2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "internal/packet.h"
11 #include "internal/nelem.h"
12 #include "internal/quic_wire.h"
13 #include "internal/quic_record_rx.h"
14 #include "internal/quic_ackm.h"
15 #include "internal/quic_rx_depack.h"
16 #include "internal/quic_error.h"
17 #include "internal/quic_fc.h"
18 #include "internal/sockets.h"
20 #include "quic_local.h"
21 #include "../ssl_local.h"
24 * TODO(QUIC): ASSUMPTION: the QUIC_CONNECTION structure refers to other related
25 * components, such as OSSL_ACKM and OSSL_QRX, in some manner. These macros
26 * should be used to get those components.
28 #define GET_CONN_ACKM(c) ((c)->ackm)
29 #define GET_CONN_QRX(c) ((c)->qrx)
30 #define GET_CONN_STATEM(c) ((c)->ssl.statem)
32 #if 0 /* Currently unimplemented */
33 # define GET_CONN_ACK_DELAY_EXP(c) (QUIC_CONNECTION_get_ack_delay_exponent(c))
35 /* 3 is the default, see RFC 9000, 18.2. Transport Parameter Definitions */
36 # define GET_CONN_ACK_DELAY_EXP(c) 3
40 * TODO(QUIC): In MVP the QUIC_CONNECTION is the only supported stream.
42 static QUIC_STREAM
*ssl_get_stream(QUIC_CONNECTION
*conn
, uint64_t stream_id
)
44 return stream_id
== 0 ? &conn
->stream
: NULL
;
48 * TODO(QUIC): ASSUMPTION: ssl_get_stream_type() gets a stream type from a
52 #define SSL_STREAM_TYPE_R 1
54 #define SSL_STREAM_TYPE_S 2
56 #define SSL_STREAM_TYPE_B (SSL_STREAM_TYPE_R|SSL_STREAM_TYPE_S)
57 static int ssl_get_stream_type(QUIC_STREAM
*stream
)
59 return SSL_STREAM_TYPE_B
;
63 * We assume that queuing of the data has to be done without copying, thus
64 * we get the reference counting QRX packet wrapper so it can increment the
65 * reference count. When the data is consumed (i.e. as a result of, say,
66 * SSL_read()), ossl_qrx_pkt_wrap_free() must be called.
68 static int ssl_queue_data(QUIC_STREAM
*stream
, OSSL_QRX_PKT
*pkt
,
69 const unsigned char *data
, uint64_t data_len
,
70 uint64_t logical_offset
, int is_fin
)
72 /* Notify stream flow controller */
73 if (stream
->rxfc
!= NULL
74 && (!ossl_quic_rxfc_on_rx_stream_frame(stream
->rxfc
,
75 logical_offset
+ data_len
,
77 || ossl_quic_rxfc_get_error(stream
->rxfc
, 0) != QUIC_ERR_NO_ERROR
))
78 /* QUIC_ERR_FLOW_CONTROL_ERROR or QUIC_ERR_FINAL_SIZE detected */
81 return stream
->rstream
== NULL
82 || ossl_quic_rstream_queue_data(stream
->rstream
, pkt
,
83 logical_offset
, data
, data_len
,
88 * TODO(QUIC): ASSUMPTION: ssl_close_stream() detaches the QUIC_STREAM from
89 * the QUIC_CONNECTION it's attached to, and then destroys that QUIC_STREAM
90 * (as well as its SSL object). |how| works the same way as in shutdown(2),
91 * i.e. |SHUT_RD| closes the reader part, |SHUT_WR| closes the writer part.
93 static int ssl_close_stream(QUIC_STREAM
*stream
, int how
)
99 * TODO(QUIC): ASSUMPTION: ssl_close_connection() closes all the streams that
100 * are attached to it, then closes the QUIC_CONNECTION as well.
101 * Actual cleanup / destruction of the QUIC_CONNECTION is assumed to be done
102 * higher up in the call stack (state machine, for example?).
104 static int ssl_close_connection(QUIC_CONNECTION
*connection
)
110 * TODO(QUIC): ASSUMPTION: ossl_statem_set_error_state() sets an overall error
111 * state in the state machine. It's up to the state machine to determine what
114 #define QUIC_STREAM_STATE_ERROR 1
117 * QUICfatal() et al is the same as SSLfatal(), but for QUIC. We define a
118 * placeholder here as long as it's not defined elsewhere.
120 * ossl_quic_fatal() is an error reporting building block used instead of
121 * ERR_set_error(). In addition to what ERR_set_error() does, this puts
122 * the state machine into an error state and sends an alert if appropriate,
123 * and also closes the current connection.
124 * This is a permanent error for the current connection.
128 static void ossl_quic_fatal(QUIC_CONNECTION
*c
, int al
, int reason
,
129 const char *fmt
, ...)
134 ERR_vset_error(ERR_LIB_SSL
, reason
, fmt
, args
);
138 * TODO(QUIC): ADD CODE to set the state machine error.
139 * It's assumed that you can get the state machine with
143 ssl_close_connection(c
);
146 # define QUICfatal(c, al, r) QUICfatal_data((c), (al), (r), NULL)
147 # define QUICfatal_data \
149 ERR_set_debug(OPENSSL_FILE, OPENSSL_LINE, OPENSSL_FUNC), \
153 /* TODO(QUIC): [END: TO BE REMOVED] */
156 * Helper functions to process different frame types.
158 * Typically, those that are ACK eliciting will take an OSSL_ACKM_RX_PKT
159 * pointer argument, the few that aren't ACK eliciting will not. This makes
160 * them a verifiable pattern against tables where this is specified.
163 static int depack_do_frame_padding(PACKET
*pkt
)
165 /* We ignore this frame */
166 return ossl_quic_wire_decode_padding(pkt
);
169 static int depack_do_frame_ping(PACKET
*pkt
, OSSL_ACKM_RX_PKT
*ackm_data
)
171 /* We ignore this frame, apart from eliciting an ACK */
172 if (!ossl_quic_wire_decode_frame_ping(pkt
))
174 /* This frame makes the packet ACK eliciting */
175 ackm_data
->is_ack_eliciting
= 1;
179 static int depack_do_frame_ack(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
180 int packet_space
, OSSL_TIME received
)
182 OSSL_QUIC_FRAME_ACK ack
;
183 OSSL_QUIC_ACK_RANGE
*ack_ranges
;
184 uint64_t total_ranges
= 0;
185 uint32_t ack_delay_exp
= GET_CONN_ACK_DELAY_EXP(connection
);
186 int ok
= 1; /* Assume the best */
188 if (!ossl_quic_wire_peek_frame_ack_num_ranges(pkt
, &total_ranges
)
189 /* In case sizeof(uint64_t) > sizeof(size_t) */
190 || total_ranges
> SIZE_MAX
/ sizeof(ack_ranges
[0])
191 || (ack_ranges
= OPENSSL_zalloc(sizeof(ack_ranges
[0])
192 * (size_t)total_ranges
)) == NULL
)
195 ack
.ack_ranges
= ack_ranges
;
196 ack
.num_ack_ranges
= (size_t)total_ranges
;
198 if (!ossl_quic_wire_decode_frame_ack(pkt
, ack_delay_exp
, &ack
, NULL
))
201 && !ossl_ackm_on_rx_ack_frame(GET_CONN_ACKM(connection
), &ack
,
202 packet_space
, received
))
205 OPENSSL_free(ack_ranges
);
211 static int depack_do_frame_reset_stream(PACKET
*pkt
,
212 QUIC_CONNECTION
*connection
,
213 OSSL_ACKM_RX_PKT
*ackm_data
)
215 OSSL_QUIC_FRAME_RESET_STREAM frame_data
;
216 QUIC_STREAM
*stream
= NULL
;
219 if (!ossl_quic_wire_decode_frame_reset_stream(pkt
, &frame_data
))
222 /* This frame makes the packet ACK eliciting */
223 ackm_data
->is_ack_eliciting
= 1;
225 if ((stream
= ssl_get_stream(connection
, frame_data
.stream_id
)) == NULL
)
227 stream_type
= ssl_get_stream_type(stream
);
229 ssl_close_stream(stream
, SHUT_WR
); /* Reuse shutdown(2) symbols */
230 if ((stream_type
& SSL_STREAM_TYPE_S
) != 0) {
231 QUICfatal(connection
, QUIC_STREAM_STATE_ERROR
, ERR_R_INTERNAL_ERROR
);
237 static int depack_do_frame_stop_sending(PACKET
*pkt
,
238 QUIC_CONNECTION
*connection
,
239 OSSL_ACKM_RX_PKT
*ackm_data
)
241 OSSL_QUIC_FRAME_STOP_SENDING frame_data
;
242 QUIC_STREAM
*stream
= NULL
;
245 if (!ossl_quic_wire_decode_frame_stop_sending(pkt
, &frame_data
))
248 /* This frame makes the packet ACK eliciting */
249 ackm_data
->is_ack_eliciting
= 1;
251 if ((stream
= ssl_get_stream(connection
, frame_data
.stream_id
)) == NULL
)
253 stream_type
= ssl_get_stream_type(stream
);
255 ssl_close_stream(stream
, SHUT_RD
); /* Reuse shutdown(2) symbols */
256 if ((stream_type
& SSL_STREAM_TYPE_R
) != 0) {
257 QUICfatal(connection
, QUIC_STREAM_STATE_ERROR
, ERR_R_INTERNAL_ERROR
);
263 static int depack_do_frame_crypto(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
264 OSSL_ACKM_RX_PKT
*ackm_data
)
266 OSSL_QUIC_FRAME_CRYPTO frame_data
;
268 if (!ossl_quic_wire_decode_frame_crypto(pkt
, &frame_data
))
271 /* This frame makes the packet ACK eliciting */
272 ackm_data
->is_ack_eliciting
= 1;
274 /* TODO(QUIC): ADD CODE to send |frame_data.data| to the handshake manager */
279 static int depack_do_frame_new_token(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
280 OSSL_ACKM_RX_PKT
*ackm_data
)
282 const uint8_t *token
;
285 if (!ossl_quic_wire_decode_frame_new_token(pkt
, &token
, &token_len
))
288 /* This frame makes the packet ACK eliciting */
289 ackm_data
->is_ack_eliciting
= 1;
291 /* TODO(QUIC): ADD CODE to send |token| to the session manager */
296 static int depack_do_frame_stream(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
297 OSSL_QRX_PKT
*parent_pkt
,
298 OSSL_ACKM_RX_PKT
*ackm_data
)
300 OSSL_QUIC_FRAME_STREAM frame_data
;
303 if (!ossl_quic_wire_decode_frame_stream(pkt
, &frame_data
))
306 /* This frame makes the packet ACK eliciting */
307 ackm_data
->is_ack_eliciting
= 1;
310 * TODO(QUIC): ASSUMPTION: ssl_get_stream() gets a QUIC_STREAM from a
311 * QUIC_CONNECTION by stream ID.
313 if ((stream
= ssl_get_stream(connection
, frame_data
.stream_id
)) == NULL
)
316 * TODO(QUIC): ASSUMPTION: ssl_queue_data() knows what to do with
317 * |frame_data.offset| and |frame_data.is_fin|.
319 if (!ssl_queue_data(stream
, parent_pkt
, frame_data
.data
, frame_data
.len
,
320 frame_data
.offset
, frame_data
.is_fin
))
325 static int depack_do_frame_max_data(PACKET
*pkt
, QUIC_CONNECTION
*connection
,
326 OSSL_ACKM_RX_PKT
*ackm_data
)
328 uint64_t max_data
= 0;
330 if (!ossl_quic_wire_decode_frame_max_data(pkt
, &max_data
))
333 /* This frame makes the packet ACK eliciting */
334 ackm_data
->is_ack_eliciting
= 1;
336 /* TODO(QUIC): ADD CODE to send |max_data| to flow control */
341 static int depack_do_frame_max_stream_data(PACKET
*pkt
,
342 QUIC_CONNECTION
*connection
,
343 OSSL_ACKM_RX_PKT
*ackm_data
)
345 uint64_t stream_id
= 0;
346 uint64_t max_stream_data
= 0;
348 if (!ossl_quic_wire_decode_frame_max_stream_data(pkt
, &stream_id
,
352 /* This frame makes the packet ACK eliciting */
353 ackm_data
->is_ack_eliciting
= 1;
355 /* TODO(QUIC): ADD CODE to send |max_stream_data| to flow control */
360 static int depack_do_frame_max_streams(PACKET
*pkt
,
361 QUIC_CONNECTION
*connection
,
362 OSSL_ACKM_RX_PKT
*ackm_data
)
364 uint64_t max_streams
= 0;
366 if (!ossl_quic_wire_decode_frame_max_streams(pkt
, &max_streams
))
369 /* This frame makes the packet ACK eliciting */
370 ackm_data
->is_ack_eliciting
= 1;
372 /* TODO(QUIC): ADD CODE to send |max_streams| to the connection manager */
377 static int depack_do_frame_data_blocked(PACKET
*pkt
,
378 QUIC_CONNECTION
*connection
,
379 OSSL_ACKM_RX_PKT
*ackm_data
)
381 uint64_t max_data
= 0;
383 if (!ossl_quic_wire_decode_frame_data_blocked(pkt
, &max_data
))
386 /* This frame makes the packet ACK eliciting */
387 ackm_data
->is_ack_eliciting
= 1;
389 /* TODO(QUIC): ADD CODE to send |max_data| to flow control */
394 static int depack_do_frame_stream_data_blocked(PACKET
*pkt
,
395 QUIC_CONNECTION
*connection
,
396 OSSL_ACKM_RX_PKT
*ackm_data
)
398 uint64_t stream_id
= 0;
399 uint64_t max_data
= 0;
401 if (!ossl_quic_wire_decode_frame_stream_data_blocked(pkt
, &stream_id
,
405 /* This frame makes the packet ACK eliciting */
406 ackm_data
->is_ack_eliciting
= 1;
408 /* TODO(QUIC): ADD CODE to send |max_data| to flow control */
413 static int depack_do_frame_streams_blocked(PACKET
*pkt
,
414 QUIC_CONNECTION
*connection
,
415 OSSL_ACKM_RX_PKT
*ackm_data
)
417 uint64_t max_data
= 0;
419 if (!ossl_quic_wire_decode_frame_streams_blocked(pkt
, &max_data
))
422 /* This frame makes the packet ACK eliciting */
423 ackm_data
->is_ack_eliciting
= 1;
425 /* TODO(QUIC): ADD CODE to send |max_data| to connection manager */
430 static int depack_do_frame_new_conn_id(PACKET
*pkt
,
431 QUIC_CONNECTION
*connection
,
432 OSSL_ACKM_RX_PKT
*ackm_data
)
434 OSSL_QUIC_FRAME_NEW_CONN_ID frame_data
;
436 if (!ossl_quic_wire_decode_frame_new_conn_id(pkt
, &frame_data
))
439 /* This frame makes the packet ACK eliciting */
440 ackm_data
->is_ack_eliciting
= 1;
442 /* TODO(QUIC): ADD CODE to send |frame_data.data| to the connection manager */
447 static int depack_do_frame_retire_conn_id(PACKET
*pkt
,
448 QUIC_CONNECTION
*connection
,
449 OSSL_ACKM_RX_PKT
*ackm_data
)
453 if (!ossl_quic_wire_decode_frame_retire_conn_id(pkt
, &seq_num
))
456 /* This frame makes the packet ACK eliciting */
457 ackm_data
->is_ack_eliciting
= 1;
459 /* TODO(QUIC): ADD CODE to send |seq_num| to the connection manager */
463 static int depack_do_frame_path_challenge(PACKET
*pkt
,
464 QUIC_CONNECTION
*connection
,
465 OSSL_ACKM_RX_PKT
*ackm_data
)
467 uint64_t frame_data
= 0;
469 if (!ossl_quic_wire_decode_frame_path_challenge(pkt
, &frame_data
))
472 /* This frame makes the packet ACK eliciting */
473 ackm_data
->is_ack_eliciting
= 1;
475 /* TODO(QUIC): ADD CODE to send |frame_data| to the connection manager */
480 static int depack_do_frame_path_response(PACKET
*pkt
,
481 QUIC_CONNECTION
*connection
,
482 OSSL_ACKM_RX_PKT
*ackm_data
)
484 uint64_t frame_data
= 0;
486 if (!ossl_quic_wire_decode_frame_path_response(pkt
, &frame_data
))
489 /* This frame makes the packet ACK eliciting */
490 ackm_data
->is_ack_eliciting
= 1;
492 /* TODO(QUIC): ADD CODE to send |frame_data| to the connection manager */
497 static int depack_do_frame_conn_close(PACKET
*pkt
, QUIC_CONNECTION
*connection
)
499 OSSL_QUIC_FRAME_CONN_CLOSE frame_data
;
501 if (!ossl_quic_wire_decode_frame_conn_close(pkt
, &frame_data
))
504 /* TODO(QUIC): ADD CODE to send |frame_data| to the connection manager */
509 static int depack_do_frame_handshake_done(PACKET
*pkt
,
510 QUIC_CONNECTION
*connection
,
511 OSSL_ACKM_RX_PKT
*ackm_data
)
513 if (!ossl_quic_wire_decode_frame_handshake_done(pkt
))
516 /* This frame makes the packet ACK eliciting */
517 ackm_data
->is_ack_eliciting
= 1;
519 /* TODO(QUIC): ADD CODE to tell the handshake manager that we're done */
524 static int depack_do_frame_unknown_extension(PACKET
*pkt
,
525 QUIC_CONNECTION
*connection
,
526 OSSL_ACKM_RX_PKT
*ackm_data
)
529 * According to RFC 9000, 19.21. Extension Frames, extension frames
530 * should be ACK eliciting. It might be over zealous to do so for
531 * extensions OpenSSL doesn't know how to handle, but shouldn't hurt
535 /* This frame makes the packet ACK eliciting */
536 ackm_data
->is_ack_eliciting
= 1;
539 * Because we have no idea how to advance to the next frame, we return 0
540 * everywhere, thereby stopping the depacketizing process.
546 /* Main frame processor */
548 static int depack_process_frames(QUIC_CONNECTION
*connection
, PACKET
*pkt
,
549 OSSL_QRX_PKT
*parent_pkt
, int packet_space
,
550 OSSL_TIME received
, OSSL_ACKM_RX_PKT
*ackm_data
)
552 uint32_t pkt_type
= parent_pkt
->hdr
->type
;
554 while (PACKET_remaining(pkt
) > 0) {
557 if (!ossl_quic_wire_peek_frame_header(pkt
, &frame_type
))
560 switch (frame_type
) {
561 case OSSL_QUIC_FRAME_TYPE_PING
:
562 /* Allowed in all packet types */
563 if (!depack_do_frame_ping(pkt
, ackm_data
))
566 case OSSL_QUIC_FRAME_TYPE_PADDING
:
567 /* Allowed in all packet types */
568 if (!depack_do_frame_padding(pkt
))
572 case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN
:
573 case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN
:
574 /* ACK frames are valid everywhere except in 0RTT packets */
575 if (pkt_type
== QUIC_PKT_TYPE_0RTT
)
577 if (!depack_do_frame_ack(pkt
, connection
, packet_space
, received
))
581 case OSSL_QUIC_FRAME_TYPE_RESET_STREAM
:
582 /* RESET_STREAM frames are valid in 0RTT and 1RTT packets */
583 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
584 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
586 if (!depack_do_frame_reset_stream(pkt
, connection
, ackm_data
))
589 case OSSL_QUIC_FRAME_TYPE_STOP_SENDING
:
590 /* STOP_SENDING frames are valid in 0RTT and 1RTT packets */
591 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
592 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
594 if (!depack_do_frame_stop_sending(pkt
, connection
, ackm_data
))
597 case OSSL_QUIC_FRAME_TYPE_CRYPTO
:
598 /* CRYPTO frames are valid everywhere except in 0RTT packets */
599 if (pkt_type
== QUIC_PKT_TYPE_0RTT
)
601 if (!depack_do_frame_crypto(pkt
, connection
, ackm_data
))
604 case OSSL_QUIC_FRAME_TYPE_NEW_TOKEN
:
605 /* NEW_TOKEN frames are valid in 1RTT packets */
606 if (pkt_type
!= QUIC_PKT_TYPE_1RTT
)
608 if (!depack_do_frame_new_token(pkt
, connection
, ackm_data
))
612 case OSSL_QUIC_FRAME_TYPE_STREAM
:
613 case OSSL_QUIC_FRAME_TYPE_STREAM_FIN
:
614 case OSSL_QUIC_FRAME_TYPE_STREAM_LEN
:
615 case OSSL_QUIC_FRAME_TYPE_STREAM_LEN_FIN
:
616 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF
:
617 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_FIN
:
618 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN
:
619 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN_FIN
:
620 /* STREAM frames are valid in 0RTT and 1RTT packets */
621 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
622 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
624 if (!depack_do_frame_stream(pkt
, connection
, parent_pkt
, ackm_data
))
628 case OSSL_QUIC_FRAME_TYPE_MAX_DATA
:
629 /* MAX_DATA frames are valid in 0RTT and 1RTT packets */
630 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
631 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
633 if (!depack_do_frame_max_data(pkt
, connection
, ackm_data
))
636 case OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA
:
637 /* MAX_STREAM_DATA frames are valid in 0RTT and 1RTT packets */
638 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
639 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
641 if (!depack_do_frame_max_stream_data(pkt
, connection
, ackm_data
))
645 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI
:
646 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI
:
647 /* MAX_STREAMS frames are valid in 0RTT and 1RTT packets */
648 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
649 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
651 if (!depack_do_frame_max_streams(pkt
, connection
, ackm_data
))
655 case OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED
:
656 /* DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */
657 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
658 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
660 if (!depack_do_frame_data_blocked(pkt
, connection
, ackm_data
))
663 case OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED
:
664 /* STREAM_DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */
665 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
666 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
668 if (!depack_do_frame_stream_data_blocked(pkt
, connection
, ackm_data
))
672 case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI
:
673 case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI
:
674 /* STREAMS_BLOCKED frames are valid in 0RTT and 1RTT packets */
675 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
676 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
678 if (!depack_do_frame_streams_blocked(pkt
, connection
, ackm_data
))
682 case OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID
:
683 /* NEW_CONN_ID frames are valid in 0RTT and 1RTT packets */
684 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
685 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
687 if (!depack_do_frame_new_conn_id(pkt
, connection
, ackm_data
))
690 case OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID
:
691 /* RETIRE_CONN_ID frames are valid in 0RTT and 1RTT packets */
692 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
693 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
695 if (!depack_do_frame_retire_conn_id(pkt
, connection
, ackm_data
))
698 case OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE
:
699 /* PATH_CHALLENGE frames are valid in 0RTT and 1RTT packets */
700 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
701 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
703 if (!depack_do_frame_path_challenge(pkt
, connection
, ackm_data
))
706 case OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE
:
707 /* PATH_RESPONSE frames are valid in 1RTT packets */
708 if (pkt_type
!= QUIC_PKT_TYPE_1RTT
)
710 if (!depack_do_frame_path_response(pkt
, connection
, ackm_data
))
714 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP
:
715 /* CONN_CLOSE_APP frames are valid in 0RTT and 1RTT packets */
716 if (pkt_type
!= QUIC_PKT_TYPE_0RTT
717 && pkt_type
!= QUIC_PKT_TYPE_1RTT
)
720 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT
:
721 /* CONN_CLOSE_TRANSPORT frames are valid in all packets */
722 if (!depack_do_frame_conn_close(pkt
, connection
))
726 case OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE
:
727 /* HANDSHAKE_DONE frames are valid in 1RTT packets */
728 if (pkt_type
!= QUIC_PKT_TYPE_1RTT
)
730 if (!depack_do_frame_handshake_done(pkt
, connection
, ackm_data
))
735 /* Unknown frame type. */
736 if (!depack_do_frame_unknown_extension(pkt
, connection
, ackm_data
))
746 int ossl_quic_handle_frames(QUIC_CONNECTION
*connection
, OSSL_QRX_PKT
*qpacket
)
749 OSSL_ACKM_RX_PKT ackm_data
;
751 * ok has three states:
752 * -1 error with ackm_data uninitialized
753 * 0 error with ackm_data initialized
754 * 1 success (ackm_data initialized)
756 int ok
= -1; /* Assume the worst */
758 if (connection
== NULL
)
761 /* Initialize |ackm_data| (and reinitialize |ok|)*/
762 memset(&ackm_data
, 0, sizeof(ackm_data
));
764 * TODO(QUIC): ASSUMPTION: All packets that aren't special case have a
767 ackm_data
.pkt_num
= qpacket
->pn
;
768 ackm_data
.time
= qpacket
->time
;
769 switch (qpacket
->hdr
->type
) {
770 case QUIC_PKT_TYPE_INITIAL
:
771 ackm_data
.pkt_space
= QUIC_PN_SPACE_INITIAL
;
773 case QUIC_PKT_TYPE_HANDSHAKE
:
774 ackm_data
.pkt_space
= QUIC_PN_SPACE_HANDSHAKE
;
776 case QUIC_PKT_TYPE_0RTT
:
777 case QUIC_PKT_TYPE_1RTT
:
778 ackm_data
.pkt_space
= QUIC_PN_SPACE_APP
;
781 ok
= 0; /* Still assume the worst */
783 /* Handle special cases */
784 if (qpacket
->hdr
->type
== QUIC_PKT_TYPE_RETRY
) {
785 /* TODO(QUIC): ADD CODE to handle a retry */
787 } else if (qpacket
->hdr
->type
== QUIC_PKT_TYPE_VERSION_NEG
) {
788 /* TODO(QUIC): ADD CODE to handle version negotiation */
792 /* Now that special cases are out of the way, parse frames */
793 if (!PACKET_buf_init(&pkt
, qpacket
->hdr
->data
, qpacket
->hdr
->len
)
794 || !depack_process_frames(connection
, &pkt
, qpacket
,
795 ackm_data
.pkt_space
, qpacket
->time
,
803 * TODO(QUIC): ASSUMPTION: If this function is called at all, |qpacket| is
804 * a legitimate packet, even if its contents aren't.
805 * Therefore, we call ossl_ackm_on_rx_packet() unconditionally, as long as
806 * |ackm_data| has at least been initialized.
809 ossl_ackm_on_rx_packet(GET_CONN_ACKM(connection
), &ackm_data
);
812 * Release the ref to the packet. This will free the packet unless something
813 * in our processing above has added a reference to it.
815 ossl_qrx_pkt_release(qpacket
);
819 int ossl_quic_depacketize(QUIC_CONNECTION
*connection
)
821 OSSL_QRX_PKT
*qpacket
= NULL
;
823 if (connection
== NULL
)
826 /* Try to read a packet from the read record layer */
827 memset(&qpacket
, 0, sizeof(qpacket
));
828 if (ossl_qrx_read_pkt(GET_CONN_QRX(connection
), &qpacket
) <= 0)
831 return ossl_quic_handle_frames(connection
, qpacket
);