From 838024e07e6c60819a30c3e7b68d9432b970d236 Mon Sep 17 00:00:00 2001 From: Frederic Lecaille Date: Wed, 16 Jul 2025 16:35:31 +0200 Subject: [PATCH] MINOR: quic: Get rid of qc_is_listener() Replace all calls to qc_is_listener() (resp. !qc_is_listener()) by calls to objt_listener() (resp. objt_server()). Remove qc_is_listener() implement and QUIC_FL_CONN_LISTENER the flag it relied on. --- include/haproxy/quic_conn-t.h | 5 ++--- include/haproxy/quic_conn.h | 5 ----- src/quic_conn.c | 18 +++++++++--------- src/quic_openssl_compat.c | 8 ++++---- src/quic_retransmit.c | 4 ++-- src/quic_rx.c | 12 ++++++------ src/quic_ssl.c | 14 +++++++------- src/quic_tx.c | 2 +- 8 files changed, 31 insertions(+), 37 deletions(-) diff --git a/include/haproxy/quic_conn-t.h b/include/haproxy/quic_conn-t.h index 0b7fac7ec3..894fba723b 100644 --- a/include/haproxy/quic_conn-t.h +++ b/include/haproxy/quic_conn-t.h @@ -448,7 +448,7 @@ struct quic_conn_closed { #define QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED (1U << 0) #define QUIC_FL_CONN_SPIN_BIT (1U << 1) /* Spin bit set by remote peer */ #define QUIC_FL_CONN_NEED_POST_HANDSHAKE_FRMS (1U << 2) /* HANDSHAKE_DONE must be sent */ -#define QUIC_FL_CONN_LISTENER (1U << 3) +/* gap here */ #define QUIC_FL_CONN_ACCEPT_REGISTERED (1U << 4) /* gap here */ #define QUIC_FL_CONN_IDLE_TIMER_RESTARTED_AFTER_READ (1U << 6) @@ -488,7 +488,6 @@ static forceinline char *qc_show_flags(char *buf, size_t len, const char *delim, _(QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED, _(QUIC_FL_CONN_SPIN_BIT, _(QUIC_FL_CONN_NEED_POST_HANDSHAKE_FRMS, - _(QUIC_FL_CONN_LISTENER, _(QUIC_FL_CONN_ACCEPT_REGISTERED, _(QUIC_FL_CONN_IDLE_TIMER_RESTARTED_AFTER_READ, _(QUIC_FL_CONN_RETRANS_NEEDED, @@ -508,7 +507,7 @@ static forceinline char *qc_show_flags(char *buf, size_t len, const char *delim, _(QUIC_FL_CONN_EXP_TIMER, _(QUIC_FL_CONN_CLOSING, _(QUIC_FL_CONN_DRAINING, - _(QUIC_FL_CONN_IMMEDIATE_CLOSE)))))))))))))))))))))))); + _(QUIC_FL_CONN_IMMEDIATE_CLOSE))))))))))))))))))))))); /* epilogue */ _(~0U); return buf; diff --git a/include/haproxy/quic_conn.h b/include/haproxy/quic_conn.h index 9bc073df38..7e6adf51d2 100644 --- a/include/haproxy/quic_conn.h +++ b/include/haproxy/quic_conn.h @@ -82,11 +82,6 @@ void qc_check_close_on_released_mux(struct quic_conn *qc); int quic_stateless_reset_token_cpy(unsigned char *pos, size_t len, const unsigned char *salt, size_t saltlen); -static inline int qc_is_listener(struct quic_conn *qc) -{ - return qc->flags & QUIC_FL_CONN_LISTENER; -} - /* Free the CIDs attached to QUIC connection. */ static inline void free_quic_conn_cids(struct quic_conn *conn) { diff --git a/src/quic_conn.c b/src/quic_conn.c index c892d281a8..e8cf8d5f69 100644 --- a/src/quic_conn.c +++ b/src/quic_conn.c @@ -151,7 +151,7 @@ static int quic_conn_init_idle_timer_task(struct quic_conn *qc, struct proxy *px /* Returns 1 if the peer has validated QUIC connection address, 0 if not. */ int quic_peer_validated_addr(struct quic_conn *qc) { - if (!qc_is_listener(qc)) + if (objt_server(qc->target)) return 1; if (qc->flags & QUIC_FL_CONN_PEER_VALIDATED_ADDR) @@ -478,7 +478,7 @@ int quic_build_post_handshake_frames(struct quic_conn *qc) qel = qc->ael; /* Only servers must send a HANDSHAKE_DONE frame. */ - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { size_t new_token_frm_len; frm = qc_frm_alloc(QUIC_FT_HANDSHAKE_DONE); @@ -830,7 +830,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state) st = qc->state; - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { if (st >= QUIC_HS_ST_COMPLETE && !quic_tls_pktns_is_dcd(qc, qc->hpktns)) discard_hpktns = 1; } @@ -846,13 +846,13 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state) qc_set_timer(qc); qc_el_rx_pkts_del(qc->hel); qc_release_pktns_frms(qc, qc->hel->pktns); - if (!qc_is_listener(qc)) { + if (objt_server(qc->target)) { /* I/O callback switch */ qc->wait_event.tasklet->process = quic_conn_app_io_cb; } } - if (qc_is_listener(qc) && st >= QUIC_HS_ST_COMPLETE) { + if (objt_listener(qc->target) && st >= QUIC_HS_ST_COMPLETE) { /* Note: if no token for address validation was received * for a 0RTT connection, some 0RTT packet could still be * waiting for HP removal AFTER the successful handshake completion. @@ -918,7 +918,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state) * discard Initial keys when it first sends a Handshake packet... */ - if (!qc_is_listener(qc) && !quic_tls_pktns_is_dcd(qc, qc->ipktns) && + if (objt_server(qc->target) && !quic_tls_pktns_is_dcd(qc, qc->ipktns) && qc->hpktns && qc->hpktns->tx.in_flight > 0) { /* Discard the Initial packet number space. */ TRACE_PROTO("discarding Initial pktns", QUIC_EV_CONN_PRSHPKT, qc); @@ -1034,7 +1034,7 @@ struct task *qc_process_timer(struct task *task, void *ctx, unsigned int state) } } } - else if (!qc_is_listener(qc) && qc->state <= QUIC_HS_ST_COMPLETE) { + else if (objt_server(qc->target) && qc->state <= QUIC_HS_ST_COMPLETE) { if (quic_tls_has_tx_sec(qc->hel)) qc->hel->pktns->tx.pto_probe = 1; if (quic_tls_has_tx_sec(qc->iel)) @@ -1182,7 +1182,7 @@ struct quic_conn *qc_new_conn(const struct quic_version *qv, int ipv4, if (l) { cc_algo = l->bind_conf->quic_cc_algo; - qc->flags = QUIC_FL_CONN_LISTENER; + qc->flags = 0; /* Mark this connection as having not received any token when 0-RTT is enabled. */ if (l->bind_conf->ssl_conf.early_data && !token) qc->flags |= QUIC_FL_CONN_NO_TOKEN_RCVD; @@ -1608,7 +1608,7 @@ int quic_conn_release(struct quic_conn *qc) /* Connection released before handshake completion. */ if (unlikely(qc->state < QUIC_HS_ST_COMPLETE)) { - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { BUG_ON(__objt_listener(qc->target)->rx.quic_curr_handshake == 0); HA_ATOMIC_DEC(&__objt_listener(qc->target)->rx.quic_curr_handshake); } diff --git a/src/quic_openssl_compat.c b/src/quic_openssl_compat.c index f293419e3d..57e679b3d9 100644 --- a/src/quic_openssl_compat.c +++ b/src/quic_openssl_compat.c @@ -150,22 +150,22 @@ void quic_tls_compat_keylog_callback(const SSL *ssl, const char *line) if (sizeof(QUIC_OPENSSL_COMPAT_CLIENT_HANDSHAKE) - 1 == n && !strncmp(start, QUIC_OPENSSL_COMPAT_CLIENT_HANDSHAKE, n)) { level = ssl_encryption_handshake; - write = qc_is_listener(qc) ? 0 : 1; + write = objt_listener(qc->target) ? 0 : 1; } else if (sizeof(QUIC_OPENSSL_COMPAT_SERVER_HANDSHAKE) - 1 == n && !strncmp(start, QUIC_OPENSSL_COMPAT_SERVER_HANDSHAKE, n)) { level = ssl_encryption_handshake; - write = qc_is_listener(qc) ? 1 : 0; + write = objt_listener(qc->target) ? 1 : 0; } else if (sizeof(QUIC_OPENSSL_COMPAT_CLIENT_APPLICATION) - 1 == n && !strncmp(start, QUIC_OPENSSL_COMPAT_CLIENT_APPLICATION, n)) { level = ssl_encryption_application; - write = qc_is_listener(qc) ? 0 : 1; + write = objt_listener(qc->target) ? 0 : 1; } else if (sizeof(QUIC_OPENSSL_COMPAT_SERVER_APPLICATION) - 1 == n && !strncmp(start, QUIC_OPENSSL_COMPAT_SERVER_APPLICATION, n)) { level = ssl_encryption_application; - write = qc_is_listener(qc) ? 1 : 0; + write = objt_listener(qc->target) ? 1 : 0; } else goto leave; diff --git a/src/quic_retransmit.c b/src/quic_retransmit.c index a8b8e99b93..770512feb1 100644 --- a/src/quic_retransmit.c +++ b/src/quic_retransmit.c @@ -166,7 +166,7 @@ void qc_prep_fast_retrans(struct quic_conn *qc, /* When building a packet from another one, the field which may increase the * packet size is the packet number. And the maximum increase is 4 bytes. */ - if (!quic_peer_validated_addr(qc) && qc_is_listener(qc) && + if (!quic_peer_validated_addr(qc) && objt_listener(qc->target) && pkt->len + 4 > quic_may_send_bytes(qc)) { qc->flags |= QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED; TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt); @@ -230,7 +230,7 @@ void qc_prep_hdshk_fast_retrans(struct quic_conn *qc, /* When building a packet from another one, the field which may increase the * packet size is the packet number. And the maximum increase is 4 bytes. */ - if (!quic_peer_validated_addr(qc) && qc_is_listener(qc)) { + if (!quic_peer_validated_addr(qc) && objt_listener(qc->target)) { size_t dglen = pkt->len + 4; size_t may_send; diff --git a/src/quic_rx.c b/src/quic_rx.c index 9a61c8e9ac..ba501473de 100644 --- a/src/quic_rx.c +++ b/src/quic_rx.c @@ -920,7 +920,7 @@ static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt, break; case QUIC_RX_RET_FRM_DUP: - if (qc_is_listener(qc) && qel == qc->iel && + if (objt_listener(qc->target) && qel == qc->iel && !(qc->flags & QUIC_FL_CONN_HANDSHAKE_SPEED_UP)) { fast_retrans = 1; } @@ -936,7 +936,7 @@ static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt, break; case QUIC_FT_NEW_TOKEN: - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { TRACE_ERROR("reject NEW_TOKEN frame emitted by client", QUIC_EV_CONN_PRSHPKT, qc); @@ -1096,7 +1096,7 @@ static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt, } break; case QUIC_FT_HANDSHAKE_DONE: - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { TRACE_ERROR("non accepted QUIC_FT_HANDSHAKE_DONE frame", QUIC_EV_CONN_PRSHPKT, qc); @@ -1186,7 +1186,7 @@ static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt, * has successfully parse a Handshake packet. The Initial encryption must also * be discarded. */ - if (pkt->type == QUIC_PACKET_TYPE_HANDSHAKE && qc_is_listener(qc)) { + if (pkt->type == QUIC_PACKET_TYPE_HANDSHAKE && objt_listener(qc->target)) { if (qc->state >= QUIC_HS_ST_SERVER_INITIAL) { if (qc->ipktns && !quic_tls_pktns_is_dcd(qc, qc->ipktns)) { /* Discard the handshake packet number space. */ @@ -1225,7 +1225,7 @@ static inline void qc_handle_spin_bit(struct quic_conn *qc, struct quic_rx_packe pkt->pn <= largest_pn) return; - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { if (pkt->flags & QUIC_FL_RX_PACKET_SPIN_BIT) qc->flags |= QUIC_FL_CONN_SPIN_BIT; else @@ -1248,7 +1248,7 @@ static void qc_rm_hp_pkts(struct quic_conn *qc, struct quic_enc_level *el) TRACE_ENTER(QUIC_EV_CONN_ELRMHP, qc); /* A server must not process incoming 1-RTT packets before the handshake is complete. */ - if (el == qc->ael && qc_is_listener(qc) && qc->state < QUIC_HS_ST_COMPLETE) { + if (el == qc->ael && objt_listener(qc->target) && qc->state < QUIC_HS_ST_COMPLETE) { TRACE_PROTO("RX hp not removed (handshake not completed)", QUIC_EV_CONN_ELRMHP, qc); goto out; diff --git a/src/quic_ssl.c b/src/quic_ssl.c index 58b05bcbac..ca91fe342b 100644 --- a/src/quic_ssl.c +++ b/src/quic_ssl.c @@ -232,7 +232,7 @@ static int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t * listener and if a token was received. Note that a listener derives only RX * secrets for this level. */ - if (qc_is_listener(qc) && level == ssl_encryption_early_data) { + if (objt_listener(qc->target) && level == ssl_encryption_early_data) { if (qc->flags & QUIC_FL_CONN_NO_TOKEN_RCVD) { /* Leave a chance to the address validation to be completed by the * handshake without starting the mux: one does not want to process @@ -281,7 +281,7 @@ write: } /* Set the transport parameters in the TLS stack. */ - if (level == ssl_encryption_handshake && qc_is_listener(qc) && + if (level == ssl_encryption_handshake && objt_listener(qc->target) && !qc_ssl_set_quic_transport_params(qc->xprt_ctx->ssl, qc, ver, 1)) goto leave; @@ -292,7 +292,7 @@ write: struct quic_tls_kp *nxt_tx = &qc->ku.nxt_tx; #if !defined(USE_QUIC_OPENSSL_COMPAT) && !defined(HAVE_OPENSSL_QUIC) - if (!qc_is_listener(qc)) { + if (objt_server(qc->target)) { const unsigned char *tp; size_t tplen; @@ -956,7 +956,7 @@ static int qc_ssl_provide_quic_data(struct ncbuf *ncbuf, * provided by the stack. This happens after having received the peer * handshake level CRYPTO data which are validated by the TLS stack. */ - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { if (__objt_listener(qc->target)->bind_conf->ssl_conf.early_data && (!qc->ael || !qc->ael->tls_ctx.rx.secret)) { TRACE_PROTO("SSL handshake in progress", @@ -970,7 +970,7 @@ static int qc_ssl_provide_quic_data(struct ncbuf *ncbuf, #endif /* Check the alpn could be negotiated */ - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { if (!qc->app_ops) { TRACE_ERROR("No negotiated ALPN", QUIC_EV_CONN_IO_CB, qc, &state); quic_set_tls_alert(qc, SSL_AD_NO_APPLICATION_PROTOCOL); @@ -1000,7 +1000,7 @@ static int qc_ssl_provide_quic_data(struct ncbuf *ncbuf, } qc->flags |= QUIC_FL_CONN_NEED_POST_HANDSHAKE_FRMS; - if (qc_is_listener(ctx->qc)) { + if (objt_listener(ctx->qc->target)) { struct listener *l = __objt_listener(qc->target); /* I/O callback switch */ qc->wait_event.tasklet->process = quic_conn_app_io_cb; @@ -1245,7 +1245,7 @@ int qc_alloc_ssl_sock_ctx(struct quic_conn *qc, struct connection *conn) ctx->sent_early_data = 0; ctx->qc = qc; - if (qc_is_listener(qc)) { + if (objt_listener(qc->target)) { struct bind_conf *bc = __objt_listener(qc->target)->bind_conf; if (qc_ssl_sess_init(qc, bc->initial_ctx, &ctx->ssl, NULL, 1) == -1) diff --git a/src/quic_tx.c b/src/quic_tx.c index adda7e78ff..ec9aba445f 100644 --- a/src/quic_tx.c +++ b/src/quic_tx.c @@ -663,7 +663,7 @@ static int qc_prep_pkts(struct quic_conn *qc, struct buffer *buf, * to stay under MTU limit. */ if (!dglen) { - if (!quic_peer_validated_addr(qc) && qc_is_listener(qc)) + if (!quic_peer_validated_addr(qc) && objt_listener(qc->target)) end = pos + QUIC_MIN(qc->path->mtu, quic_may_send_bytes(qc)); else end = pos + qc->path->mtu; -- 2.47.2