2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "internal/packet.h"
11 #include "internal/nelem.h"
12 #include "internal/quic_wire.h"
13 #include "internal/quic_record_rx.h"
14 #include "internal/quic_ackm.h"
15 #include "internal/quic_rx_depack.h"
16 #include "internal/sockets.h"
18 #include "quic_record_rx_wrap.h"
19 #include "quic_local.h"
20 #include "../ssl_local.h"
23 * TODO(QUIC): ASSUMPTION: the QUIC_CONNECTION structure refers to other related
24 * components, such as OSSL_ACKM and OSSL_QRX, in some manner. These macros
25 * should be used to get those components.
27 #define GET_CONN_ACKM(c) ((c)->ackm)
28 #define GET_CONN_QRX(c) ((c)->qrx)
29 #define GET_CONN_STATEM(c) ((c)->ssl.statem)
31 #if 0 /* Currently unimplemented */
32 # define GET_CONN_ACK_DELAY_EXP(c) (QUIC_CONNECTION_get_ack_delay_exponent(c))
34 /* 3 is the default, see RFC 9000, 18.2. Transport Parameter Definitions */
35 # define GET_CONN_ACK_DELAY_EXP(c) 3
38 /* TODO(QUIC): [BEGIN: TO BE REMOVED] placeholder macros and functions */
40 /* Diverse things that should be implemented elsewhere, bur currently aren't. */
42 typedef struct quic_stream_st QUIC_STREAM
;
45 * TODO(QUIC): ASSUMPTION: ssl_get_stream() gets a QUIC_STREAM from a connection
46 * by stream ID. For now, we simply return a fake stream.
48 static QUIC_STREAM
*ssl_get_stream(QUIC_CONNECTION
*conn
, uint64_t stream_id
)
50 static uint64_t fake_stream
= 0;
52 return (QUIC_STREAM
*)&fake_stream
;
56 * TODO(QUIC): ASSUMPTION: ssl_get_stream_type() gets a stream type from a
60 #define SSL_STREAM_TYPE_R 1
62 #define SSL_STREAM_TYPE_S 2
64 #define SSL_STREAM_TYPE_B (SSL_STREAM_TYPE_R|SSL_STREAM_TYPE_S)
65 static int ssl_get_stream_type(QUIC_STREAM
*stream
)
67 return SSL_STREAM_TYPE_B
;
71 * TODO(QUIC): ASSUMPTION: ssl_queue_data() adds data to a QUIC_STREAM, to be
72 * consumed by the application when doing an SSL_read().
74 * We assume that queuing of the data has to be done without copying, thus
75 * we get the reference counting QRX packet wrapper so it can increment the
76 * reference count. When the data is consumed (i.e. as a result of, say,
77 * SSL_read()), ossl_qrx_pkt_wrap_free() must be called.
79 static int ssl_queue_data(QUIC_STREAM
*stream
, OSSL_QRX_PKT_WRAP
*pkt_wrap
,
80 const unsigned char *data
, uint64_t data_len
,
81 uint64_t logical_offset
, int is_fin
)
84 * Since this function is just a placeholder that doesn't actually queue
85 * anything, we do nothing here, not even the reference count increment.
89 * 1. Queuing the data and the parent packet wrapper should happen here,
90 * and this call with it:
92 * ossl_qrx_pkt_wrap_up_ref(pkt_wrap);
94 * 2. Dequeuing the data happens somewhere else, and this call with it
95 * (|pkt_wrap| replaced with the pointer from the queue):
97 * ossl_qrx_pkt_wrap_free(pkt_wrap);
103 * TODO(QUIC): ASSUMPTION: ssl_close_stream() detaches the QUIC_STREAM from
104 * the QUIC_CONNECTION it's attached to, and then destroys that QUIC_STREAM
105 * (as well as its SSL object). |how| works the same way as in shutdown(2),
106 * i.e. |SHUT_RD| closes the reader part, |SHUT_WR| closes the writer part.
108 static int ssl_close_stream(QUIC_STREAM
*stream
, int how
)
114 * TODO(QUIC): ASSUMPTION: ssl_close_connection() closes all the streams that
115 * are attached to it, then closes the QUIC_CONNECTION as well.
116 * Actual cleanup / destruction of the QUIC_CONNECTION is assumed to be done
117 * higher up in the call stack (state machine, for example?).
119 static int ssl_close_connection(QUIC_CONNECTION
*connection
)
125 * TODO(QUIC): ASSUMPTION: ossl_statem_set_error_state() sets an overall error
126 * state in the state machine. It's up to the state machine to determine what
129 #define QUIC_STREAM_STATE_ERROR 1
132 * QUICfatal() et al is the same as SSLfatal(), but for QUIC. We define a
133 * placeholder here as long as it's not defined elsewhere.
135 * ossl_quic_fatal() is an error reporting building block used instead of
136 * ERR_set_error(). In addition to what ERR_set_error() does, this puts
137 * the state machine into an error state and sends an alert if appropriate,
138 * and also closes the current connection.
139 * This is a permanent error for the current connection.
143 static void ossl_quic_fatal(QUIC_CONNECTION
*c
, int al
, int reason
,
144 const char *fmt
, ...)
149 ERR_vset_error(ERR_LIB_SSL
, reason
, fmt
, args
);
153 * TODO(QUIC): ADD CODE to set the state machine error.
154 * It's assumed that you can get the state machine with
158 ssl_close_connection(c
);
161 # define QUICfatal(c, al, r) QUICfatal_data((c), (al), (r), NULL)
162 # define QUICfatal_data \
164 ERR_set_debug(OPENSSL_FILE, OPENSSL_LINE, OPENSSL_FUNC), \
168 /* TODO(QUIC): [END: TO BE REMOVED] */
171 * Helper functions to process different frame types.
173 * Typically, those that are ACK eliciting will take an OSSL_ACKM_RX_PKT
174 * pointer argument, the few that aren't ACK eliciting will not. This makes
175 * them a verifiable pattern against tables where this is specified.
178 static int depack_do_frame_padding(PACKET
*pkt
)
180 /* We ignore this frame */
181 return ossl_quic_wire_decode_padding(pkt
);
184 static int depack_do_frame_ping(PACKET
*pkt
, OSSL_ACKM_RX_PKT
*ackm_data
)
186 /* We ignore this frame, apart from eliciting an ACK */
187 if (!ossl_quic_wire_decode_frame_ping(pkt
))
189 /* This frame makes the packet ACK eliciting */
190 ackm_data
->is_ack_eliciting
= 1;
194 static int depack_do_frame_ack(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
195 int packet_space
, OSSL_TIME received
)
197 OSSL_QUIC_FRAME_ACK ack
;
198 OSSL_QUIC_ACK_RANGE
*ack_ranges
;
199 uint64_t total_ranges
= 0;
200 uint32_t ack_delay_exp
= GET_CONN_ACK_DELAY_EXP(connection
);
201 int ok
= 1; /* Assume the best */
203 if (!ossl_quic_wire_peek_frame_ack_num_ranges(pkt
, &total_ranges
)
204 /* In case sizeof(uint64_t) > sizeof(size_t) */
205 || total_ranges
> SIZE_MAX
/ sizeof(ack_ranges
[0])
206 || (ack_ranges
= OPENSSL_zalloc(sizeof(ack_ranges
[0])
207 * (size_t)total_ranges
)) == NULL
)
210 ack
.ack_ranges
= ack_ranges
;
211 ack
.num_ack_ranges
= (size_t)total_ranges
;
213 if (!ossl_quic_wire_decode_frame_ack(pkt
, ack_delay_exp
, &ack
, NULL
))
216 && !ossl_ackm_on_rx_ack_frame(GET_CONN_ACKM(connection
), &ack
,
217 packet_space
, received
))
220 OPENSSL_free(ack_ranges
);
226 static int depack_do_frame_reset_stream(PACKET
*pkt
,
227 QUIC_CONNECTION
*connection
,
228 OSSL_ACKM_RX_PKT
*ackm_data
)
230 OSSL_QUIC_FRAME_RESET_STREAM frame_data
;
231 QUIC_STREAM
*stream
= NULL
;
234 if (!ossl_quic_wire_decode_frame_reset_stream(pkt
, &frame_data
))
237 /* This frame makes the packet ACK eliciting */
238 ackm_data
->is_ack_eliciting
= 1;
240 if ((stream
= ssl_get_stream(connection
, frame_data
.stream_id
)) == NULL
)
242 stream_type
= ssl_get_stream_type(stream
);
244 ssl_close_stream(stream
, SHUT_WR
); /* Reuse shutdown(2) symbols */
245 if ((stream_type
& SSL_STREAM_TYPE_S
) != 0) {
246 QUICfatal(connection
, QUIC_STREAM_STATE_ERROR
, ERR_R_INTERNAL_ERROR
);
252 static int depack_do_frame_stop_sending(PACKET
*pkt
,
253 QUIC_CONNECTION
*connection
,
254 OSSL_ACKM_RX_PKT
*ackm_data
)
256 OSSL_QUIC_FRAME_STOP_SENDING frame_data
;
257 QUIC_STREAM
*stream
= NULL
;
260 if (!ossl_quic_wire_decode_frame_stop_sending(pkt
, &frame_data
))
263 /* This frame makes the packet ACK eliciting */
264 ackm_data
->is_ack_eliciting
= 1;
266 if ((stream
= ssl_get_stream(connection
, frame_data
.stream_id
)) == NULL
)
268 stream_type
= ssl_get_stream_type(stream
);
270 ssl_close_stream(stream
, SHUT_RD
); /* Reuse shutdown(2) symbols */
271 if ((stream_type
& SSL_STREAM_TYPE_R
) != 0) {
272 QUICfatal(connection
, QUIC_STREAM_STATE_ERROR
, ERR_R_INTERNAL_ERROR
);
278 static int depack_do_frame_crypto(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
279 OSSL_ACKM_RX_PKT
*ackm_data
)
281 OSSL_QUIC_FRAME_CRYPTO frame_data
;
283 if (!ossl_quic_wire_decode_frame_crypto(pkt
, &frame_data
))
286 /* This frame makes the packet ACK eliciting */
287 ackm_data
->is_ack_eliciting
= 1;
289 /* TODO(QUIC): ADD CODE to send |frame_data.data| to the handshake manager */
294 static int depack_do_frame_new_token(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
295 OSSL_ACKM_RX_PKT
*ackm_data
)
297 const uint8_t *token
;
300 if (!ossl_quic_wire_decode_frame_new_token(pkt
, &token
, &token_len
))
303 /* This frame makes the packet ACK eliciting */
304 ackm_data
->is_ack_eliciting
= 1;
306 /* TODO(QUIC): ADD CODE to send |token| to the session manager */
311 static int depack_do_frame_stream(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
312 OSSL_QRX_PKT_WRAP
*parent_pkt
,
313 OSSL_ACKM_RX_PKT
*ackm_data
)
315 OSSL_QUIC_FRAME_STREAM frame_data
;
318 if (!ossl_quic_wire_decode_frame_stream(pkt
, &frame_data
))
321 /* This frame makes the packet ACK eliciting */
322 ackm_data
->is_ack_eliciting
= 1;
325 * TODO(QUIC): ASSUMPTION: ssl_get_stream() gets a QUIC_STREAM from a
326 * QUIC_CONNECTION by stream ID.
328 if ((stream
= ssl_get_stream(connection
, frame_data
.stream_id
)) == NULL
)
331 * TODO(QUIC): ASSUMPTION: ssl_queue_data() knows what to do with
332 * |frame_data.offset| and |frame_data.is_fin|.
334 if (!ssl_queue_data(stream
, parent_pkt
, frame_data
.data
, frame_data
.len
,
335 frame_data
.offset
, frame_data
.is_fin
))
340 static int depack_do_frame_max_data(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
341 OSSL_ACKM_RX_PKT
*ackm_data
)
343 uint64_t max_data
= 0;
345 if (!ossl_quic_wire_decode_frame_max_data(pkt
, &max_data
))
348 /* This frame makes the packet ACK eliciting */
349 ackm_data
->is_ack_eliciting
= 1;
351 /* TODO(QUIC): ADD CODE to send |max_data| to flow control */
356 static int depack_do_frame_max_stream_data(PACKET
*pkt
,
357 QUIC_CONNECTION
*connection
,
358 OSSL_ACKM_RX_PKT
*ackm_data
)
360 uint64_t stream_id
= 0;
361 uint64_t max_stream_data
= 0;
363 if (!ossl_quic_wire_decode_frame_max_stream_data(pkt
, &stream_id
,
367 /* This frame makes the packet ACK eliciting */
368 ackm_data
->is_ack_eliciting
= 1;
370 /* TODO(QUIC): ADD CODE to send |max_stream_data| to flow control */
375 static int depack_do_frame_max_streams(PACKET
*pkt
,
376 QUIC_CONNECTION
*connection
,
377 OSSL_ACKM_RX_PKT
*ackm_data
)
379 uint64_t max_streams
= 0;
381 if (!ossl_quic_wire_decode_frame_max_streams(pkt
, &max_streams
))
384 /* This frame makes the packet ACK eliciting */
385 ackm_data
->is_ack_eliciting
= 1;
387 /* TODO(QUIC): ADD CODE to send |max_streams| to the connection manager */
392 static int depack_do_frame_data_blocked(PACKET
*pkt
,
393 QUIC_CONNECTION
*connection
,
394 OSSL_ACKM_RX_PKT
*ackm_data
)
396 uint64_t max_data
= 0;
398 if (!ossl_quic_wire_decode_frame_data_blocked(pkt
, &max_data
))
401 /* This frame makes the packet ACK eliciting */
402 ackm_data
->is_ack_eliciting
= 1;
404 /* TODO(QUIC): ADD CODE to send |max_data| to flow control */
409 static int depack_do_frame_stream_data_blocked(PACKET
*pkt
,
410 QUIC_CONNECTION
*connection
,
411 OSSL_ACKM_RX_PKT
*ackm_data
)
413 uint64_t stream_id
= 0;
414 uint64_t max_data
= 0;
416 if (!ossl_quic_wire_decode_frame_stream_data_blocked(pkt
, &stream_id
,
420 /* This frame makes the packet ACK eliciting */
421 ackm_data
->is_ack_eliciting
= 1;
423 /* TODO(QUIC): ADD CODE to send |max_data| to flow control */
428 static int depack_do_frame_streams_blocked(PACKET
*pkt
,
429 QUIC_CONNECTION
*connection
,
430 OSSL_ACKM_RX_PKT
*ackm_data
)
432 uint64_t max_data
= 0;
434 if (!ossl_quic_wire_decode_frame_streams_blocked(pkt
, &max_data
))
437 /* This frame makes the packet ACK eliciting */
438 ackm_data
->is_ack_eliciting
= 1;
440 /* TODO(QUIC): ADD CODE to send |max_data| to connection manager */
445 static int depack_do_frame_new_conn_id(PACKET
*pkt
,
446 QUIC_CONNECTION
*connection
,
447 OSSL_ACKM_RX_PKT
*ackm_data
)
449 OSSL_QUIC_FRAME_NEW_CONN_ID frame_data
;
451 if (!ossl_quic_wire_decode_frame_new_conn_id(pkt
, &frame_data
))
454 /* This frame makes the packet ACK eliciting */
455 ackm_data
->is_ack_eliciting
= 1;
457 /* TODO(QUIC): ADD CODE to send |frame_data.data| to the connection manager */
462 static int depack_do_frame_retire_conn_id(PACKET
*pkt
,
463 QUIC_CONNECTION
*connection
,
464 OSSL_ACKM_RX_PKT
*ackm_data
)
468 if (!ossl_quic_wire_decode_frame_retire_conn_id(pkt
, &seq_num
))
471 /* This frame makes the packet ACK eliciting */
472 ackm_data
->is_ack_eliciting
= 1;
474 /* TODO(QUIC): ADD CODE to send |seq_num| to the connection manager */
478 static int depack_do_frame_path_challenge(PACKET
*pkt
,
479 QUIC_CONNECTION
*connection
,
480 OSSL_ACKM_RX_PKT
*ackm_data
)
482 uint64_t frame_data
= 0;
484 if (!ossl_quic_wire_decode_frame_path_challenge(pkt
, &frame_data
))
487 /* This frame makes the packet ACK eliciting */
488 ackm_data
->is_ack_eliciting
= 1;
490 /* TODO(QUIC): ADD CODE to send |frame_data| to the connection manager */
495 static int depack_do_frame_path_response(PACKET
*pkt
,
496 QUIC_CONNECTION
*connection
,
497 OSSL_ACKM_RX_PKT
*ackm_data
)
499 uint64_t frame_data
= 0;
501 if (!ossl_quic_wire_decode_frame_path_response(pkt
, &frame_data
))
504 /* This frame makes the packet ACK eliciting */
505 ackm_data
->is_ack_eliciting
= 1;
507 /* TODO(QUIC): ADD CODE to send |frame_data| to the connection manager */
512 static int depack_do_frame_conn_close(PACKET
*pkt
, QUIC_CONNECTION
*connection
)
514 OSSL_QUIC_FRAME_CONN_CLOSE frame_data
;
516 if (!ossl_quic_wire_decode_frame_conn_close(pkt
, &frame_data
))
519 /* TODO(QUIC): ADD CODE to send |frame_data| to the connection manager */
524 static int depack_do_frame_handshake_done(PACKET
*pkt
,
525 QUIC_CONNECTION
*connection
,
526 OSSL_ACKM_RX_PKT
*ackm_data
)
528 if (!ossl_quic_wire_decode_frame_handshake_done(pkt
))
531 /* This frame makes the packet ACK eliciting */
532 ackm_data
->is_ack_eliciting
= 1;
534 /* TODO(QUIC): ADD CODE to tell the handshake manager that we're done */
539 static int depack_do_frame_unknown_extension(PACKET
*pkt
,
540 QUIC_CONNECTION
*connection
,
541 OSSL_ACKM_RX_PKT
*ackm_data
)
544 * According to RFC 9000, 19.21. Extension Frames, extension frames
545 * should be ACK eliciting. It might be over zealous to do so for
546 * extensions OpenSSL doesn't know how to handle, but shouldn't hurt
550 /* This frame makes the packet ACK eliciting */
551 ackm_data
->is_ack_eliciting
= 1;
554 * Because we have no idea how to advance to the next frame, we return 0
555 * everywhere, thereby stopping the depacketizing process.
561 /* Main frame processor */
563 static int depack_process_frames(QUIC_CONNECTION
*connection
, PACKET
*pkt
,
564 OSSL_QRX_PKT_WRAP
*parent_pkt
, int packet_space
,
565 OSSL_TIME received
, OSSL_ACKM_RX_PKT
*ackm_data
)
567 uint32_t pkt_type
= parent_pkt
->pkt
->hdr
->type
;
569 while (PACKET_remaining(pkt
) > 0) {
572 if (!ossl_quic_wire_peek_frame_header(pkt
, &frame_type
))
575 switch (frame_type
) {
576 case OSSL_QUIC_FRAME_TYPE_PING
:
577 /* Allowed in all packet types */
578 if (!depack_do_frame_ping(pkt
, ackm_data
))
581 case OSSL_QUIC_FRAME_TYPE_PADDING
:
582 /* Allowed in all packet types */
583 if (!depack_do_frame_padding(pkt
))
587 case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN
:
588 case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN
:
589 /* ACK frames are valid everywhere except in 0RTT packets */
590 if (pkt_type
== QUIC_PKT_TYPE_0RTT
)
592 if (!depack_do_frame_ack(pkt
, connection
, packet_space
, received
))
596 case OSSL_QUIC_FRAME_TYPE_RESET_STREAM
:
597 /* RESET_STREAM frames are valid in 0RTT and 1RTT packets */
598 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
599 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
601 if (!depack_do_frame_reset_stream(pkt
, connection
, ackm_data
))
604 case OSSL_QUIC_FRAME_TYPE_STOP_SENDING
:
605 /* STOP_SENDING frames are valid in 0RTT and 1RTT packets */
606 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
607 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
609 if (!depack_do_frame_stop_sending(pkt
, connection
, ackm_data
))
612 case OSSL_QUIC_FRAME_TYPE_CRYPTO
:
613 /* CRYPTO frames are valid everywhere except in 0RTT packets */
614 if (pkt_type
== QUIC_PKT_TYPE_0RTT
)
616 if (!depack_do_frame_crypto(pkt
, connection
, ackm_data
))
619 case OSSL_QUIC_FRAME_TYPE_NEW_TOKEN
:
620 /* NEW_TOKEN frames are valid in 1RTT packets */
621 if (pkt_type
!= QUIC_PKT_TYPE_1RTT
)
623 if (!depack_do_frame_new_token(pkt
, connection
, ackm_data
))
627 case OSSL_QUIC_FRAME_TYPE_STREAM
:
628 case OSSL_QUIC_FRAME_TYPE_STREAM_FIN
:
629 case OSSL_QUIC_FRAME_TYPE_STREAM_LEN
:
630 case OSSL_QUIC_FRAME_TYPE_STREAM_LEN_FIN
:
631 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF
:
632 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_FIN
:
633 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN
:
634 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN_FIN
:
635 /* STREAM frames are valid in 0RTT and 1RTT packets */
636 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
637 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
639 if (!depack_do_frame_stream(pkt
, connection
, parent_pkt
, ackm_data
))
643 case OSSL_QUIC_FRAME_TYPE_MAX_DATA
:
644 /* MAX_DATA frames are valid in 0RTT and 1RTT packets */
645 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
646 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
648 if (!depack_do_frame_max_data(pkt
, connection
, ackm_data
))
651 case OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA
:
652 /* MAX_STREAM_DATA frames are valid in 0RTT and 1RTT packets */
653 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
654 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
656 if (!depack_do_frame_max_stream_data(pkt
, connection
, ackm_data
))
660 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI
:
661 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI
:
662 /* MAX_STREAMS frames are valid in 0RTT and 1RTT packets */
663 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
664 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
666 if (!depack_do_frame_max_streams(pkt
, connection
, ackm_data
))
670 case OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED
:
671 /* DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */
672 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
673 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
675 if (!depack_do_frame_data_blocked(pkt
, connection
, ackm_data
))
678 case OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED
:
679 /* STREAM_DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */
680 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
681 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
683 if (!depack_do_frame_stream_data_blocked(pkt
, connection
, ackm_data
))
687 case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI
:
688 case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI
:
689 /* STREAMS_BLOCKED frames are valid in 0RTT and 1RTT packets */
690 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
691 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
693 if (!depack_do_frame_streams_blocked(pkt
, connection
, ackm_data
))
697 case OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID
:
698 /* NEW_CONN_ID frames are valid in 0RTT and 1RTT packets */
699 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
700 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
702 if (!depack_do_frame_new_conn_id(pkt
, connection
, ackm_data
))
705 case OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID
:
706 /* RETIRE_CONN_ID frames are valid in 0RTT and 1RTT packets */
707 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
708 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
710 if (!depack_do_frame_retire_conn_id(pkt
, connection
, ackm_data
))
713 case OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE
:
714 /* PATH_CHALLENGE frames are valid in 0RTT and 1RTT packets */
715 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
716 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
718 if (!depack_do_frame_path_challenge(pkt
, connection
, ackm_data
))
721 case OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE
:
722 /* PATH_RESPONSE frames are valid in 1RTT packets */
723 if (pkt_type
!= QUIC_PKT_TYPE_1RTT
)
725 if (!depack_do_frame_path_response(pkt
, connection
, ackm_data
))
729 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP
:
730 /* CONN_CLOSE_APP frames are valid in 0RTT and 1RTT packets */
731 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
732 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
735 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT
:
736 /* CONN_CLOSE_TRANSPORT frames are valid in all packets */
737 if (!depack_do_frame_conn_close(pkt
, connection
))
741 case OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE
:
742 /* HANDSHAKE_DONE frames are valid in 1RTT packets */
743 if (pkt_type
!= QUIC_PKT_TYPE_1RTT
)
745 if (!depack_do_frame_handshake_done(pkt
, connection
, ackm_data
))
750 /* Unknown frame type. */
751 if (!depack_do_frame_unknown_extension(pkt
, connection
, ackm_data
))
761 int ossl_quic_handle_frames(QUIC_CONNECTION
*connection
, OSSL_QRX_PKT
*qpacket
)
764 OSSL_ACKM_RX_PKT ackm_data
;
765 OSSL_QRX_PKT_WRAP
*qpkt_wrap
= NULL
;
767 * ok has three states:
768 * -1 error with ackm_data uninitialized
769 * 0 error with ackm_data initialized
770 * 1 success (ackm_data initialized)
772 int ok
= -1; /* Assume the worst */
774 if (connection
== NULL
)
777 if ((qpkt_wrap
= ossl_qrx_pkt_wrap_new(qpacket
)) == NULL
)
780 /* Initialize |ackm_data| (and reinitialize |ok|)*/
781 memset(&ackm_data
, 0, sizeof(ackm_data
));
783 * TODO(QUIC): ASSUMPTION: All packets that aren't special case have a
786 ackm_data
.pkt_num
= qpacket
->pn
;
787 ackm_data
.time
= qpacket
->time
;
788 switch (qpacket
->hdr
->type
) {
789 case QUIC_PKT_TYPE_INITIAL
:
790 ackm_data
.pkt_space
= QUIC_PN_SPACE_INITIAL
;
792 case QUIC_PKT_TYPE_HANDSHAKE
:
793 ackm_data
.pkt_space
= QUIC_PN_SPACE_HANDSHAKE
;
795 case QUIC_PKT_TYPE_0RTT
:
796 case QUIC_PKT_TYPE_1RTT
:
797 ackm_data
.pkt_space
= QUIC_PN_SPACE_APP
;
800 ok
= 0; /* Still assume the worst */
802 /* Handle special cases */
803 if (qpacket
->hdr
->type
== QUIC_PKT_TYPE_RETRY
) {
804 /* TODO(QUIC): ADD CODE to handle a retry */
806 } else if (qpacket
->hdr
->type
== QUIC_PKT_TYPE_VERSION_NEG
) {
807 /* TODO(QUIC): ADD CODE to handle version negotiation */
811 /* Now that special cases are out of the way, parse frames */
812 if (!PACKET_buf_init(&pkt
, qpacket
->hdr
->data
, qpacket
->hdr
->len
)
813 || !depack_process_frames(connection
, &pkt
, qpkt_wrap
,
814 ackm_data
.pkt_space
, qpacket
->time
,
822 * TODO(QUIC): ASSUMPTION: If this function is called at all, |qpacket| is
823 * a legitimate packet, even if its contents aren't.
824 * Therefore, we call ossl_ackm_on_rx_packet() unconditionally, as long as
825 * |ackm_data| has at least been initialized.
828 ossl_ackm_on_rx_packet(GET_CONN_ACKM(connection
), &ackm_data
);
831 * Let go of the packet pointer in |qpkt_wrap|. This means that the
832 * reference counter can't be incremented any more.
834 if (qpkt_wrap
!= NULL
)
835 qpkt_wrap
->pkt
= NULL
;
837 ossl_qrx_pkt_wrap_free(GET_CONN_QRX(connection
), qpkt_wrap
);
841 int ossl_quic_depacketize(QUIC_CONNECTION
*connection
)
843 OSSL_QRX_PKT qpacket
;
845 if (connection
== NULL
)
848 /* Try to read a packet from the read record layer */
849 memset(&qpacket
, 0, sizeof(qpacket
));
850 if (ossl_qrx_read_pkt(GET_CONN_QRX(connection
), &qpacket
) <= 0)
853 return ossl_quic_handle_frames(connection
, &qpacket
);