From: Frédéric Lécaille Date: Mon, 27 Nov 2023 09:30:41 +0000 (+0100) Subject: REORG: quic: Move QUIC CRYPTO stream definitions/declarations to QUIC TLS X-Git-Tag: v2.9-dev12~66 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=831764641f800347ce325f9a64f72f8dd002e1be;p=thirdparty%2Fhaproxy.git REORG: quic: Move QUIC CRYPTO stream definitions/declarations to QUIC TLS Move quic_cstream struct definition from quic_conn-t.h to quic_tls-t.h. Its pool is also moved from quic_conn module to quic_tls. Same thing for quic_cstream_new() and quic_cstream_free(). --- diff --git a/include/haproxy/quic_conn-t.h b/include/haproxy/quic_conn-t.h index b7eb7d44c8..087dfd6930 100644 --- a/include/haproxy/quic_conn-t.h +++ b/include/haproxy/quic_conn-t.h @@ -235,21 +235,6 @@ extern const struct quic_version *preferred_version; /* The maximum number of bytes of CRYPTO data in flight during handshakes. */ #define QUIC_CRYPTO_IN_FLIGHT_MAX 4096 -/* Crypto data stream (one by encryption level) */ -struct quic_cstream { - struct { - uint64_t offset; /* absolute current base offset of ncbuf */ - struct ncbuf ncbuf; /* receive buffer - can handle out-of-order offset frames */ - } rx; - struct { - uint64_t offset; /* last offset of data ready to be sent */ - uint64_t sent_offset; /* last offset sent by transport layer */ - struct buffer buf; /* transmit buffer before sending via xprt */ - } tx; - - struct qc_stream_desc *desc; -}; - struct quic_path { /* Control congestion. */ struct quic_cc cc; diff --git a/include/haproxy/quic_tls-t.h b/include/haproxy/quic_tls-t.h index edbbeeff5b..e74e5a9559 100644 --- a/include/haproxy/quic_tls-t.h +++ b/include/haproxy/quic_tls-t.h @@ -219,6 +219,21 @@ struct quic_crypto_buf { size_t sz; }; +/* Crypto data stream (one by encryption level) */ +struct quic_cstream { + struct { + uint64_t offset; /* absolute current base offset of ncbuf */ + struct ncbuf ncbuf; /* receive buffer - can handle out-of-order offset frames */ + } rx; + struct { + uint64_t offset; /* last offset of data ready to be sent */ + uint64_t sent_offset; /* last offset sent by transport layer */ + struct buffer buf; /* transmit buffer before sending via xprt */ + } tx; + + struct qc_stream_desc *desc; +}; + struct quic_enc_level { struct list list; /* Attach point to enqueue this encryption level during retransmissions */ diff --git a/src/quic_conn.c b/src/quic_conn.c index 334f7dccae..35c3c6fb7c 100644 --- a/src/quic_conn.c +++ b/src/quic_conn.c @@ -137,7 +137,6 @@ DECLARE_STATIC_POOL(pool_head_quic_cc_conn, "quic_cc_conn", sizeof(struct quic_c DECLARE_STATIC_POOL(pool_head_quic_cids, "quic_cids", sizeof(struct eb_root)); DECLARE_POOL(pool_head_quic_connection_id, "quic_connection_id", sizeof(struct quic_connection_id)); -DECLARE_STATIC_POOL(pool_head_quic_cstream, "quic_cstream", sizeof(struct quic_cstream)); struct task *quic_conn_app_io_cb(struct task *t, void *context, unsigned int state); static int quic_conn_init_timer(struct quic_conn *qc); @@ -791,57 +790,6 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state) return t; } -/* Release the memory allocated for CRYPTO stream */ -void quic_cstream_free(struct quic_cstream *cs) -{ - if (!cs) { - /* This is the case for ORTT encryption level */ - return; - } - - quic_free_ncbuf(&cs->rx.ncbuf); - - qc_stream_desc_release(cs->desc); - pool_free(pool_head_quic_cstream, cs); -} - -/* Allocate a new QUIC stream for . - * Return it if succeeded, NULL if not. - */ -struct quic_cstream *quic_cstream_new(struct quic_conn *qc) -{ - struct quic_cstream *cs, *ret_cs = NULL; - - TRACE_ENTER(QUIC_EV_CONN_LPKT, qc); - cs = pool_alloc(pool_head_quic_cstream); - if (!cs) { - TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc); - goto leave; - } - - cs->rx.offset = 0; - cs->rx.ncbuf = NCBUF_NULL; - cs->rx.offset = 0; - - cs->tx.offset = 0; - cs->tx.sent_offset = 0; - cs->tx.buf = BUF_NULL; - cs->desc = qc_stream_desc_new((uint64_t)-1, -1, cs, qc); - if (!cs->desc) { - TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc); - goto err; - } - - ret_cs = cs; - leave: - TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc); - return ret_cs; - - err: - pool_free(pool_head_quic_cstream, cs); - goto leave; -} - /* Callback called upon loss detection and PTO timer expirations. */ struct task *qc_process_timer(struct task *task, void *ctx, unsigned int state) { diff --git a/src/quic_tls.c b/src/quic_tls.c index a75f012153..7e18a39264 100644 --- a/src/quic_tls.c +++ b/src/quic_tls.c @@ -11,6 +11,8 @@ #include #include #include +#include +#include DECLARE_POOL(pool_head_quic_enc_level, "quic_enc_level", sizeof(struct quic_enc_level)); @@ -21,6 +23,7 @@ DECLARE_POOL(pool_head_quic_tls_iv, "quic_tls_iv", QUIC_TLS_IV_LEN); DECLARE_POOL(pool_head_quic_tls_key, "quic_tls_key", QUIC_TLS_KEY_LEN); DECLARE_POOL(pool_head_quic_crypto_buf, "quic_crypto_buf", sizeof(struct quic_crypto_buf)); +DECLARE_STATIC_POOL(pool_head_quic_cstream, "quic_cstream", sizeof(struct quic_cstream)); /* Initial salt depending on QUIC version to derive client/server initial secrets. * This one is for draft-29 QUIC version. @@ -112,6 +115,57 @@ void quic_tls_secret_hexdump(struct buffer *buf, chunk_appendf(buf, "%02x", secret[i]); } +/* Release the memory allocated for CRYPTO stream */ +void quic_cstream_free(struct quic_cstream *cs) +{ + if (!cs) { + /* This is the case for ORTT encryption level */ + return; + } + + quic_free_ncbuf(&cs->rx.ncbuf); + + qc_stream_desc_release(cs->desc); + pool_free(pool_head_quic_cstream, cs); +} + +/* Allocate a new QUIC stream for . + * Return it if succeeded, NULL if not. + */ +struct quic_cstream *quic_cstream_new(struct quic_conn *qc) +{ + struct quic_cstream *cs, *ret_cs = NULL; + + TRACE_ENTER(QUIC_EV_CONN_LPKT, qc); + cs = pool_alloc(pool_head_quic_cstream); + if (!cs) { + TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc); + goto leave; + } + + cs->rx.offset = 0; + cs->rx.ncbuf = NCBUF_NULL; + cs->rx.offset = 0; + + cs->tx.offset = 0; + cs->tx.sent_offset = 0; + cs->tx.buf = BUF_NULL; + cs->desc = qc_stream_desc_new((uint64_t)-1, -1, cs, qc); + if (!cs->desc) { + TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc); + goto err; + } + + ret_cs = cs; + leave: + TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc); + return ret_cs; + + err: + pool_free(pool_head_quic_cstream, cs); + goto leave; +} + /* Uninitialize QUIC encryption level. Never fails. */ void quic_conn_enc_level_uninit(struct quic_conn *qc, struct quic_enc_level *qel) {