Commit graph

92 commits

Author SHA1 Message Date
Dmitri Tikhonov
a4f5dac3cf Release 2.8.8
- [BUGFIX] Invalid read when parsing IETF transport parameters
  (this was benign).
- [OPTIMIZATION] Frame bundling when using buffered packets in
  IETF QUIC: a) flush QPACK decoder stream and b) include ACKs
  in opportunistic fashion.
- Fix HTTP/3 framing unit test.
- Code cleanup.
2020-01-14 14:26:11 -05:00
Dmitri Tikhonov
7d09751dbb Release 2.8.7
- [BUGFIX] Initial packet size check for IETF mini conn applies to
  UDP payload, not QUIC packet.
- Support old and new school loss_bits transport parameter.
- Use Q run length of 64 as suggested in the loss bits Draft.
- Undo square wave count when packet is delayed.
- Code cleanup; minor fixes.
2020-01-09 11:52:25 -05:00
Dmitri Tikhonov
72bbf1fbee Release 2.8.5
- [BUGFIX] Fix unintended sign extension when removing header protection.
2020-01-06 11:57:25 -05:00
Dmitri Tikhonov
747be414e2 Release 2.8.4
- [HTTP3] Verify number of bytes in incoming DATA frames against
  content-length.
- [HTTP3] Stop issuing streams credits if peer stops opening QPACK
  decoder window.  This addresses a potential attack whereby client
  can cause the server to keep allocating memory.  See Security
  Considerations in the QPACK draft.
- [BUGFIX] Mini conn: don't shorten max packet size for Q050 and later.
- [BUGFIX] Init IETF connection flow controller using correct setting.
- Code cleanup and minor fixes.
2020-01-06 00:47:12 -05:00
Dmitri Tikhonov
de46bf2f1f Release 2.8.1
- [FEATURE] Use occasional packet number gaps to detect optimistic
  ACK attacks.
- [BUGFIX] Q050 client: all packet numbers are in the App PNS.
- [OPTIMIZATION] Merge multi-range ACK frames, not just single-range
  ACK frames.
- IETF QUIC: use RTT estimate in ack timeout calculation.
- IETF handshake: abort conn when unexpected errors occur.
- Use PING rather than MAX_DATA frames to elicit ACKs from peer.
- Server: enforce 1200 byte Initial minimum packet size.
- [CLEANUP] Remove code to disable gQUIC crypto.
- [CLEANUP] Remove n_timestamps from ACK info struct.
- Optimize driver: reuse previous ancillary message when possible.
2019-12-30 11:29:05 -05:00
Dmitri Tikhonov
7a8b2ece3a Release 2.8.0
- [FEATURE] Add support for Q050.
- [OPTIMIZATION] Reduce mallocs in gQUIC handshake.
- [BUGFIX] Disable redo of failed STREAM frame insertion with debug
  logging.
2019-12-23 16:14:20 -05:00
Dmitri Tikhonov
ff892190dd Release 2.7.3
- [DEBUG] Further dedup next advisory tick messages when reason is
  the same.
- [BUGFIX] Update size of `a` array in TP struct.  Fixes (benign)
  GitHub bug #94.
- Use Cubic by default again instead of BBR, as it delivers more
  consistent performance.
2019-12-18 08:15:02 -05:00
Dmitri Tikhonov
a137764bf2 Release 2.7.2
- [BUGFIX] Send controller: update scheduled bytes when DCID length
  changes (IETF client).
- [BUGFIX] Drop alarm check from sanity test.  It no longer works now
  that we use loss chains.
- [PORTABILITY] Fix build on Alpine Linux.
- [PORTABILITY] Fix build using XCode.
- Client initial DCID length: use RAND_bytes() instead of rand(3).
- Add unit tests for connection min heap.
- [DEBUG] Log CID in gQUIC handshake module
- [DEBUG] Turn on extra checks for IETF client send controller.
- [DEBUG] Dedup next advisory tick messages when reason is IDLE timer.
- [DEBUG] QPACK decoder handler: log header error code.
2019-12-11 09:38:58 -05:00
Dmitri Tikhonov
936463fe29 Release 2.7.1
- [BUGFIX] client: don't call ignore_init() in middle of batch send.
  ignore_init() makes an assumption that the send controller has access
  to all outgoing packets.  This change wraps a few IETF full connection
  methods to delay calling ignore_init() until the engine returns all
  outgoing packets that were batched.
- [BUGFIX] set errno to EAGAIN if sendmmsg() can't send all of them.
  This needs to be done because the value of errno may be lost on
  some platforms.
- [BUGFIX] Typo that set all bits in sm_qflags lead to crashes.
- [BUGFIX] Do not cancel header block processing after failure, as
  QPACK releases the reference in that case.
- [CLEANUP] IETF encrypt: replace assert(0) with a warning.
- Several small improvements to the test server.
2019-12-05 08:44:25 -05:00
Dmitri Tikhonov
7ee4152504 Release 2.7.0
- [API, FEATURE] Close connection immediately when ea_packets_out()
  fails with errno != EAGAIN.  The API change is that errno is now
  examined.  Make sure to set it if using something other than
  sendmsg() to send packets.
- [CLEANUP] Immediate close logic in IETF full conn.
- [CLEANUP] Fix bogus warning about uninitialized `pair' variable.
2019-11-27 15:24:18 -05:00
Dmitri Tikhonov
02b6086dba Release 2.6.7
- [FEATURE] Implement the QL extension (offered by default).
- [BUGFIX] Abort when encountering unexpected HTTP/3 frames.
- [BUGFIX] Acknowledge (QPACK) HTTP/3 trailers correctly.
- [DEBUG] Turn on debug message for next advisory tick.
2019-11-22 00:40:05 -05:00
Dmitri Tikhonov
55f8042d41 Release 2.6.6
- [BUGFIX] Using HTTP/3 to HTTP/1.x converter.
- [BUGFIX] Truncate log messages instead of throwing them away.
2019-11-20 11:43:10 -05:00
Dmitri Tikhonov
be8bc27c5b Fix h3_framing unit test, bump version to 2.6.5 2019-11-15 09:27:48 -05:00
Dmitri Tikhonov
c09fcff4ec Release 2.6.4
- [BUGFIX] High priority buffered packet queue length.
- [BUGFIX] Rain time calculation: max_ack_delay is in milliseconds.
2019-11-15 09:02:07 -05:00
Dmitri Tikhonov
2f7aa65884 Release 2.6.3
- [BUGFIX] Close DATA frames with empty payload correctly.
2019-11-12 14:29:32 -05:00
Dmitri Tikhonov
767cf6112c Release 2.6.2
- [BUGFIX] SCID!=ODCID rule applies to Retry packets, not regular
  packets.
- [BUGFIX] Zero-RTT: BoringSSL no longer flips read/write secrets.
- [BUGFIX] Truncate ACK frame rather instead of aborting IETF
  connection.
- [BUGFIX] Client: don't send duplicate reset tokens.
- [BUGFIX] Remove invalid assertion in H3 framing code.
- Silence a warning in send ctl by restructuring switch() statement.
2019-11-11 14:05:54 -05:00
Dmitri Tikhonov
84dbbb75d5 Release 2.6.1
- [BUGFIX] set retry token on all resubmitted packets.
- Event log: log sent packet flags.  In particular, this allows one
  to see whether token was sent.
- Don't migrate client if es_allow_migration is false.
2019-11-08 14:35:22 -05:00
Dmitri Tikhonov
03e6b668ec Release 2.6.0
- [FEATURE] QUIC and HTTP/3 Internet Draft 24 support
2019-11-07 16:19:03 -05:00
Dmitri Tikhonov
75a7a2a36a Release 2.5.2
- [BUGFIX] argument order to gQUIC client constructor.  Regression
  introduced in 2.5.0.
- [BUGFIX] split buffered packet error recovery: destroy the correct
  packet.
2019-11-07 09:03:36 -05:00
Dmitri Tikhonov
1c9cee3ed5 Release 2.5.1
- [BUGFIX] Fix double-free when emptying a packet number space.
- [BUGFIX] http_server: fix md5sum handler: handle EOF correctly.
- [BUGFIX] Use random values in bits 4 and 5 of the first byte of
  verneg packets (regression introduced in 2.5.0).
- [OPTIMIZATION] Don't compile in expensive attq checks by default.
- [OPTIMIZATION] http_server: compile regexes only once.
2019-11-04 16:44:54 -05:00
Dmitri Tikhonov
a0e1aeeee0 Release 2.5.0
- [API] lsquic_engine_connect() can now be passed QUIC version to use.
- [OPTIMIZATION] Queue opportunistic ACKs if there is data to be sent.
- [BUGFIX] Don't evict streams from priority iterator if there is
  only one queue.
- [OPTIMIZATION, BUGFIX] Several other optimizations and bug fixes.
- Use ls-qpack v0.10.7.
2019-10-31 12:21:14 -04:00
Dmitri Tikhonov
34e9ac5f5d Release 2.4.10: fix regression in 2.4.9, use ls-qpack 0.10.6 2019-10-24 10:17:25 -04:00
Dmitri Tikhonov
df992bcede Release 2.4.9
- [BUGFIX] IETF QUIC server: fix uninitialized variable use.
- [BUGFIX] make sure TLSv1.3 is not disabled in SSL object.
- [BUGFIX] Use issuer name and serial number to cache certs (SKID
  values are not unique).
- [BUGFIX] Always set the idle alarm in IETF connection so that it
  can time out.
2019-10-24 09:46:40 -04:00
Dmitri Tikhonov
d7aae582ea Release 2.4.8
- [OPTIMIZATION, BUGFIX] Use ls-qpack v0.10.5.
2019-10-21 13:42:07 -04:00
Dmitri Tikhonov
0adf085acf Release 2.4.7
- Add echo client and server to the distibution.
- Add MD5 client and server to the distibution.
- Fix http_client: check command-line arguments better, prevent crash.
- Fix IETF conn: can_write_ack() should only care about APP PNS.
- Client: delay stream creation until handshake succeds.
- Reset HTTP stream whose write end is closed prematurely.
- Fix tickable(): mirror behavior of tick() wrt buffered packets.
- Log reason why engine is tickable.
2019-10-15 17:04:14 -04:00
Dmitri Tikhonov
ad08470cea Release 2.4.6
- Minor code cleanup and logging improvements.
- Server and client programs: include library version (e.g. 2.4.6)
  into `server' and `user-agent' headers.
2019-10-11 08:24:24 -04:00
Dmitri Tikhonov
4947ba950d Release 2.4.5
- [OPTIMIZATION]: flush encoder stream only when necessary.
- [BUGFIX] Use ls-qpack v0.10.2 for new API -- and for a bug fix.
- [BUGFIX] Typo in IETF conn SETTINGS writer.
- Use latest BoringSSL.
2019-10-08 15:54:01 -04:00
Dmitri Tikhonov
662de5e197 Release 2.4.4
- [API] Add lsquic_alpn2ver() to aid parsing Alt-Svc header.
- [BUGFIX] NULL dereference when H3 frame header would be split.
- [BUGFIX] Do not close fixed-size H3 frame prematurely.
- [BUGFIX] Allow PING frames in IETF mini conn.
- [BUGFIX] Mini conns: don't send any packets after receiving
  CONNECTION_CLOSE.
- [BUGFIX] Client migration: reserve slot for DCID from transport params.
- [BUGFIX] Allow max_early_data_size=0 -- early_data might not be there.
- [BUGFIX] Use an invalid stream number to reset BPT cache (zero is now a
  valid stream number).
- [SPEC] Use FINAL_SIZE_ERROR when FIN mismatch is detected.
- [OPTIMIZATION] Closed connection only gets one chance to send packets.
- [OPTIMIZATION] Flush headers stream before packetizing stream data.
- [OPTIMIZATION] process QPACK encoder STREAM frames immediately.
- Update ls-qpack to v0.10.1.
2019-10-08 08:36:49 -04:00
Dmitri Tikhonov
1245d2e023 Release 2.4.3
- Add GQUIC versions to the list of h3 ALPNs for Alt-Svc header.
  For example, h3-Q043.  Chrome will switch to using this format at
  some point in the future.
- [BUGFIX] Send correct value in max_streams_uni transport param
- [SPEC] Abort IETF QUIC connection if max_early_data_size is not set
  to 0xFFFFFFFF
2019-09-30 09:56:13 -04:00
Dmitri Tikhonov
65728dc5ee Release 2.4.2
- [BUGFIX] H3 framing: fix zero-byte write when space is available
- [BUGFIX] Don't send STREAM frame when incoming unidirectgional stream
  is closed
- [BUGFIX] Cancel all pending writes by stream reset by a GOAWAY
- [BUGFIX] Fix use-after-free in IETF full conn
- [OPTIMIZATION] Wait for session tickets for two seconds and then drop
  SSL object and crypto streams.
2019-09-23 12:00:10 -04:00
Dmitri Tikhonov
92f6e17bdc Release 2.4.0
[FEATURE] QUIC and HTTP/3 Internet Draft 23 support
2019-09-18 11:22:20 -04:00
Dmitri Tikhonov
a6cdaedba5 Release 2.3.1
- [BUGFIX] Fix memory leaks
- [BUGFIX] Fix unit tests
2019-09-13 09:42:22 -04:00
Dmitri Tikhonov
cca2541523 Release 2.3.0
- [FEATURE] BBR congestion control is on by default
- [BUGFIX] BBR app-limited logic
- [BUGFIX] Fix uninitialized warnings in IETF
- [BUGFIX] Update ls-qpack to v0.9.14
- [CLEANUP] Code cleanup
2019-09-12 14:39:50 -04:00
LiteSpeed Tech
5392f7a3b0
Release 2.2.0: server included, ID-22 supported (#76) 2019-09-11 11:27:58 -04:00
Dmitri Tikhonov
8cba36d873 Release 1.21.2
- [OPTIMIZATION] HPACK: use history to improve compression performance
2019-05-13 08:51:39 -04:00
Dmitri Tikhonov
d539a7520f Release 1.21.1
- [BUGFIX] If FIN or RST not received, don't delay stream destruction.
- [OPTIMIZATION] Speed up HPACK encoder by using same hash value to
  search static and dynamic tables.
2019-05-06 09:40:59 -04:00
Dmitri Tikhonov
55cd0b38b2 Release 1.21.0
[FEATURE] Add qlog log module.
2019-04-12 10:50:45 -04:00
Dmitri Tikhonov
c7d81ce135 Release 1.20.0
[FEATURE] Add support for Q046.
2019-04-01 11:41:55 -04:00
Dmitri Tikhonov
428530e38e Release 1.19.6
- [BUGFIX] Ensure that Largest Observed does not decrease in ACKs we
  send.  ACK frames placed in packets in buffered queues (optimization
  introduced in 1.17.15) can be preceded by an ACK frame generated later.
  In this case, the older ACK frame should not be sent out, as Chromium-
  based servers flags decrease in the ACK frame's Largest Observed value
  as an error.
2019-03-19 16:23:50 -04:00
Dmitri Tikhonov
8437e4a4f2 Release 1.19.5
- [BUGFIX] Use correct public key from PUBS based on KEXS index.
- [BUGFIX] Check flags before dispatching writes, avoiding assert.
- [BUGFIX] Set :scheme to "https" (instead of "HTTP").
2019-03-05 16:56:02 -05:00
Dmitri Tikhonov
90fe3b255d Release 1.19.4
- [BUGFIX] Check buffer bounds when looking up version in 0-RTT blob.
- [BUGFIX] http_client: don't fetch 0-rtt info if handshake failed.
- Log number of pacer calls at DEBUG, rather than NOTICE, level.
2019-02-25 09:12:20 -05:00
Dmitri Tikhonov
9c4445241e Release 1.19.3
- [BUGFIX] Q044: don't encode packet number in 6 bytes.  Six-byte
  packet number encoding does not exist in Q044.  This fixes a
  regression introduced in '[BUGFIX] Buffered packets can contain
  ACK frames' -- we need to keep QUIC version in mind when selecting
  the longest possible packet number encoding used for the buffered
  packet that carries the ACK.
- [BUGFIX] Do not increase CWND when timeout occurs.
- http_client: support setting handshake timeout on command line.
  Use -o handshake_to=timeout.
- http_client: use -k to connect UDP socket to pick up ICMP errors.
- http_client: allow pathless mode, when only handshake is performed
  without issuing any requests.  This can be done by simply not
  specifying a -p flag on the command line.
2019-02-18 08:40:51 -05:00
Dmitri Tikhonov
3329170846 Release 1.19.2
- [BUGFIX] Begin negotiation with version provided in 0-RTT info.
- [BUGFIX] Version checking in zero_rtt deserialize function.
2019-02-11 12:56:57 -05:00
Dmitri Tikhonov
4c244ff72d Release 1.19.1 -- fix Windows build 2019-02-04 12:57:35 -05:00
Dmitri Tikhonov
8ca33e0e19 Release 1.19.0
- [FEATURE, API Change] 0-RTT support.  Add function to export 0-RTT
  information; it can be supplied to a subsequent connect() call.
- [FEATURE] Add -0 flag to http_client to exercise 0-RTT support.
- [BUGFIX] Resuscitate the Windows build.
- [BUGFIX] Send HTTP settings (max header list size) if necessary.
- [BUGFIX] Buffered packets can contain ACK frames.
- [BUGFIX] Make packet writeable once all STREAM frames are elided.
- [BUGFIX] Fix potential null dereference when realloc fails.
- cmake: simplify build configuration.
2019-02-04 08:59:11 -05:00
Dmitri Tikhonov
6aba801d42 Release 1.18.0
- [API Change] Can specify clock granularity in engine settings.
- [BUGFIX] Pacer uses fixed clock granularity.  Since the change on
  2018-04-09, it is not necessary to try to approximate the next tick
  time in the pacer: it can use fix clock granularity specified by
  the user.
- [BUGFIX] Do not tick constantly before handshake is done.
- [BUGFIX] Do not exit tick prematurely: reuse packet with ACK.  Even
  if we cannot allocate *more* packets, we could still be able to write
  to one already allocated.
- [BUGFIX] Do not schedule pacer if there are no lost packets.
2019-01-28 15:41:28 -05:00
Dmitri Tikhonov
4d83f5bd45 Release 1.17.15
- [BUGFIX] http_client: make sure only one read per on_read() callback
  is performed in the header conversion bypass (-B) mode.
- http_client: with -E, assign random priority when stream is created.
- [OPTIMIZATION] On immediate write, place an ACK frame into the first
  buffered packet if an ACK is queued.  This reduces the number of
  standalone ACK packets.
- [OPTIMIZATION] Allow placing more than one STREAM frame from the same
  stream into an outgoing packet.  This change minimizes the number of
  buffered packets required to store several small HTTP messages by
  virtue of allowing more than one STREAM frame from HEADERS stream in
  the same packet.
- [OPTIMIZATION] Flush headers when writing to buffered packets.  This
  causes the headers to be written to the same buffered packet queue,
  thereby improving packet utilization, especially for small HTTP
  messages.
2019-01-21 09:07:02 -05:00
Dmitri Tikhonov
19f667fba5 Release 1.17.14
- [FEATURE] http_client can now collect stats: time to connect, TTFB,
  time to download, requests per seconds, and bandwidth.  See -t flag.

- [BUGFIX] http_client: -B, -K, and -r can be used at the same time.

- [BUGFIX] http_client: do not display cert chain before each request.
  Now this is only done once per connection, if the handshake is
  successful and -a option is given.

- [BUGFIX] Do not wait to dispatch on_close() after reading.  If a
  stream is scheduled to be closed after on_read() callback returns,
  close it immediately instead of waiting until the end of the tick.
  If client creates new request from on_close() event, they will be
  processed in the same tick instead of waiting for the next one.

- [BUGFIX] HEADERS stream is critical: always treat it with highest
  priority.
2019-01-16 15:13:59 -05:00
Dmitri Tikhonov
2815666c2e Update header file and changelog: release 1.17.12 2019-01-10 09:27:47 -05:00
Dmitri Tikhonov
229fce07a3 Release 1.17.11
Fix strict aliasing warning in when compiling with optimizations
2019-01-03 11:48:45 -05:00