mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-01-16 06:11:00 +01:00
Code Issues Projects Releases Wiki Activity

REORG: quic: Move QUIC CRYPTO stream definitions/declarations to QUIC TLS

Browse Source 
Move quic_cstream struct definition from quic_conn-t.h to quic_tls-t.h.
Its pool is also moved from quic_conn module to quic_tls. Same thing for
quic_cstream_new() and quic_cstream_free().
This commit is contained in:
Frédéric Lécaille 2023-11-27 10:30:41 +01:00
parent ae885b9b68
commit 831764641f
4 changed files with 69 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
include/haproxy/quic_conn-t.h
View File

@ -235,21 +235,6 @@ extern const struct quic_version *preferred_version;
/* The maximum number of bytes of CRYPTO data in flight during handshakes. */
#define QUIC_CRYPTO_IN_FLIGHT_MAX 4096
/* Crypto data stream (one by encryption level) */
struct quic_cstream {
struct {
uint64_t offset; /* absolute current base offset of ncbuf */
struct ncbuf ncbuf; /* receive buffer - can handle out-of-order offset frames */
} rx;
struct {
uint64_t offset; /* last offset of data ready to be sent */
uint64_t sent_offset; /* last offset sent by transport layer */
struct buffer buf; /* transmit buffer before sending via xprt */
} tx;
struct qc_stream_desc *desc;
};
struct quic_path {
/* Control congestion. */
struct quic_cc cc;

15
include/haproxy/quic_tls-t.h
View File

@ -219,6 +219,21 @@ struct quic_crypto_buf {
size_t sz;
};
/* Crypto data stream (one by encryption level) */
struct quic_cstream {
struct {
uint64_t offset; /* absolute current base offset of ncbuf */
struct ncbuf ncbuf; /* receive buffer - can handle out-of-order offset frames */
} rx;
struct {
uint64_t offset; /* last offset of data ready to be sent */
uint64_t sent_offset; /* last offset sent by transport layer */
struct buffer buf; /* transmit buffer before sending via xprt */
} tx;
struct qc_stream_desc *desc;
};
struct quic_enc_level {
struct list list;
/* Attach point to enqueue this encryption level during retransmissions */

52
src/quic_conn.c
View File

@ -137,7 +137,6 @@ DECLARE_STATIC_POOL(pool_head_quic_cc_conn, "quic_cc_conn", sizeof(struct quic_c
DECLARE_STATIC_POOL(pool_head_quic_cids, "quic_cids", sizeof(struct eb_root));
DECLARE_POOL(pool_head_quic_connection_id,
"quic_connection_id", sizeof(struct quic_connection_id));
DECLARE_STATIC_POOL(pool_head_quic_cstream, "quic_cstream", sizeof(struct quic_cstream));
struct task *quic_conn_app_io_cb(struct task *t, void *context, unsigned int state);
static int quic_conn_init_timer(struct quic_conn *qc);
@ -791,57 +790,6 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
return t;
}
/* Release the memory allocated for <cs> CRYPTO stream */
void quic_cstream_free(struct quic_cstream *cs)
{
if (!cs) {
/* This is the case for ORTT encryption level */
return;
}
quic_free_ncbuf(&cs->rx.ncbuf);
qc_stream_desc_release(cs->desc);
pool_free(pool_head_quic_cstream, cs);
}
/* Allocate a new QUIC stream for <qc>.
* Return it if succeeded, NULL if not.
*/
struct quic_cstream *quic_cstream_new(struct quic_conn *qc)
{
struct quic_cstream *cs, *ret_cs = NULL;
TRACE_ENTER(QUIC_EV_CONN_LPKT, qc);
cs = pool_alloc(pool_head_quic_cstream);
if (!cs) {
TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc);
goto leave;
}
cs->rx.offset = 0;
cs->rx.ncbuf = NCBUF_NULL;
cs->rx.offset = 0;
cs->tx.offset = 0;
cs->tx.sent_offset = 0;
cs->tx.buf = BUF_NULL;
cs->desc = qc_stream_desc_new((uint64_t)-1, -1, cs, qc);
if (!cs->desc) {
TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc);
goto err;
}
ret_cs = cs;
leave:
TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc);
return ret_cs;
err:
pool_free(pool_head_quic_cstream, cs);
goto leave;
}
/* Callback called upon loss detection and PTO timer expirations. */
struct task *qc_process_timer(struct task *task, void *ctx, unsigned int state)
{

54
src/quic_tls.c
View File

@ -11,6 +11,8 @@
#include <haproxy/pool.h>
#include <haproxy/quic_ack.h>
#include <haproxy/quic_conn.h>
#include <haproxy/quic_rx.h>
#include <haproxy/quic_stream.h>
DECLARE_POOL(pool_head_quic_enc_level, "quic_enc_level", sizeof(struct quic_enc_level));
@ -21,6 +23,7 @@ DECLARE_POOL(pool_head_quic_tls_iv, "quic_tls_iv", QUIC_TLS_IV_LEN);
DECLARE_POOL(pool_head_quic_tls_key, "quic_tls_key", QUIC_TLS_KEY_LEN);
DECLARE_POOL(pool_head_quic_crypto_buf, "quic_crypto_buf", sizeof(struct quic_crypto_buf));
DECLARE_STATIC_POOL(pool_head_quic_cstream, "quic_cstream", sizeof(struct quic_cstream));
/* Initial salt depending on QUIC version to derive client/server initial secrets.
* This one is for draft-29 QUIC version.
@ -112,6 +115,57 @@ void quic_tls_secret_hexdump(struct buffer *buf,
chunk_appendf(buf, "%02x", secret[i]);
}
/* Release the memory allocated for <cs> CRYPTO stream */
void quic_cstream_free(struct quic_cstream *cs)
{
if (!cs) {
/* This is the case for ORTT encryption level */
return;
}
quic_free_ncbuf(&cs->rx.ncbuf);
qc_stream_desc_release(cs->desc);
pool_free(pool_head_quic_cstream, cs);
}
/* Allocate a new QUIC stream for <qc>.
* Return it if succeeded, NULL if not.
*/
struct quic_cstream *quic_cstream_new(struct quic_conn *qc)
{
struct quic_cstream *cs, *ret_cs = NULL;
TRACE_ENTER(QUIC_EV_CONN_LPKT, qc);
cs = pool_alloc(pool_head_quic_cstream);
if (!cs) {
TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc);
goto leave;
}
cs->rx.offset = 0;
cs->rx.ncbuf = NCBUF_NULL;
cs->rx.offset = 0;
cs->tx.offset = 0;
cs->tx.sent_offset = 0;
cs->tx.buf = BUF_NULL;
cs->desc = qc_stream_desc_new((uint64_t)-1, -1, cs, qc);
if (!cs->desc) {
TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc);
goto err;
}
ret_cs = cs;
leave:
TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc);
return ret_cs;
err:
pool_free(pool_head_quic_cstream, cs);
goto leave;
}
/* Uninitialize <qel> QUIC encryption level. Never fails. */
void quic_conn_enc_level_uninit(struct quic_conn *qc, struct quic_enc_level *qel)
{