From: Amaury Denoyelle Date: Fri, 8 Mar 2024 16:47:03 +0000 (+0100) Subject: MINOR: quic: remove qc_treat_rx_crypto_frms() X-Git-Tag: v3.0-dev6~111 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c499d66f375212414b36aac9880275ab7387bbe2;p=thirdparty%2Fhaproxy.git MINOR: quic: remove qc_treat_rx_crypto_frms() This commit removes qc_treat_rx_crypto_frms(). This function was used in a single place inside qc_ssl_provide_all_quic_data(). Besides, its naming was confusing as conceptually it is directly linked to quic_ssl module instead of quic_rx. Thus, body of qc_treat_rx_crypto_frms() is inlined directly inside qc_ssl_provide_all_quic_data(). Also, qc_ssl_provide_quic_data() is now only used inside quic_ssl to its scope is set to static. Overall, API for CRYPTO frame handling is now cleaner. --- diff --git a/include/haproxy/quic_rx.h b/include/haproxy/quic_rx.h index 494bc4a2d5..3e65acb086 100644 --- a/include/haproxy/quic_rx.h +++ b/include/haproxy/quic_rx.h @@ -30,8 +30,6 @@ int quic_dgram_parse(struct quic_dgram *dgram, struct quic_conn *from_qc, int qc_treat_rx_pkts(struct quic_conn *qc); int qc_parse_hd_form(struct quic_rx_packet *pkt, unsigned char **pos, const unsigned char *end); -int qc_treat_rx_crypto_frms(struct quic_conn *qc, struct quic_enc_level *el, - struct ssl_sock_ctx *ctx); int qc_handle_frms_of_lost_pkt(struct quic_conn *qc, struct quic_tx_packet *pkt, struct list *pktns_frm_list); diff --git a/include/haproxy/quic_ssl.h b/include/haproxy/quic_ssl.h index 8f7df47795..a84f5fffcc 100644 --- a/include/haproxy/quic_ssl.h +++ b/include/haproxy/quic_ssl.h @@ -35,10 +35,6 @@ int ssl_quic_initial_ctx(struct bind_conf *bind_conf); int qc_alloc_ssl_sock_ctx(struct quic_conn *qc); -int qc_ssl_provide_quic_data(struct ncbuf *ncbuf, - enum ssl_encryption_level_t level, - struct ssl_sock_ctx *ctx, - const unsigned char *data, size_t len); int qc_ssl_provide_all_quic_data(struct quic_conn *qc, struct ssl_sock_ctx *ctx); static inline void qc_free_ssl_sock_ctx(struct ssl_sock_ctx **ctx) diff --git a/src/quic_rx.c b/src/quic_rx.c index 433e6ae5c8..c6a23f3ce6 100644 --- a/src/quic_rx.c +++ b/src/quic_rx.c @@ -1155,50 +1155,6 @@ static void qc_rm_hp_pkts(struct quic_conn *qc, struct quic_enc_level *el) TRACE_LEAVE(QUIC_EV_CONN_ELRMHP, qc); } -/* Process all the CRYPTO frame at encryption level. This is the - * responsibility of the called to ensure there exists a CRYPTO data - * stream for this level. - * Return 1 if succeeded, 0 if not. - */ -int qc_treat_rx_crypto_frms(struct quic_conn *qc, struct quic_enc_level *el, - struct ssl_sock_ctx *ctx) -{ - int ret = 0; - struct ncbuf *ncbuf; - struct quic_cstream *cstream = el->cstream; - ncb_sz_t data; - - TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc); - - BUG_ON(!cstream); - ncbuf = &cstream->rx.ncbuf; - if (ncb_is_null(ncbuf)) - goto done; - - /* TODO not working if buffer is wrapping */ - while ((data = ncb_data(ncbuf, 0))) { - const unsigned char *cdata = (const unsigned char *)ncb_head(ncbuf); - - if (!qc_ssl_provide_quic_data(&el->cstream->rx.ncbuf, el->level, - ctx, cdata, data)) - goto leave; - - cstream->rx.offset += data; - TRACE_DEVEL("buffered crypto data were provided to TLS stack", - QUIC_EV_CONN_PHPKTS, qc, el); - } - - done: - ret = 1; - leave: - if (!ncb_is_null(ncbuf) && ncb_is_empty(ncbuf)) { - TRACE_DEVEL("freeing crypto buf", QUIC_EV_CONN_PHPKTS, qc, el); - quic_free_ncbuf(ncbuf); - } - TRACE_LEAVE(QUIC_EV_CONN_PHPKTS, qc); - return ret; -} - /* Check if it's possible to remove header protection for packets related to * encryption level . If is NULL, assume it's false. * diff --git a/src/quic_ssl.c b/src/quic_ssl.c index 5af2417d64..d7f112d992 100644 --- a/src/quic_ssl.c +++ b/src/quic_ssl.c @@ -2,7 +2,6 @@ #include #include #include -#include #include #include #include @@ -501,10 +500,10 @@ static forceinline void qc_ssl_dump_errors(struct connection *conn) * Remaining parameter are there for debugging purposes. * Return 1 if succeeded, 0 if not. */ -int qc_ssl_provide_quic_data(struct ncbuf *ncbuf, - enum ssl_encryption_level_t level, - struct ssl_sock_ctx *ctx, - const unsigned char *data, size_t len) +static int qc_ssl_provide_quic_data(struct ncbuf *ncbuf, + enum ssl_encryption_level_t level, + struct ssl_sock_ctx *ctx, + const unsigned char *data, size_t len) { #ifdef DEBUG_STRICT enum ncb_ret ncb_ret; @@ -666,6 +665,8 @@ int qc_ssl_provide_all_quic_data(struct quic_conn *qc, struct ssl_sock_ctx *ctx) { int ret = 0; struct quic_enc_level *qel; + struct ncbuf *ncbuf; + ncb_sz_t data; TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc); list_for_each_entry(qel, &qc->qel_list, list) { @@ -674,8 +675,27 @@ int qc_ssl_provide_all_quic_data(struct quic_conn *qc, struct ssl_sock_ctx *ctx) if (!cstream) continue; - if (!qc_treat_rx_crypto_frms(qc, qel, ctx)) - goto leave; + ncbuf = &cstream->rx.ncbuf; + if (ncb_is_null(ncbuf)) + continue; + + /* TODO not working if buffer is wrapping */ + while ((data = ncb_data(ncbuf, 0))) { + const unsigned char *cdata = (const unsigned char *)ncb_head(ncbuf); + + if (!qc_ssl_provide_quic_data(&qel->cstream->rx.ncbuf, qel->level, + ctx, cdata, data)) + goto leave; + + cstream->rx.offset += data; + TRACE_DEVEL("buffered crypto data were provided to TLS stack", + QUIC_EV_CONN_PHPKTS, qc, qel); + } + + if (!ncb_is_null(ncbuf) && ncb_is_empty(ncbuf)) { + TRACE_DEVEL("freeing crypto buf", QUIC_EV_CONN_PHPKTS, qc, qel); + quic_free_ncbuf(ncbuf); + } } ret = 1;