ea352198 Update ls-qpack to 2.3.0 2022-05-05 18:57:56 -04:00
Ryan A. Pavlik
797b40e7c2
Add an installed CMake config. (#370)
* Add an installed CMake config.

Does not perform transitive link to boringssl though.

* Install vc_compat.h header
2022-04-28 12:11:45 -04:00
George Wang
e237d77919 Release 3.0.5 2022-04-27 15:40:59 -04:00
Sam Hurst
dbc62fc9fa
Tick connection on want_datagram_write (#314)
* Tick connection on datagram write

* Check that a connection can send before marking connection tickable
2022-04-23 15:53:40 -04:00
Ryan A. Pavlik
454939cdf8
CMake improvements (#369)
* Silence CMake warning by updating minimum versions.

* Generate files to build directory, not source directory
2022-04-23 14:54:05 -04:00
George Wang
497ec21d16 Release 3.0.4 2022-01-11 11:17:44 -05:00
wangfuyu
d190ae8e66
m) fix: handshake may failed if client send too many early data (#352)
Co-authored-by: wangfuyu <ivanfywang@gmail.com>
2022-01-11 11:10:18 -05:00