/src/openssl/ssl/quic/quic_lcidm.c

Source (jump to first uncovered line)
/*
 * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "internal/quic_lcidm.h"
#include "internal/quic_types.h"
#include "internal/quic_vlint.h"
#include "internal/common.h"
#include <openssl/lhash.h>
#include <openssl/rand.h>
#include <openssl/err.h>

/*
 * QUIC Local Connection ID Manager
 * ================================
 */

typedef struct quic_lcidm_conn_st QUIC_LCIDM_CONN;

enum {
    LCID_TYPE_ODCID,        /* This LCID is the ODCID from the peer */
    LCID_TYPE_INITIAL,      /* This is our Initial SCID */
    LCID_TYPE_NCID          /* This LCID was issued via a NCID frame */
};

typedef struct quic_lcid_st {
    QUIC_CONN_ID                cid;
    uint64_t                    seq_num;

    /* Back-pointer to the owning QUIC_LCIDM_CONN structure. */
    QUIC_LCIDM_CONN             *conn;

    /* LCID_TYPE_* */
    unsigned int                type                : 2;
} QUIC_LCID;

DEFINE_LHASH_OF_EX(QUIC_LCID);
DEFINE_LHASH_OF_EX(QUIC_LCIDM_CONN);

struct quic_lcidm_conn_st {
    size_t              num_active_lcid;
    LHASH_OF(QUIC_LCID) *lcids;
    void                *opaque;
    QUIC_LCID           *odcid_lcid_obj;
    uint64_t            next_seq_num;

    /* Have we enrolled an ODCID? */
    unsigned int        done_odcid          : 1;
};

struct quic_lcidm_st {
    OSSL_LIB_CTX                *libctx;
    LHASH_OF(QUIC_LCID)         *lcids; /* (QUIC_CONN_ID) -> (QUIC_LCID *)  */
    LHASH_OF(QUIC_LCIDM_CONN)   *conns; /* (void *opaque) -> (QUIC_LCIDM_CONN *) */
    size_t                      lcid_len; /* Length in bytes for all LCIDs */
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
    QUIC_CONN_ID                next_lcid;
#endif
};

static unsigned long bin_hash(const unsigned char *buf, size_t buf_len)
{
    unsigned long hash = 0;
    size_t i;

    for (i = 0; i < buf_len; ++i)
        hash ^= ((unsigned long)buf[i]) << (8 * (i % sizeof(unsigned long)));

    return hash;
}

static unsigned long lcid_hash(const QUIC_LCID *lcid_obj)
{
    return bin_hash(lcid_obj->cid.id, lcid_obj->cid.id_len);
}

static int lcid_comp(const QUIC_LCID *a, const QUIC_LCID *b)
{
    return !ossl_quic_conn_id_eq(&a->cid, &b->cid);
}

static unsigned long lcidm_conn_hash(const QUIC_LCIDM_CONN *conn)
{
    return (unsigned long)(uintptr_t)conn->opaque;
}

static int lcidm_conn_comp(const QUIC_LCIDM_CONN *a, const QUIC_LCIDM_CONN *b)
{
    return a->opaque != b->opaque;
}

QUIC_LCIDM *ossl_quic_lcidm_new(OSSL_LIB_CTX *libctx, size_t lcid_len)
{
    QUIC_LCIDM *lcidm = NULL;

    if (lcid_len > QUIC_MAX_CONN_ID_LEN)
        goto err;

    if ((lcidm = OPENSSL_zalloc(sizeof(*lcidm))) == NULL)
        goto err;

    if ((lcidm->lcids = lh_QUIC_LCID_new(lcid_hash, lcid_comp)) == NULL)
        goto err;

    if ((lcidm->conns = lh_QUIC_LCIDM_CONN_new(lcidm_conn_hash,
                                               lcidm_conn_comp)) == NULL)
        goto err;

    lcidm->libctx   = libctx;
    lcidm->lcid_len = lcid_len;
    return lcidm;

err:
    if (lcidm != NULL) {
        lh_QUIC_LCID_free(lcidm->lcids);
        lh_QUIC_LCIDM_CONN_free(lcidm->conns);
        OPENSSL_free(lcidm);
    }
    return NULL;
}

static void lcidm_delete_conn(QUIC_LCIDM *lcidm, QUIC_LCIDM_CONN *conn);

static void lcidm_delete_conn_(QUIC_LCIDM_CONN *conn, void *arg)
{
    lcidm_delete_conn((QUIC_LCIDM *)arg, conn);
}

void ossl_quic_lcidm_free(QUIC_LCIDM *lcidm)
{
    if (lcidm == NULL)
        return;

    /*
     * Calling OPENSSL_lh_delete during a doall call is unsafe with our
     * current LHASH implementation for several reasons:
     *
     * - firstly, because deletes can cause the hashtable to be contracted,
     *   resulting in rehashing which might cause items in later buckets to
     *   move to earlier buckets, which might cause doall to skip an item,
     *   resulting in a memory leak;
     *
     * - secondly, because doall in general is not safe across hashtable
     *   size changes, as it caches hashtable size and pointer values
     *   while operating.
     *
     * The fix for this is to disable hashtable contraction using the following
     * call, which guarantees that no rehashing will occur so long as we only
     * call delete and not insert.
     */
    lh_QUIC_LCIDM_CONN_set_down_load(lcidm->conns, 0);

    lh_QUIC_LCIDM_CONN_doall_arg(lcidm->conns, lcidm_delete_conn_, lcidm);

    lh_QUIC_LCID_free(lcidm->lcids);
    lh_QUIC_LCIDM_CONN_free(lcidm->conns);
    OPENSSL_free(lcidm);
}

static QUIC_LCID *lcidm_get0_lcid(const QUIC_LCIDM *lcidm, const QUIC_CONN_ID *lcid)
{
    QUIC_LCID key;

    key.cid = *lcid;

    if (key.cid.id_len > QUIC_MAX_CONN_ID_LEN)
        return NULL;

    return lh_QUIC_LCID_retrieve(lcidm->lcids, &key);
}

static QUIC_LCIDM_CONN *lcidm_get0_conn(const QUIC_LCIDM *lcidm, void *opaque)
{
    QUIC_LCIDM_CONN key;

    key.opaque = opaque;

    return lh_QUIC_LCIDM_CONN_retrieve(lcidm->conns, &key);
}

static QUIC_LCIDM_CONN *lcidm_upsert_conn(const QUIC_LCIDM *lcidm, void *opaque)
{
    QUIC_LCIDM_CONN *conn = lcidm_get0_conn(lcidm, opaque);

    if (conn != NULL)
        return conn;

    if ((conn = OPENSSL_zalloc(sizeof(*conn))) == NULL)
        goto err;

    if ((conn->lcids = lh_QUIC_LCID_new(lcid_hash, lcid_comp)) == NULL)
        goto err;

    conn->opaque = opaque;

    lh_QUIC_LCIDM_CONN_insert(lcidm->conns, conn);
    if (lh_QUIC_LCIDM_CONN_error(lcidm->conns))
        goto err;

    return conn;

err:
    if (conn != NULL) {
        lh_QUIC_LCID_free(conn->lcids);
        OPENSSL_free(conn);
    }
    return NULL;
}

static void lcidm_delete_conn_lcid(QUIC_LCIDM *lcidm, QUIC_LCID *lcid_obj)
{
    lh_QUIC_LCID_delete(lcidm->lcids, lcid_obj);
    lh_QUIC_LCID_delete(lcid_obj->conn->lcids, lcid_obj);
    assert(lcid_obj->conn->num_active_lcid > 0);
    --lcid_obj->conn->num_active_lcid;
    OPENSSL_free(lcid_obj);
}

/* doall_arg wrapper */
static void lcidm_delete_conn_lcid_(QUIC_LCID *lcid_obj, void *arg)
{
    lcidm_delete_conn_lcid((QUIC_LCIDM *)arg, lcid_obj);
}

static void lcidm_delete_conn(QUIC_LCIDM *lcidm, QUIC_LCIDM_CONN *conn)
{
    /* See comment in ossl_quic_lcidm_free */
    lh_QUIC_LCID_set_down_load(conn->lcids, 0);

    lh_QUIC_LCID_doall_arg(conn->lcids, lcidm_delete_conn_lcid_, lcidm);
    lh_QUIC_LCIDM_CONN_delete(lcidm->conns, conn);
    lh_QUIC_LCID_free(conn->lcids);
    OPENSSL_free(conn);
}

static QUIC_LCID *lcidm_conn_new_lcid(QUIC_LCIDM *lcidm, QUIC_LCIDM_CONN *conn,
                                      const QUIC_CONN_ID *lcid)
{
    QUIC_LCID *lcid_obj = NULL;

    if (lcid->id_len > QUIC_MAX_CONN_ID_LEN)
        return NULL;

    if ((lcid_obj = OPENSSL_zalloc(sizeof(*lcid_obj))) == NULL)
        goto err;

    lcid_obj->cid = *lcid;
    lcid_obj->conn = conn;

    lh_QUIC_LCID_insert(conn->lcids, lcid_obj);
    if (lh_QUIC_LCID_error(conn->lcids))
        goto err;

    lh_QUIC_LCID_insert(lcidm->lcids, lcid_obj);
    if (lh_QUIC_LCID_error(lcidm->lcids)) {
        lh_QUIC_LCID_delete(conn->lcids, lcid_obj);
        goto err;
    }

    ++conn->num_active_lcid;
    return lcid_obj;

err:
    OPENSSL_free(lcid_obj);
    return NULL;
}

size_t ossl_quic_lcidm_get_lcid_len(const QUIC_LCIDM *lcidm)
{
    return lcidm->lcid_len;
}

size_t ossl_quic_lcidm_get_num_active_lcid(const QUIC_LCIDM *lcidm,
                                           void *opaque)
{
    QUIC_LCIDM_CONN *conn;

    conn = lcidm_get0_conn(lcidm, opaque);
    if (conn == NULL)
        return 0;

    return conn->num_active_lcid;
}

static int lcidm_generate_cid(QUIC_LCIDM *lcidm,
                              QUIC_CONN_ID *cid)
{
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
    int i;

    lcidm->next_lcid.id_len = (unsigned char)lcidm->lcid_len;
    *cid = lcidm->next_lcid;

    for (i = lcidm->lcid_len - 1; i >= 0; --i)
        if (++lcidm->next_lcid.id[i] != 0)
            break;

    return 1;
#else
    return ossl_quic_gen_rand_conn_id(lcidm->libctx, lcidm->lcid_len, cid);
#endif
}

static int lcidm_generate(QUIC_LCIDM *lcidm,
                          void *opaque,
                          unsigned int type,
                          QUIC_CONN_ID *lcid_out,
                          uint64_t *seq_num)
{
    QUIC_LCIDM_CONN *conn;
    QUIC_LCID key, *lcid_obj;
    size_t i;
#define MAX_RETRIES 8

    if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
        return 0;

    if ((type == LCID_TYPE_INITIAL && conn->next_seq_num > 0)
        || conn->next_seq_num > OSSL_QUIC_VLINT_MAX)
        return 0;

    i = 0;
    do {
        if (i++ >= MAX_RETRIES)
            /*
             * Too many retries; should not happen but if it does, don't loop
             * endlessly.
             */
            return 0;

        if (!lcidm_generate_cid(lcidm, lcid_out))
            return 0;

        key.cid = *lcid_out;
        /* If a collision occurs, retry. */
    } while (lh_QUIC_LCID_retrieve(lcidm->lcids, &key) != NULL);

    if ((lcid_obj = lcidm_conn_new_lcid(lcidm, conn, lcid_out)) == NULL)
        return 0;

    lcid_obj->seq_num   = conn->next_seq_num;
    lcid_obj->type      = type;

    if (seq_num != NULL)
        *seq_num = lcid_obj->seq_num;

    ++conn->next_seq_num;
    return 1;
}

int ossl_quic_lcidm_enrol_odcid(QUIC_LCIDM *lcidm,
                                void *opaque,
                                const QUIC_CONN_ID *initial_odcid)
{
    QUIC_LCIDM_CONN *conn;
    QUIC_LCID key, *lcid_obj;

    if (initial_odcid == NULL || initial_odcid->id_len < QUIC_MIN_ODCID_LEN
        || initial_odcid->id_len > QUIC_MAX_CONN_ID_LEN)
        return 0;

    if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
        return 0;

    if (conn->done_odcid)
        return 0;

    key.cid = *initial_odcid;
    if (lh_QUIC_LCID_retrieve(lcidm->lcids, &key) != NULL)
        return 0;

    if ((lcid_obj = lcidm_conn_new_lcid(lcidm, conn, initial_odcid)) == NULL)
        return 0;

    lcid_obj->seq_num       = LCIDM_ODCID_SEQ_NUM;
    lcid_obj->type          = LCID_TYPE_ODCID;

    conn->odcid_lcid_obj    = lcid_obj;
    conn->done_odcid        = 1;
    return 1;
}

int ossl_quic_lcidm_generate_initial(QUIC_LCIDM *lcidm,
                                     void *opaque,
                                     QUIC_CONN_ID *initial_lcid)
{
    return lcidm_generate(lcidm, opaque, LCID_TYPE_INITIAL,
                          initial_lcid, NULL);
}

int ossl_quic_lcidm_generate(QUIC_LCIDM *lcidm,
                             void *opaque,
                             OSSL_QUIC_FRAME_NEW_CONN_ID *ncid_frame)
{
    ncid_frame->seq_num         = 0;
    ncid_frame->retire_prior_to = 0;

    return lcidm_generate(lcidm, opaque, LCID_TYPE_NCID,
                          &ncid_frame->conn_id,
                          &ncid_frame->seq_num);
}

int ossl_quic_lcidm_retire_odcid(QUIC_LCIDM *lcidm, void *opaque)
{
    QUIC_LCIDM_CONN *conn;

    if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
        return 0;

    if (conn->odcid_lcid_obj == NULL)
        return 0;

    lcidm_delete_conn_lcid(lcidm, conn->odcid_lcid_obj);
    conn->odcid_lcid_obj = NULL;
    return 1;
}

struct retire_args {
    QUIC_LCID           *earliest_seq_num_lcid_obj;
    uint64_t            earliest_seq_num, retire_prior_to;
};

static void retire_for_conn(QUIC_LCID *lcid_obj, void *arg)
{
    struct retire_args *args = arg;

    /* ODCID LCID cannot be retired via this API */
    if (lcid_obj->type == LCID_TYPE_ODCID
        || lcid_obj->seq_num >= args->retire_prior_to)
        return;

    if (lcid_obj->seq_num < args->earliest_seq_num) {
        args->earliest_seq_num          = lcid_obj->seq_num;
        args->earliest_seq_num_lcid_obj = lcid_obj;
    }
}

int ossl_quic_lcidm_retire(QUIC_LCIDM *lcidm,
                           void *opaque,
                           uint64_t retire_prior_to,
                           const QUIC_CONN_ID *containing_pkt_dcid,
                           QUIC_CONN_ID *retired_lcid,
                           uint64_t *retired_seq_num,
                           int *did_retire)
{
    QUIC_LCIDM_CONN key, *conn;
    struct retire_args args = {0};

    key.opaque = opaque;

    if (did_retire == NULL)
        return 0;

    *did_retire = 0;
    if ((conn = lh_QUIC_LCIDM_CONN_retrieve(lcidm->conns, &key)) == NULL)
        return 1;

    args.retire_prior_to    = retire_prior_to;
    args.earliest_seq_num   = UINT64_MAX;

    lh_QUIC_LCID_doall_arg(conn->lcids, retire_for_conn, &args);
    if (args.earliest_seq_num_lcid_obj == NULL)
        return 1;

    if (containing_pkt_dcid != NULL
        && ossl_quic_conn_id_eq(&args.earliest_seq_num_lcid_obj->cid,
                                containing_pkt_dcid))
        return 0;

    *did_retire = 1;
    if (retired_lcid != NULL)
        *retired_lcid = args.earliest_seq_num_lcid_obj->cid;
    if (retired_seq_num != NULL)
        *retired_seq_num = args.earliest_seq_num_lcid_obj->seq_num;

    lcidm_delete_conn_lcid(lcidm, args.earliest_seq_num_lcid_obj);
    return 1;
}

int ossl_quic_lcidm_cull(QUIC_LCIDM *lcidm, void *opaque)
{
    QUIC_LCIDM_CONN key, *conn;

    key.opaque = opaque;

    if ((conn = lh_QUIC_LCIDM_CONN_retrieve(lcidm->conns, &key)) == NULL)
        return 0;

    lcidm_delete_conn(lcidm, conn);
    return 1;
}

int ossl_quic_lcidm_lookup(QUIC_LCIDM *lcidm,
                           const QUIC_CONN_ID *lcid,
                           uint64_t *seq_num,
                           void **opaque)
{
    QUIC_LCID *lcid_obj;

    if (lcid == NULL)
        return 0;

    if ((lcid_obj = lcidm_get0_lcid(lcidm, lcid)) == NULL)
        return 0;

    if (seq_num != NULL)
        *seq_num        = lcid_obj->seq_num;

    if (opaque != NULL)
        *opaque         = lcid_obj->conn->opaque;

    return 1;
}

int ossl_quic_lcidm_debug_remove(QUIC_LCIDM *lcidm,
                                 const QUIC_CONN_ID *lcid)
{
    QUIC_LCID key, *lcid_obj;

    key.cid = *lcid;
    if ((lcid_obj = lh_QUIC_LCID_retrieve(lcidm->lcids, &key)) == NULL)
        return 0;

    lcidm_delete_conn_lcid(lcidm, lcid_obj);
    return 1;
}

int ossl_quic_lcidm_debug_add(QUIC_LCIDM *lcidm, void *opaque,
                              const QUIC_CONN_ID *lcid,
                              uint64_t seq_num)
{
    QUIC_LCIDM_CONN *conn;
    QUIC_LCID key, *lcid_obj;

    if (lcid == NULL || lcid->id_len > QUIC_MAX_CONN_ID_LEN)
        return 0;

    if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
        return 0;

    key.cid = *lcid;
    if (lh_QUIC_LCID_retrieve(lcidm->lcids, &key) != NULL)
        return 0;

    if ((lcid_obj = lcidm_conn_new_lcid(lcidm, conn, lcid)) == NULL)
        return 0;

    lcid_obj->seq_num   = seq_num;
    lcid_obj->type      = LCID_TYPE_NCID;
    return 1;
}

Coverage Report

Created: 2024-07-27 06:36

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include "internal/quic_lcidm.h"
11		#include "internal/quic_types.h"
12		#include "internal/quic_vlint.h"
13		#include "internal/common.h"
14		#include <openssl/lhash.h>
15		#include <openssl/rand.h>
16		#include <openssl/err.h>
17
18		/*
19		* QUIC Local Connection ID Manager
20		* ================================
21		*/
22
23		typedef struct quic_lcidm_conn_st QUIC_LCIDM_CONN;
24
25		enum {
26		LCID_TYPE_ODCID, /* This LCID is the ODCID from the peer */
27		LCID_TYPE_INITIAL, /* This is our Initial SCID */
28		LCID_TYPE_NCID /* This LCID was issued via a NCID frame */
29		};
30
31		typedef struct quic_lcid_st {
32		QUIC_CONN_ID cid;
33		uint64_t seq_num;
34
35		/* Back-pointer to the owning QUIC_LCIDM_CONN structure. */
36		QUIC_LCIDM_CONN *conn;
37
38		/* LCID_TYPE_* */
39		unsigned int type : 2;
40		} QUIC_LCID;
41
42		DEFINE_LHASH_OF_EX(QUIC_LCID);
43		DEFINE_LHASH_OF_EX(QUIC_LCIDM_CONN);
44
45		struct quic_lcidm_conn_st {
46		size_t num_active_lcid;
47		LHASH_OF(QUIC_LCID) *lcids;
48		void *opaque;
49		QUIC_LCID *odcid_lcid_obj;
50		uint64_t next_seq_num;
51
52		/* Have we enrolled an ODCID? */
53		unsigned int done_odcid : 1;
54		};
55
56		struct quic_lcidm_st {
57		OSSL_LIB_CTX *libctx;
58		LHASH_OF(QUIC_LCID) lcids; / (QUIC_CONN_ID) -> (QUIC_LCID ) /
59		LHASH_OF(QUIC_LCIDM_CONN) conns; / (void opaque) -> (QUIC_LCIDM_CONN ) */
60		size_t lcid_len; /* Length in bytes for all LCIDs */
61		#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
62		QUIC_CONN_ID next_lcid;
63		#endif
64		};
65
66		static unsigned long bin_hash(const unsigned char *buf, size_t buf_len)
67	0	{
68	0	unsigned long hash = 0;
69	0	size_t i;
70
71	0	for (i = 0; i < buf_len; ++i)
72	0	hash ^= ((unsigned long)buf[i]) << (8 * (i % sizeof(unsigned long)));
73
74	0	return hash;
75	0	}
76
77		static unsigned long lcid_hash(const QUIC_LCID *lcid_obj)
78	0	{
79	0	return bin_hash(lcid_obj->cid.id, lcid_obj->cid.id_len);
80	0	}
81
82		static int lcid_comp(const QUIC_LCID a, const QUIC_LCID b)
83	0	{
84	0	return !ossl_quic_conn_id_eq(&a->cid, &b->cid);
85	0	}
86
87		static unsigned long lcidm_conn_hash(const QUIC_LCIDM_CONN *conn)
88	0	{
89	0	return (unsigned long)(uintptr_t)conn->opaque;
90	0	}
91
92		static int lcidm_conn_comp(const QUIC_LCIDM_CONN a, const QUIC_LCIDM_CONN b)
93	0	{
94	0	return a->opaque != b->opaque;
95	0	}
96
97		QUIC_LCIDM ossl_quic_lcidm_new(OSSL_LIB_CTX libctx, size_t lcid_len)
98	0	{
99	0	QUIC_LCIDM *lcidm = NULL;
100
101	0	if (lcid_len > QUIC_MAX_CONN_ID_LEN)
102	0	goto err;
103
104	0	if ((lcidm = OPENSSL_zalloc(sizeof(*lcidm))) == NULL)
105	0	goto err;
106
107	0	if ((lcidm->lcids = lh_QUIC_LCID_new(lcid_hash, lcid_comp)) == NULL)
108	0	goto err;
109
110	0	if ((lcidm->conns = lh_QUIC_LCIDM_CONN_new(lcidm_conn_hash,
111	0	lcidm_conn_comp)) == NULL)
112	0	goto err;
113
114	0	lcidm->libctx = libctx;
115	0	lcidm->lcid_len = lcid_len;
116	0	return lcidm;
117
118	0	err:
119	0	if (lcidm != NULL) {
120	0	lh_QUIC_LCID_free(lcidm->lcids);
121	0	lh_QUIC_LCIDM_CONN_free(lcidm->conns);
122	0	OPENSSL_free(lcidm);
123	0	}
124	0	return NULL;
125	0	}
126
127		static void lcidm_delete_conn(QUIC_LCIDM lcidm, QUIC_LCIDM_CONN conn);
128
129		static void lcidm_delete_conn_(QUIC_LCIDM_CONN conn, void arg)
130	0	{
131	0	lcidm_delete_conn((QUIC_LCIDM *)arg, conn);
132	0	}
133
134		void ossl_quic_lcidm_free(QUIC_LCIDM *lcidm)
135	0	{
136	0	if (lcidm == NULL)
137	0	return;
138
139		/*
140		* Calling OPENSSL_lh_delete during a doall call is unsafe with our
141		* current LHASH implementation for several reasons:
142		*
143		* - firstly, because deletes can cause the hashtable to be contracted,
144		* resulting in rehashing which might cause items in later buckets to
145		* move to earlier buckets, which might cause doall to skip an item,
146		* resulting in a memory leak;
147		*
148		* - secondly, because doall in general is not safe across hashtable
149		* size changes, as it caches hashtable size and pointer values
150		* while operating.
151		*
152		* The fix for this is to disable hashtable contraction using the following
153		* call, which guarantees that no rehashing will occur so long as we only
154		* call delete and not insert.
155		*/
156	0	lh_QUIC_LCIDM_CONN_set_down_load(lcidm->conns, 0);
157
158	0	lh_QUIC_LCIDM_CONN_doall_arg(lcidm->conns, lcidm_delete_conn_, lcidm);
159
160	0	lh_QUIC_LCID_free(lcidm->lcids);
161	0	lh_QUIC_LCIDM_CONN_free(lcidm->conns);
162	0	OPENSSL_free(lcidm);
163	0	}
164
165		static QUIC_LCID lcidm_get0_lcid(const QUIC_LCIDM lcidm, const QUIC_CONN_ID *lcid)
166	0	{
167	0	QUIC_LCID key;
168
169	0	key.cid = *lcid;
170
171	0	if (key.cid.id_len > QUIC_MAX_CONN_ID_LEN)
172	0	return NULL;
173
174	0	return lh_QUIC_LCID_retrieve(lcidm->lcids, &key);
175	0	}
176
177		static QUIC_LCIDM_CONN lcidm_get0_conn(const QUIC_LCIDM lcidm, void *opaque)
178	0	{
179	0	QUIC_LCIDM_CONN key;
180
181	0	key.opaque = opaque;
182
183	0	return lh_QUIC_LCIDM_CONN_retrieve(lcidm->conns, &key);
184	0	}
185
186		static QUIC_LCIDM_CONN lcidm_upsert_conn(const QUIC_LCIDM lcidm, void *opaque)
187	0	{
188	0	QUIC_LCIDM_CONN *conn = lcidm_get0_conn(lcidm, opaque);
189
190	0	if (conn != NULL)
191	0	return conn;
192
193	0	if ((conn = OPENSSL_zalloc(sizeof(*conn))) == NULL)
194	0	goto err;
195
196	0	if ((conn->lcids = lh_QUIC_LCID_new(lcid_hash, lcid_comp)) == NULL)
197	0	goto err;
198
199	0	conn->opaque = opaque;
200
201	0	lh_QUIC_LCIDM_CONN_insert(lcidm->conns, conn);
202	0	if (lh_QUIC_LCIDM_CONN_error(lcidm->conns))
203	0	goto err;
204
205	0	return conn;
206
207	0	err:
208	0	if (conn != NULL) {
209	0	lh_QUIC_LCID_free(conn->lcids);
210	0	OPENSSL_free(conn);
211	0	}
212	0	return NULL;
213	0	}
214
215		static void lcidm_delete_conn_lcid(QUIC_LCIDM lcidm, QUIC_LCID lcid_obj)
216	0	{
217	0	lh_QUIC_LCID_delete(lcidm->lcids, lcid_obj);
218	0	lh_QUIC_LCID_delete(lcid_obj->conn->lcids, lcid_obj);
219	0	assert(lcid_obj->conn->num_active_lcid > 0);
220	0	--lcid_obj->conn->num_active_lcid;
221	0	OPENSSL_free(lcid_obj);
222	0	}
223
224		/* doall_arg wrapper */
225		static void lcidm_delete_conn_lcid_(QUIC_LCID lcid_obj, void arg)
226	0	{
227	0	lcidm_delete_conn_lcid((QUIC_LCIDM *)arg, lcid_obj);
228	0	}
229
230		static void lcidm_delete_conn(QUIC_LCIDM lcidm, QUIC_LCIDM_CONN conn)
231	0	{
232		/* See comment in ossl_quic_lcidm_free */
233	0	lh_QUIC_LCID_set_down_load(conn->lcids, 0);
234
235	0	lh_QUIC_LCID_doall_arg(conn->lcids, lcidm_delete_conn_lcid_, lcidm);
236	0	lh_QUIC_LCIDM_CONN_delete(lcidm->conns, conn);
237	0	lh_QUIC_LCID_free(conn->lcids);
238	0	OPENSSL_free(conn);
239	0	}
240
241		static QUIC_LCID lcidm_conn_new_lcid(QUIC_LCIDM lcidm, QUIC_LCIDM_CONN *conn,
242		const QUIC_CONN_ID *lcid)
243	0	{
244	0	QUIC_LCID *lcid_obj = NULL;
245
246	0	if (lcid->id_len > QUIC_MAX_CONN_ID_LEN)
247	0	return NULL;
248
249	0	if ((lcid_obj = OPENSSL_zalloc(sizeof(*lcid_obj))) == NULL)
250	0	goto err;
251
252	0	lcid_obj->cid = *lcid;
253	0	lcid_obj->conn = conn;
254
255	0	lh_QUIC_LCID_insert(conn->lcids, lcid_obj);
256	0	if (lh_QUIC_LCID_error(conn->lcids))
257	0	goto err;
258
259	0	lh_QUIC_LCID_insert(lcidm->lcids, lcid_obj);
260	0	if (lh_QUIC_LCID_error(lcidm->lcids)) {
261	0	lh_QUIC_LCID_delete(conn->lcids, lcid_obj);
262	0	goto err;
263	0	}
264
265	0	++conn->num_active_lcid;
266	0	return lcid_obj;
267
268	0	err:
269	0	OPENSSL_free(lcid_obj);
270	0	return NULL;
271	0	}
272
273		size_t ossl_quic_lcidm_get_lcid_len(const QUIC_LCIDM *lcidm)
274	0	{
275	0	return lcidm->lcid_len;
276	0	}
277
278		size_t ossl_quic_lcidm_get_num_active_lcid(const QUIC_LCIDM *lcidm,
279		void *opaque)
280	0	{
281	0	QUIC_LCIDM_CONN *conn;
282
283	0	conn = lcidm_get0_conn(lcidm, opaque);
284	0	if (conn == NULL)
285	0	return 0;
286
287	0	return conn->num_active_lcid;
288	0	}
289
290		static int lcidm_generate_cid(QUIC_LCIDM *lcidm,
291		QUIC_CONN_ID *cid)
292	0	{
293	0	#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
294	0	int i;
295
296	0	lcidm->next_lcid.id_len = (unsigned char)lcidm->lcid_len;
297	0	*cid = lcidm->next_lcid;
298
299	0	for (i = lcidm->lcid_len - 1; i >= 0; --i)
300	0	if (++lcidm->next_lcid.id[i] != 0)
301	0	break;
302
303	0	return 1;
304		#else
305		return ossl_quic_gen_rand_conn_id(lcidm->libctx, lcidm->lcid_len, cid);
306		#endif
307	0	}
308
309		static int lcidm_generate(QUIC_LCIDM *lcidm,
310		void *opaque,
311		unsigned int type,
312		QUIC_CONN_ID *lcid_out,
313		uint64_t *seq_num)
314	0	{
315	0	QUIC_LCIDM_CONN *conn;
316	0	QUIC_LCID key, *lcid_obj;
317	0	size_t i;
318	0	#define MAX_RETRIES 8
319
320	0	if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
321	0	return 0;
322
323	0	if ((type == LCID_TYPE_INITIAL && conn->next_seq_num > 0)
324	0	\|\| conn->next_seq_num > OSSL_QUIC_VLINT_MAX)
325	0	return 0;
326
327	0	i = 0;
328	0	do {
329	0	if (i++ >= MAX_RETRIES)
330		/*
331		* Too many retries; should not happen but if it does, don't loop
332		* endlessly.
333		*/
334	0	return 0;
335
336	0	if (!lcidm_generate_cid(lcidm, lcid_out))
337	0	return 0;
338
339	0	key.cid = *lcid_out;
340		/* If a collision occurs, retry. */
341	0	} while (lh_QUIC_LCID_retrieve(lcidm->lcids, &key) != NULL);
342
343	0	if ((lcid_obj = lcidm_conn_new_lcid(lcidm, conn, lcid_out)) == NULL)
344	0	return 0;
345
346	0	lcid_obj->seq_num = conn->next_seq_num;
347	0	lcid_obj->type = type;
348
349	0	if (seq_num != NULL)
350	0	*seq_num = lcid_obj->seq_num;
351
352	0	++conn->next_seq_num;
353	0	return 1;
354	0	}
355
356		int ossl_quic_lcidm_enrol_odcid(QUIC_LCIDM *lcidm,
357		void *opaque,
358		const QUIC_CONN_ID *initial_odcid)
359	0	{
360	0	QUIC_LCIDM_CONN *conn;
361	0	QUIC_LCID key, *lcid_obj;
362
363	0	if (initial_odcid == NULL \|\| initial_odcid->id_len < QUIC_MIN_ODCID_LEN
364	0	\|\| initial_odcid->id_len > QUIC_MAX_CONN_ID_LEN)
365	0	return 0;
366
367	0	if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
368	0	return 0;
369
370	0	if (conn->done_odcid)
371	0	return 0;
372
373	0	key.cid = *initial_odcid;
374	0	if (lh_QUIC_LCID_retrieve(lcidm->lcids, &key) != NULL)
375	0	return 0;
376
377	0	if ((lcid_obj = lcidm_conn_new_lcid(lcidm, conn, initial_odcid)) == NULL)
378	0	return 0;
379
380	0	lcid_obj->seq_num = LCIDM_ODCID_SEQ_NUM;
381	0	lcid_obj->type = LCID_TYPE_ODCID;
382
383	0	conn->odcid_lcid_obj = lcid_obj;
384	0	conn->done_odcid = 1;
385	0	return 1;
386	0	}
387
388		int ossl_quic_lcidm_generate_initial(QUIC_LCIDM *lcidm,
389		void *opaque,
390		QUIC_CONN_ID *initial_lcid)
391	0	{
392	0	return lcidm_generate(lcidm, opaque, LCID_TYPE_INITIAL,
393	0	initial_lcid, NULL);
394	0	}
395
396		int ossl_quic_lcidm_generate(QUIC_LCIDM *lcidm,
397		void *opaque,
398		OSSL_QUIC_FRAME_NEW_CONN_ID *ncid_frame)
399	0	{
400	0	ncid_frame->seq_num = 0;
401	0	ncid_frame->retire_prior_to = 0;
402
403	0	return lcidm_generate(lcidm, opaque, LCID_TYPE_NCID,
404	0	&ncid_frame->conn_id,
405	0	&ncid_frame->seq_num);
406	0	}
407
408		int ossl_quic_lcidm_retire_odcid(QUIC_LCIDM lcidm, void opaque)
409	0	{
410	0	QUIC_LCIDM_CONN *conn;
411
412	0	if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
413	0	return 0;
414
415	0	if (conn->odcid_lcid_obj == NULL)
416	0	return 0;
417
418	0	lcidm_delete_conn_lcid(lcidm, conn->odcid_lcid_obj);
419	0	conn->odcid_lcid_obj = NULL;
420	0	return 1;
421	0	}
422
423		struct retire_args {
424		QUIC_LCID *earliest_seq_num_lcid_obj;
425		uint64_t earliest_seq_num, retire_prior_to;
426		};
427
428		static void retire_for_conn(QUIC_LCID lcid_obj, void arg)
429	0	{
430	0	struct retire_args *args = arg;
431
432		/* ODCID LCID cannot be retired via this API */
433	0	if (lcid_obj->type == LCID_TYPE_ODCID
434	0	\|\| lcid_obj->seq_num >= args->retire_prior_to)
435	0	return;
436
437	0	if (lcid_obj->seq_num < args->earliest_seq_num) {
438	0	args->earliest_seq_num = lcid_obj->seq_num;
439	0	args->earliest_seq_num_lcid_obj = lcid_obj;
440	0	}
441	0	}
442
443		int ossl_quic_lcidm_retire(QUIC_LCIDM *lcidm,
444		void *opaque,
445		uint64_t retire_prior_to,
446		const QUIC_CONN_ID *containing_pkt_dcid,
447		QUIC_CONN_ID *retired_lcid,
448		uint64_t *retired_seq_num,
449		int *did_retire)
450	0	{
451	0	QUIC_LCIDM_CONN key, *conn;
452	0	struct retire_args args = {0};
453
454	0	key.opaque = opaque;
455
456	0	if (did_retire == NULL)
457	0	return 0;
458
459	0	*did_retire = 0;
460	0	if ((conn = lh_QUIC_LCIDM_CONN_retrieve(lcidm->conns, &key)) == NULL)
461	0	return 1;
462
463	0	args.retire_prior_to = retire_prior_to;
464	0	args.earliest_seq_num = UINT64_MAX;
465
466	0	lh_QUIC_LCID_doall_arg(conn->lcids, retire_for_conn, &args);
467	0	if (args.earliest_seq_num_lcid_obj == NULL)
468	0	return 1;
469
470	0	if (containing_pkt_dcid != NULL
471	0	&& ossl_quic_conn_id_eq(&args.earliest_seq_num_lcid_obj->cid,
472	0	containing_pkt_dcid))
473	0	return 0;
474
475	0	*did_retire = 1;
476	0	if (retired_lcid != NULL)
477	0	*retired_lcid = args.earliest_seq_num_lcid_obj->cid;
478	0	if (retired_seq_num != NULL)
479	0	*retired_seq_num = args.earliest_seq_num_lcid_obj->seq_num;
480
481	0	lcidm_delete_conn_lcid(lcidm, args.earliest_seq_num_lcid_obj);
482	0	return 1;
483	0	}
484
485		int ossl_quic_lcidm_cull(QUIC_LCIDM lcidm, void opaque)
486	0	{
487	0	QUIC_LCIDM_CONN key, *conn;
488
489	0	key.opaque = opaque;
490
491	0	if ((conn = lh_QUIC_LCIDM_CONN_retrieve(lcidm->conns, &key)) == NULL)
492	0	return 0;
493
494	0	lcidm_delete_conn(lcidm, conn);
495	0	return 1;
496	0	}
497
498		int ossl_quic_lcidm_lookup(QUIC_LCIDM *lcidm,
499		const QUIC_CONN_ID *lcid,
500		uint64_t *seq_num,
501		void **opaque)
502	0	{
503	0	QUIC_LCID *lcid_obj;
504
505	0	if (lcid == NULL)
506	0	return 0;
507
508	0	if ((lcid_obj = lcidm_get0_lcid(lcidm, lcid)) == NULL)
509	0	return 0;
510
511	0	if (seq_num != NULL)
512	0	*seq_num = lcid_obj->seq_num;
513
514	0	if (opaque != NULL)
515	0	*opaque = lcid_obj->conn->opaque;
516
517	0	return 1;
518	0	}
519
520		int ossl_quic_lcidm_debug_remove(QUIC_LCIDM *lcidm,
521		const QUIC_CONN_ID *lcid)
522	0	{
523	0	QUIC_LCID key, *lcid_obj;
524
525	0	key.cid = *lcid;
526	0	if ((lcid_obj = lh_QUIC_LCID_retrieve(lcidm->lcids, &key)) == NULL)
527	0	return 0;
528
529	0	lcidm_delete_conn_lcid(lcidm, lcid_obj);
530	0	return 1;
531	0	}
532
533		int ossl_quic_lcidm_debug_add(QUIC_LCIDM lcidm, void opaque,
534		const QUIC_CONN_ID *lcid,
535		uint64_t seq_num)
536	0	{
537	0	QUIC_LCIDM_CONN *conn;
538	0	QUIC_LCID key, *lcid_obj;
539
540	0	if (lcid == NULL \|\| lcid->id_len > QUIC_MAX_CONN_ID_LEN)
541	0	return 0;
542
543	0	if ((conn = lcidm_upsert_conn(lcidm, opaque)) == NULL)
544	0	return 0;
545
546	0	key.cid = *lcid;
547	0	if (lh_QUIC_LCID_retrieve(lcidm->lcids, &key) != NULL)
548	0	return 0;
549
550	0	if ((lcid_obj = lcidm_conn_new_lcid(lcidm, conn, lcid)) == NULL)
551	0	return 0;
552
553	0	lcid_obj->seq_num = seq_num;
554	0	lcid_obj->type = LCID_TYPE_NCID;
555	0	return 1;
556	0	}