New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
QUIC Demuxer and Record Layer (RX+TX) #18949
Conversation
65818dc
to
fe3b438
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mostly just looked at the headers so far.
Not sure what's going on with a/ub/msan. I can't replicate it on my machine with either clang or GCC sanitizers, and the error reported isn't even a sanitizer error... the test is supposed to be deterministic. Hm... |
Just some nits for now. |
I've looked at the use of OSSL_RECORD_METHOD by TLS and KTLS... IMO it's going to be premature to do something like this for now, especially since the KTLS interface for QUIC literally doesn't exist yet. It makes more sense when needing to support four versions of TLS, DTLS plus KTLS, but the scope of variation for QUIC is a lot narrower. I think this can wait for now; moreover, it's either a question of refactoring this now with an unknown design space (future KTLS APIs) which will probably have to be redone later, or later when we actually know what's needed. So, I'd like to avoid introducing polymorphism into the QRL for now. The msan issue is weird. Going to have to try and repro it on a build server. |
Fair enough. |
The test issue was caused by random test ordering. Fixed. |
Updated, refactored. The other KDF function is similar to I think this settles the outstanding feedback. |
Updated:
|
Also while I remember: @paulidale, let me know if it would be more helpful for the iovecs to be a linked list instead of an array. |
Do I understand correctly that this replaces #18870? |
Yeah, it does. |
Updated:
|
Updated (nits). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nits mostly. Great work!
/* Clients should never receive 0-RTT packets. */ | ||
if (rxe->hdr.type == QUIC_PKT_TYPE_0RTT) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given we will need at least rudimentary server for testing, should this be prepared to handle server side? I.e., have a client flag in the OSSL_QRX?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, seems reasonable. I'll get on this at some point.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/* TODO(QUIC): ... */
would WFM too.
Updated, minor changes. |
Added comment. |
This pull request is ready to merge |
Merged to master branch. Thank you for this great work! |
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #18949)
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #18949)
- Adds an RX time field to the OSSL_QRX_PKT structure. - Adds a timekeeping argument to ossl_demux_new which is used to determine packet reception time. - Adds a decoded PN field to the OSSL_QRX_PKT structure. This has to be decoded by the QRX anyway, and its omission was an oversight. - Key update support for the TX side. - Minor refactoring. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #18949)
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#18949)
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#18949)
- Adds an RX time field to the OSSL_QRX_PKT structure. - Adds a timekeeping argument to ossl_demux_new which is used to determine packet reception time. - Adds a decoded PN field to the OSSL_QRX_PKT structure. This has to be decoded by the QRX anyway, and its omission was an oversight. - Key update support for the TX side. - Minor refactoring. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#18949)
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#18949)
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#18949)
- Adds an RX time field to the OSSL_QRX_PKT structure. - Adds a timekeeping argument to ossl_demux_new which is used to determine packet reception time. - Adds a decoded PN field to the OSSL_QRX_PKT structure. This has to be decoded by the QRX anyway, and its omission was an oversight. - Key update support for the TX side. - Minor refactoring. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from openssl#18949)
Here we go.
RX only for now aside from some small currently-vestigial pieces of TX functionality.
Key update is mandatory AIUI but involves interaction between the TX/RX pieces so the plan is:
So this shouldn't be merged yet (well, it could be, and I just make a new PR), but reviews are welcome.
This includes a demuxer because implementing the QRL resulted in 90% of the functionality of a demuxer and it made no sense not to include it, since there's necessary interaction between the two.