/src/openssl36/ssl/quic/quic_rx_depack.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include "internal/packet_quic.h" |
11 | | #include "internal/nelem.h" |
12 | | #include "internal/quic_wire.h" |
13 | | #include "internal/quic_record_rx.h" |
14 | | #include "internal/quic_ackm.h" |
15 | | #include "internal/quic_rx_depack.h" |
16 | | #include "internal/quic_error.h" |
17 | | #include "internal/quic_fc.h" |
18 | | #include "internal/quic_channel.h" |
19 | | #include "internal/sockets.h" |
20 | | |
21 | | #include "quic_local.h" |
22 | | #include "quic_channel_local.h" |
23 | | #include "../ssl_local.h" |
24 | | |
25 | | /* |
26 | | * Helper functions to process different frame types. |
27 | | * |
28 | | * Typically, those that are ACK eliciting will take an OSSL_ACKM_RX_PKT |
29 | | * pointer argument, the few that aren't ACK eliciting will not. This makes |
30 | | * them a verifiable pattern against tables where this is specified. |
31 | | */ |
32 | | static int depack_do_implicit_stream_create(QUIC_CHANNEL *ch, |
33 | | uint64_t stream_id, |
34 | | uint64_t frame_type, |
35 | | QUIC_STREAM **result); |
36 | | |
37 | | static int depack_do_frame_padding(PACKET *pkt) |
38 | 593k | { |
39 | | /* We ignore this frame */ |
40 | 593k | ossl_quic_wire_decode_padding(pkt); |
41 | 593k | return 1; |
42 | 593k | } |
43 | | |
44 | | static int depack_do_frame_ping(PACKET *pkt, QUIC_CHANNEL *ch, |
45 | | uint32_t enc_level, |
46 | | OSSL_ACKM_RX_PKT *ackm_data) |
47 | 1.89M | { |
48 | | /* We ignore this frame, apart from eliciting an ACK */ |
49 | 1.89M | if (!ossl_quic_wire_decode_frame_ping(pkt)) { |
50 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
51 | 0 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
52 | 0 | OSSL_QUIC_FRAME_TYPE_PING, |
53 | 0 | "decode error"); |
54 | 0 | return 0; |
55 | 0 | } |
56 | | |
57 | 1.89M | ossl_quic_tx_packetiser_schedule_ack_eliciting(ch->txp, enc_level); |
58 | 1.89M | return 1; |
59 | 1.89M | } |
60 | | |
61 | | static int depack_do_frame_ack(PACKET *pkt, QUIC_CHANNEL *ch, |
62 | | int packet_space, OSSL_TIME received, |
63 | | uint64_t frame_type, |
64 | | OSSL_QRX_PKT *qpacket) |
65 | 271k | { |
66 | 271k | OSSL_QUIC_FRAME_ACK ack; |
67 | 271k | OSSL_QUIC_ACK_RANGE *p; |
68 | 271k | uint64_t total_ranges = 0; |
69 | 271k | uint32_t ack_delay_exp = ch->rx_ack_delay_exp; |
70 | | |
71 | 271k | if (!ossl_quic_wire_peek_frame_ack_num_ranges(pkt, &total_ranges) |
72 | | /* In case sizeof(uint64_t) > sizeof(size_t) */ |
73 | 270k | || total_ranges > SIZE_MAX / sizeof(OSSL_QUIC_ACK_RANGE)) |
74 | 954 | goto malformed; |
75 | | |
76 | 270k | if (ch->num_ack_range_scratch < (size_t)total_ranges) { |
77 | 39.2k | if ((p = OPENSSL_realloc(ch->ack_range_scratch, |
78 | 39.2k | sizeof(OSSL_QUIC_ACK_RANGE) |
79 | 39.2k | * (size_t)total_ranges)) |
80 | 39.2k | == NULL) |
81 | 0 | goto malformed; |
82 | | |
83 | 39.2k | ch->ack_range_scratch = p; |
84 | 39.2k | ch->num_ack_range_scratch = (size_t)total_ranges; |
85 | 39.2k | } |
86 | | |
87 | 270k | ack.ack_ranges = ch->ack_range_scratch; |
88 | 270k | ack.num_ack_ranges = (size_t)total_ranges; |
89 | | |
90 | 270k | if (!ossl_quic_wire_decode_frame_ack(pkt, ack_delay_exp, &ack, NULL)) |
91 | 1.30k | goto malformed; |
92 | | |
93 | 268k | if (qpacket->hdr->type == QUIC_PKT_TYPE_1RTT |
94 | 65.7k | && (qpacket->key_epoch < ossl_qrx_get_key_epoch(ch->qrx) |
95 | 64.9k | || ch->rxku_expected) |
96 | 787 | && ack.ack_ranges[0].end >= ch->txku_pn) { |
97 | | /* |
98 | | * RFC 9001 s. 6.2: An endpoint that receives an acknowledgment that is |
99 | | * carried in a packet protected with old keys where any acknowledged |
100 | | * packet was protected with newer keys MAY treat that as a connection |
101 | | * error of type KEY_UPDATE_ERROR. |
102 | | * |
103 | | * Two cases to handle here: |
104 | | * |
105 | | * - We did spontaneous TXKU, the peer has responded in kind and we |
106 | | * have detected RXKU; !ch->rxku_expected, but then it sent a packet |
107 | | * with old keys acknowledging a packet in the new key epoch. |
108 | | * |
109 | | * This also covers the case where we got RXKU and triggered |
110 | | * solicited TXKU, and then for some reason the peer sent an ACK of |
111 | | * a PN in our new TX key epoch with old keys. |
112 | | * |
113 | | * - We did spontaneous TXKU; ch->txku_pn is the starting PN of our |
114 | | * new TX key epoch; the peer has not initiated a solicited TXKU in |
115 | | * response (so we have not detected RXKU); in this case the RX key |
116 | | * epoch has not incremented and ch->rxku_expected is still 1. |
117 | | */ |
118 | 130 | ossl_quic_channel_raise_protocol_error(ch, |
119 | 130 | OSSL_QUIC_ERR_KEY_UPDATE_ERROR, |
120 | 130 | frame_type, |
121 | 130 | "acked packet which initiated a " |
122 | 130 | "key update without a " |
123 | 130 | "corresponding key update"); |
124 | 130 | return 0; |
125 | 130 | } |
126 | | |
127 | 268k | if (!ossl_ackm_on_rx_ack_frame(ch->ackm, &ack, |
128 | 268k | packet_space, received)) |
129 | 0 | goto malformed; |
130 | | |
131 | 268k | ++ch->diag_num_rx_ack; |
132 | 268k | return 1; |
133 | | |
134 | 2.25k | malformed: |
135 | 2.25k | ossl_quic_channel_raise_protocol_error(ch, |
136 | 2.25k | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
137 | 2.25k | frame_type, |
138 | 2.25k | "decode error"); |
139 | 2.25k | return 0; |
140 | 268k | } |
141 | | |
142 | | static int depack_do_frame_reset_stream(PACKET *pkt, |
143 | | QUIC_CHANNEL *ch, |
144 | | OSSL_ACKM_RX_PKT *ackm_data) |
145 | 8.51k | { |
146 | 8.51k | OSSL_QUIC_FRAME_RESET_STREAM frame_data; |
147 | 8.51k | QUIC_STREAM *stream = NULL; |
148 | 8.51k | uint64_t fce; |
149 | | |
150 | 8.51k | if (!ossl_quic_wire_decode_frame_reset_stream(pkt, &frame_data)) { |
151 | 49 | ossl_quic_channel_raise_protocol_error(ch, |
152 | 49 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
153 | 49 | OSSL_QUIC_FRAME_TYPE_RESET_STREAM, |
154 | 49 | "decode error"); |
155 | 49 | return 0; |
156 | 49 | } |
157 | | |
158 | 8.46k | if (!depack_do_implicit_stream_create(ch, frame_data.stream_id, |
159 | 8.46k | OSSL_QUIC_FRAME_TYPE_RESET_STREAM, |
160 | 8.46k | &stream)) |
161 | 134 | return 0; /* error already raised for us */ |
162 | | |
163 | 8.32k | if (stream == NULL) |
164 | 0 | return 1; /* old deleted stream, not a protocol violation, ignore */ |
165 | | |
166 | 8.32k | if (!ossl_quic_stream_has_recv(stream)) { |
167 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
168 | 0 | OSSL_QUIC_ERR_STREAM_STATE_ERROR, |
169 | 0 | OSSL_QUIC_FRAME_TYPE_RESET_STREAM, |
170 | 0 | "RESET_STREAM frame for " |
171 | 0 | "TX only stream"); |
172 | 0 | return 0; |
173 | 0 | } |
174 | | |
175 | | /* |
176 | | * The final size field of the RESET_STREAM frame must be used to determine |
177 | | * how much flow control credit the aborted stream was considered to have |
178 | | * consumed. |
179 | | * |
180 | | * We also need to ensure that if we already have a final size for the |
181 | | * stream, the RESET_STREAM frame's Final Size field matches this; we SHOULD |
182 | | * terminate the connection otherwise (RFC 9000 s. 4.5). The RXFC takes care |
183 | | * of this for us. |
184 | | */ |
185 | 8.32k | if (!ossl_quic_rxfc_on_rx_stream_frame(&stream->rxfc, |
186 | 8.32k | frame_data.final_size, /*is_fin=*/1)) { |
187 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
188 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
189 | 0 | OSSL_QUIC_FRAME_TYPE_RESET_STREAM, |
190 | 0 | "internal error (flow control)"); |
191 | 0 | return 0; |
192 | 0 | } |
193 | | |
194 | | /* Has a flow control error occurred? */ |
195 | 8.32k | fce = ossl_quic_rxfc_get_error(&stream->rxfc, 0); |
196 | 8.32k | if (fce != OSSL_QUIC_ERR_NO_ERROR) { |
197 | 203 | ossl_quic_channel_raise_protocol_error(ch, |
198 | 203 | fce, |
199 | 203 | OSSL_QUIC_FRAME_TYPE_RESET_STREAM, |
200 | 203 | "flow control violation"); |
201 | 203 | return 0; |
202 | 203 | } |
203 | | |
204 | | /* |
205 | | * Depending on the receive part state this is handled either as a reset |
206 | | * transition or a no-op (e.g. if a reset has already been received before, |
207 | | * or the application already retired a FIN). Best effort - there are no |
208 | | * protocol error conditions we need to check for here. |
209 | | */ |
210 | 8.12k | ossl_quic_stream_map_notify_reset_recv_part(&ch->qsm, stream, |
211 | 8.12k | frame_data.app_error_code, |
212 | 8.12k | frame_data.final_size); |
213 | | |
214 | 8.12k | ossl_quic_stream_map_update_state(&ch->qsm, stream); |
215 | 8.12k | return 1; |
216 | 8.32k | } |
217 | | |
218 | | static int depack_do_frame_stop_sending(PACKET *pkt, |
219 | | QUIC_CHANNEL *ch, |
220 | | OSSL_ACKM_RX_PKT *ackm_data) |
221 | 88.6k | { |
222 | 88.6k | OSSL_QUIC_FRAME_STOP_SENDING frame_data; |
223 | 88.6k | QUIC_STREAM *stream = NULL; |
224 | | |
225 | 88.6k | if (!ossl_quic_wire_decode_frame_stop_sending(pkt, &frame_data)) { |
226 | 56 | ossl_quic_channel_raise_protocol_error(ch, |
227 | 56 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
228 | 56 | OSSL_QUIC_FRAME_TYPE_STOP_SENDING, |
229 | 56 | "decode error"); |
230 | 56 | return 0; |
231 | 56 | } |
232 | | |
233 | 88.5k | if (!depack_do_implicit_stream_create(ch, frame_data.stream_id, |
234 | 88.5k | OSSL_QUIC_FRAME_TYPE_STOP_SENDING, |
235 | 88.5k | &stream)) |
236 | 155 | return 0; /* error already raised for us */ |
237 | | |
238 | 88.4k | if (stream == NULL) |
239 | 0 | return 1; /* old deleted stream, not a protocol violation, ignore */ |
240 | | |
241 | 88.4k | if (!ossl_quic_stream_has_send(stream)) { |
242 | 24 | ossl_quic_channel_raise_protocol_error(ch, |
243 | 24 | OSSL_QUIC_ERR_STREAM_STATE_ERROR, |
244 | 24 | OSSL_QUIC_FRAME_TYPE_STOP_SENDING, |
245 | 24 | "STOP_SENDING frame for " |
246 | 24 | "RX only stream"); |
247 | 24 | return 0; |
248 | 24 | } |
249 | | |
250 | 88.4k | stream->peer_stop_sending = 1; |
251 | 88.4k | stream->peer_stop_sending_aec = frame_data.app_error_code; |
252 | | |
253 | | /* |
254 | | * RFC 9000 s. 3.5: Receiving a STOP_SENDING frame means we must respond in |
255 | | * turn with a RESET_STREAM frame for the same part of the stream. The other |
256 | | * part is unaffected. |
257 | | */ |
258 | 88.4k | ossl_quic_stream_map_reset_stream_send_part(&ch->qsm, stream, |
259 | 88.4k | frame_data.app_error_code); |
260 | 88.4k | return 1; |
261 | 88.4k | } |
262 | | |
263 | | static int depack_do_frame_crypto(PACKET *pkt, QUIC_CHANNEL *ch, |
264 | | OSSL_QRX_PKT *parent_pkt, |
265 | | OSSL_ACKM_RX_PKT *ackm_data, |
266 | | uint64_t *datalen) |
267 | 339k | { |
268 | 339k | OSSL_QUIC_FRAME_CRYPTO f; |
269 | 339k | QUIC_RSTREAM *rstream; |
270 | 339k | QUIC_RXFC *rxfc; |
271 | | |
272 | 339k | *datalen = 0; |
273 | | |
274 | 339k | if (!ossl_quic_wire_decode_frame_crypto(pkt, 0, &f)) { |
275 | 837 | ossl_quic_channel_raise_protocol_error(ch, |
276 | 837 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
277 | 837 | OSSL_QUIC_FRAME_TYPE_CRYPTO, |
278 | 837 | "decode error"); |
279 | 837 | return 0; |
280 | 837 | } |
281 | | |
282 | 338k | if (f.len == 0) |
283 | 116k | return 1; /* nothing to do */ |
284 | | |
285 | 221k | rstream = ch->crypto_recv[ackm_data->pkt_space]; |
286 | 221k | if (!ossl_assert(rstream != NULL)) |
287 | | /* |
288 | | * This should not happen; we should only have a NULL stream here if |
289 | | * the EL has been discarded, and if the EL has been discarded we |
290 | | * shouldn't be here. |
291 | | */ |
292 | 0 | return 0; |
293 | | |
294 | 221k | rxfc = &ch->crypto_rxfc[ackm_data->pkt_space]; |
295 | | |
296 | 221k | if (!ossl_quic_rxfc_on_rx_stream_frame(rxfc, f.offset + f.len, |
297 | 221k | /*is_fin=*/0)) { |
298 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
299 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
300 | 0 | OSSL_QUIC_FRAME_TYPE_CRYPTO, |
301 | 0 | "internal error (crypto RXFC)"); |
302 | 0 | return 0; |
303 | 0 | } |
304 | | |
305 | 221k | if (ossl_quic_rxfc_get_error(rxfc, 0) != OSSL_QUIC_ERR_NO_ERROR) { |
306 | 557 | ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED, |
307 | 557 | OSSL_QUIC_FRAME_TYPE_CRYPTO, |
308 | 557 | "exceeded maximum crypto buffer"); |
309 | 557 | return 0; |
310 | 557 | } |
311 | | |
312 | 221k | if (!ossl_quic_rstream_queue_data(rstream, parent_pkt, |
313 | 221k | f.offset, f.data, f.len, 0)) { |
314 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
315 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
316 | 0 | OSSL_QUIC_FRAME_TYPE_CRYPTO, |
317 | 0 | "internal error (rstream queue)"); |
318 | 0 | return 0; |
319 | 0 | } |
320 | | |
321 | 221k | ch->did_crypto_frame = 1; |
322 | 221k | *datalen = f.len; |
323 | | |
324 | 221k | return 1; |
325 | 221k | } |
326 | | |
327 | | static int depack_do_frame_new_token(PACKET *pkt, QUIC_CHANNEL *ch, |
328 | | OSSL_ACKM_RX_PKT *ackm_data) |
329 | 2.10k | { |
330 | 2.10k | const uint8_t *token; |
331 | 2.10k | size_t token_len; |
332 | | |
333 | 2.10k | if (!ossl_quic_wire_decode_frame_new_token(pkt, &token, &token_len)) { |
334 | 42 | ossl_quic_channel_raise_protocol_error(ch, |
335 | 42 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
336 | 42 | OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, |
337 | 42 | "decode error"); |
338 | 42 | return 0; |
339 | 42 | } |
340 | | |
341 | 2.06k | if (token_len == 0) { |
342 | | /* |
343 | | * RFC 9000 s. 19.7: "A client MUST treat receipt of a NEW_TOKEN frame |
344 | | * with an empty Token field as a connection error of type |
345 | | * FRAME_ENCODING_ERROR." |
346 | | */ |
347 | 18 | ossl_quic_channel_raise_protocol_error(ch, |
348 | 18 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
349 | 18 | OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, |
350 | 18 | "zero-length NEW_TOKEN"); |
351 | 18 | return 0; |
352 | 18 | } |
353 | | |
354 | | /* store the new token in our token cache */ |
355 | 2.04k | if (!ossl_quic_set_peer_token(ossl_quic_port_get_channel_ctx(ch->port), |
356 | 2.04k | &ch->cur_peer_addr, token, token_len)) |
357 | 0 | return 0; |
358 | | |
359 | 2.04k | return 1; |
360 | 2.04k | } |
361 | | |
362 | | /* |
363 | | * Returns 1 if no protocol violation has occurred. In this case *result will be |
364 | | * non-NULL unless this is an old deleted stream and we should ignore the frame |
365 | | * causing this function to be called. Returns 0 on protocol violation. |
366 | | */ |
367 | | static int depack_do_implicit_stream_create(QUIC_CHANNEL *ch, |
368 | | uint64_t stream_id, |
369 | | uint64_t frame_type, |
370 | | QUIC_STREAM **result) |
371 | 178k | { |
372 | 178k | QUIC_STREAM *stream; |
373 | 178k | uint64_t peer_role, stream_ordinal; |
374 | 178k | uint64_t *p_next_ordinal_local, *p_next_ordinal_remote; |
375 | 178k | QUIC_RXFC *max_streams_fc; |
376 | 178k | int is_uni, is_remote_init; |
377 | | |
378 | 178k | stream = ossl_quic_stream_map_get_by_id(&ch->qsm, stream_id); |
379 | 178k | if (stream != NULL) { |
380 | 162k | *result = stream; |
381 | 162k | return 1; |
382 | 162k | } |
383 | | |
384 | | /* |
385 | | * If we do not yet have a stream with the given ID, there are three |
386 | | * possibilities: |
387 | | * |
388 | | * (a) The stream ID is for a remotely-created stream and the peer |
389 | | * is creating a stream. |
390 | | * |
391 | | * (b) The stream ID is for a locally-created stream which has |
392 | | * previously been deleted. |
393 | | * |
394 | | * (c) The stream ID is for a locally-created stream which does |
395 | | * not exist yet. This is a protocol violation and we must |
396 | | * terminate the connection in this case. |
397 | | * |
398 | | * We distinguish between (b) and (c) using the stream ID allocator |
399 | | * variable. Since stream ordinals are allocated monotonically, we |
400 | | * simply determine if the stream ordinal is in the future. |
401 | | */ |
402 | 16.2k | peer_role = ch->is_server |
403 | 16.2k | ? QUIC_STREAM_INITIATOR_CLIENT |
404 | 16.2k | : QUIC_STREAM_INITIATOR_SERVER; |
405 | | |
406 | 16.2k | is_remote_init = ((stream_id & QUIC_STREAM_INITIATOR_MASK) == peer_role); |
407 | 16.2k | is_uni = ((stream_id & QUIC_STREAM_DIR_MASK) == QUIC_STREAM_DIR_UNI); |
408 | | |
409 | 16.2k | stream_ordinal = stream_id >> 2; |
410 | | |
411 | 16.2k | if (is_remote_init) { |
412 | | /* |
413 | | * Peer-created stream which does not yet exist. Create it. QUIC stream |
414 | | * ordinals within a given stream type MUST be used in sequence and |
415 | | * receiving a STREAM frame for ordinal n must implicitly create streams |
416 | | * with ordinals [0, n) within that stream type even if no explicit |
417 | | * STREAM frames are received for those ordinals. |
418 | | */ |
419 | 15.5k | p_next_ordinal_remote = is_uni |
420 | 15.5k | ? &ch->next_remote_stream_ordinal_uni |
421 | 15.5k | : &ch->next_remote_stream_ordinal_bidi; |
422 | | |
423 | | /* Check this isn't violating stream count flow control. */ |
424 | 15.5k | max_streams_fc = is_uni |
425 | 15.5k | ? &ch->max_streams_uni_rxfc |
426 | 15.5k | : &ch->max_streams_bidi_rxfc; |
427 | | |
428 | 15.5k | if (!ossl_quic_rxfc_on_rx_stream_frame(max_streams_fc, |
429 | 15.5k | stream_ordinal + 1, |
430 | 15.5k | /*is_fin=*/0)) { |
431 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
432 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
433 | 0 | frame_type, |
434 | 0 | "internal error (stream count RXFC)"); |
435 | 0 | return 0; |
436 | 0 | } |
437 | | |
438 | 15.5k | if (ossl_quic_rxfc_get_error(max_streams_fc, 0) != OSSL_QUIC_ERR_NO_ERROR) { |
439 | 106 | ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_STREAM_LIMIT_ERROR, |
440 | 106 | frame_type, |
441 | 106 | "exceeded maximum allowed streams"); |
442 | 106 | return 0; |
443 | 106 | } |
444 | | |
445 | | /* |
446 | | * Create the named stream and any streams coming before it yet to be |
447 | | * created. |
448 | | */ |
449 | 159k | while (*p_next_ordinal_remote <= stream_ordinal) { |
450 | 144k | uint64_t cur_stream_id = (*p_next_ordinal_remote << 2) | (stream_id & (QUIC_STREAM_DIR_MASK | QUIC_STREAM_INITIATOR_MASK)); |
451 | | |
452 | 144k | stream = ossl_quic_channel_new_stream_remote(ch, cur_stream_id); |
453 | 144k | if (stream == NULL) { |
454 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
455 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
456 | 0 | frame_type, |
457 | 0 | "internal error (stream allocation)"); |
458 | 0 | return 0; |
459 | 0 | } |
460 | | |
461 | 144k | ++*p_next_ordinal_remote; |
462 | 144k | } |
463 | | |
464 | 15.4k | *result = stream; |
465 | 15.4k | } else { |
466 | | /* Locally-created stream which does not yet exist. */ |
467 | 678 | p_next_ordinal_local = is_uni |
468 | 678 | ? &ch->next_local_stream_ordinal_uni |
469 | 678 | : &ch->next_local_stream_ordinal_bidi; |
470 | | |
471 | 678 | if (stream_ordinal >= *p_next_ordinal_local) { |
472 | | /* |
473 | | * We never created this stream yet, this is a protocol |
474 | | * violation. |
475 | | */ |
476 | 678 | ossl_quic_channel_raise_protocol_error(ch, |
477 | 678 | OSSL_QUIC_ERR_STREAM_STATE_ERROR, |
478 | 678 | frame_type, |
479 | 678 | "STREAM frame for nonexistent " |
480 | 678 | "stream"); |
481 | 678 | return 0; |
482 | 678 | } |
483 | | |
484 | | /* |
485 | | * Otherwise this is for an old locally-initiated stream which we |
486 | | * have subsequently deleted. Ignore the data; it may simply be a |
487 | | * retransmission. We already take care of notifying the peer of the |
488 | | * termination of the stream during the stream deletion lifecycle. |
489 | | */ |
490 | 0 | *result = NULL; |
491 | 0 | } |
492 | | |
493 | 15.4k | return 1; |
494 | 16.2k | } |
495 | | |
496 | | static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch, |
497 | | OSSL_QRX_PKT *parent_pkt, |
498 | | OSSL_ACKM_RX_PKT *ackm_data, |
499 | | uint64_t frame_type, |
500 | | uint64_t *datalen) |
501 | 67.8k | { |
502 | 67.8k | OSSL_QUIC_FRAME_STREAM frame_data; |
503 | 67.8k | QUIC_STREAM *stream; |
504 | 67.8k | uint64_t fce; |
505 | 67.8k | size_t rs_avail; |
506 | 67.8k | int rs_fin = 0; |
507 | | |
508 | 67.8k | *datalen = 0; |
509 | | |
510 | 67.8k | if (!ossl_quic_wire_decode_frame_stream(pkt, 0, &frame_data)) { |
511 | 382 | ossl_quic_channel_raise_protocol_error(ch, |
512 | 382 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
513 | 382 | frame_type, |
514 | 382 | "decode error"); |
515 | 382 | return 0; |
516 | 382 | } |
517 | | |
518 | 67.4k | if (!depack_do_implicit_stream_create(ch, frame_data.stream_id, |
519 | 67.4k | frame_type, &stream)) |
520 | 328 | return 0; /* protocol error raised by above call */ |
521 | | |
522 | 67.1k | if (stream == NULL) |
523 | | /* |
524 | | * Data for old stream which is not a protocol violation but should be |
525 | | * ignored, so stop here. |
526 | | */ |
527 | 0 | return 1; |
528 | | |
529 | 67.1k | if (!ossl_quic_stream_has_recv(stream)) { |
530 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
531 | 0 | OSSL_QUIC_ERR_STREAM_STATE_ERROR, |
532 | 0 | frame_type, |
533 | 0 | "STREAM frame for TX only " |
534 | 0 | "stream"); |
535 | 0 | return 0; |
536 | 0 | } |
537 | | |
538 | | /* Notify stream flow controller. */ |
539 | 67.1k | if (!ossl_quic_rxfc_on_rx_stream_frame(&stream->rxfc, |
540 | 67.1k | frame_data.offset + frame_data.len, |
541 | 67.1k | frame_data.is_fin)) { |
542 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
543 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
544 | 0 | frame_type, |
545 | 0 | "internal error (flow control)"); |
546 | 0 | return 0; |
547 | 0 | } |
548 | | |
549 | | /* Has a flow control error occurred? */ |
550 | 67.1k | fce = ossl_quic_rxfc_get_error(&stream->rxfc, 0); |
551 | 67.1k | if (fce != OSSL_QUIC_ERR_NO_ERROR) { |
552 | 459 | ossl_quic_channel_raise_protocol_error(ch, |
553 | 459 | fce, |
554 | 459 | frame_type, |
555 | 459 | "flow control violation"); |
556 | 459 | return 0; |
557 | 459 | } |
558 | | |
559 | 66.7k | switch (stream->recv_state) { |
560 | 15.6k | case QUIC_RSTREAM_STATE_RECV: |
561 | 56.4k | case QUIC_RSTREAM_STATE_SIZE_KNOWN: |
562 | | /* |
563 | | * It only makes sense to process incoming STREAM frames in these |
564 | | * states. |
565 | | */ |
566 | 56.4k | break; |
567 | | |
568 | 10.0k | case QUIC_RSTREAM_STATE_DATA_RECVD: |
569 | 10.2k | case QUIC_RSTREAM_STATE_DATA_READ: |
570 | 10.2k | case QUIC_RSTREAM_STATE_RESET_RECVD: |
571 | 10.2k | case QUIC_RSTREAM_STATE_RESET_READ: |
572 | 10.2k | default: |
573 | | /* |
574 | | * We have no use for STREAM frames once the receive part reaches any of |
575 | | * these states, so just ignore. |
576 | | */ |
577 | 10.2k | return 1; |
578 | 66.7k | } |
579 | | |
580 | | /* If we are in RECV, auto-transition to SIZE_KNOWN on FIN. */ |
581 | 56.4k | if (frame_data.is_fin |
582 | 48.3k | && !ossl_quic_stream_recv_get_final_size(stream, NULL)) { |
583 | | |
584 | | /* State was already checked above, so can't fail. */ |
585 | 8.22k | ossl_quic_stream_map_notify_size_known_recv_part(&ch->qsm, stream, |
586 | 8.22k | frame_data.offset |
587 | 8.22k | + frame_data.len); |
588 | 8.22k | } |
589 | | |
590 | | /* |
591 | | * If we requested STOP_SENDING do not bother buffering the data. Note that |
592 | | * this must happen after RXFC checks above as even if we sent STOP_SENDING |
593 | | * we must still enforce correct flow control (RFC 9000 s. 3.5). |
594 | | */ |
595 | 56.4k | if (stream->stop_sending) |
596 | 0 | return 1; /* not an error - packet reordering, etc. */ |
597 | | |
598 | | /* |
599 | | * The receive stream buffer may or may not choose to consume the data |
600 | | * without copying by reffing the OSSL_QRX_PKT. In this case |
601 | | * ossl_qrx_pkt_release() will be eventually called when the data is no |
602 | | * longer needed. |
603 | | * |
604 | | * It is OK for the peer to send us a zero-length non-FIN STREAM frame, |
605 | | * which is a no-op, aside from the fact that it ensures the stream exists. |
606 | | * In this case we have nothing to report to the receive buffer. |
607 | | */ |
608 | 56.4k | if ((frame_data.len > 0 || frame_data.is_fin) |
609 | 55.8k | && !ossl_quic_rstream_queue_data(stream->rstream, parent_pkt, |
610 | 55.8k | frame_data.offset, |
611 | 55.8k | frame_data.data, |
612 | 55.8k | frame_data.len, |
613 | 55.8k | frame_data.is_fin)) { |
614 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
615 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
616 | 0 | frame_type, |
617 | 0 | "internal error (rstream queue)"); |
618 | 0 | return 0; |
619 | 0 | } |
620 | | |
621 | | /* |
622 | | * rs_fin will be 1 only if we can read all data up to and including the FIN |
623 | | * without any gaps before it; this implies we have received all data. Avoid |
624 | | * calling ossl_quic_rstream_available() where it is not necessary as it is |
625 | | * more expensive. |
626 | | */ |
627 | 56.4k | if (stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN |
628 | 48.9k | && !ossl_quic_rstream_available(stream->rstream, &rs_avail, &rs_fin)) { |
629 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
630 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
631 | 0 | frame_type, |
632 | 0 | "internal error (rstream available)"); |
633 | 0 | return 0; |
634 | 0 | } |
635 | | |
636 | 56.4k | if (rs_fin) |
637 | 3.23k | ossl_quic_stream_map_notify_totally_received(&ch->qsm, stream); |
638 | | |
639 | 56.4k | *datalen = frame_data.len; |
640 | | |
641 | 56.4k | return 1; |
642 | 56.4k | } |
643 | | |
644 | | static void update_streams(QUIC_STREAM *s, void *arg) |
645 | 405k | { |
646 | 405k | QUIC_CHANNEL *ch = arg; |
647 | | |
648 | 405k | ossl_quic_stream_map_update_state(&ch->qsm, s); |
649 | 405k | } |
650 | | |
651 | | static void update_streams_bidi(QUIC_STREAM *s, void *arg) |
652 | 60.4k | { |
653 | 60.4k | QUIC_CHANNEL *ch = arg; |
654 | | |
655 | 60.4k | if (!ossl_quic_stream_is_bidi(s)) |
656 | 15.0k | return; |
657 | | |
658 | 45.4k | ossl_quic_stream_map_update_state(&ch->qsm, s); |
659 | 45.4k | } |
660 | | |
661 | | static void update_streams_uni(QUIC_STREAM *s, void *arg) |
662 | 691k | { |
663 | 691k | QUIC_CHANNEL *ch = arg; |
664 | | |
665 | 691k | if (ossl_quic_stream_is_bidi(s)) |
666 | 120k | return; |
667 | | |
668 | 570k | ossl_quic_stream_map_update_state(&ch->qsm, s); |
669 | 570k | } |
670 | | |
671 | | static int depack_do_frame_max_data(PACKET *pkt, QUIC_CHANNEL *ch, |
672 | | OSSL_ACKM_RX_PKT *ackm_data) |
673 | 52.1k | { |
674 | 52.1k | uint64_t max_data = 0; |
675 | | |
676 | 52.1k | if (!ossl_quic_wire_decode_frame_max_data(pkt, &max_data)) { |
677 | 22 | ossl_quic_channel_raise_protocol_error(ch, |
678 | 22 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
679 | 22 | OSSL_QUIC_FRAME_TYPE_MAX_DATA, |
680 | 22 | "decode error"); |
681 | 22 | return 0; |
682 | 22 | } |
683 | | |
684 | 52.0k | ossl_quic_txfc_bump_cwm(&ch->conn_txfc, max_data); |
685 | 52.0k | ossl_quic_stream_map_visit(&ch->qsm, update_streams, ch); |
686 | 52.0k | return 1; |
687 | 52.1k | } |
688 | | |
689 | | static int depack_do_frame_max_stream_data(PACKET *pkt, |
690 | | QUIC_CHANNEL *ch, |
691 | | OSSL_ACKM_RX_PKT *ackm_data) |
692 | 9.80k | { |
693 | 9.80k | uint64_t stream_id = 0; |
694 | 9.80k | uint64_t max_stream_data = 0; |
695 | 9.80k | QUIC_STREAM *stream; |
696 | | |
697 | 9.80k | if (!ossl_quic_wire_decode_frame_max_stream_data(pkt, &stream_id, |
698 | 9.80k | &max_stream_data)) { |
699 | 36 | ossl_quic_channel_raise_protocol_error(ch, |
700 | 36 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
701 | 36 | OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, |
702 | 36 | "decode error"); |
703 | 36 | return 0; |
704 | 36 | } |
705 | | |
706 | 9.77k | if (!depack_do_implicit_stream_create(ch, stream_id, |
707 | 9.77k | OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, |
708 | 9.77k | &stream)) |
709 | 89 | return 0; /* error already raised for us */ |
710 | | |
711 | 9.68k | if (stream == NULL) |
712 | 0 | return 1; /* old deleted stream, not a protocol violation, ignore */ |
713 | | |
714 | 9.68k | if (!ossl_quic_stream_has_send(stream)) { |
715 | 23 | ossl_quic_channel_raise_protocol_error(ch, |
716 | 23 | OSSL_QUIC_ERR_STREAM_STATE_ERROR, |
717 | 23 | OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, |
718 | 23 | "MAX_STREAM_DATA for TX only " |
719 | 23 | "stream"); |
720 | 23 | return 0; |
721 | 23 | } |
722 | | |
723 | 9.65k | ossl_quic_txfc_bump_cwm(&stream->txfc, max_stream_data); |
724 | 9.65k | ossl_quic_stream_map_update_state(&ch->qsm, stream); |
725 | 9.65k | return 1; |
726 | 9.68k | } |
727 | | |
728 | | static int depack_do_frame_max_streams(PACKET *pkt, |
729 | | QUIC_CHANNEL *ch, |
730 | | OSSL_ACKM_RX_PKT *ackm_data, |
731 | | uint64_t frame_type) |
732 | 47.5k | { |
733 | 47.5k | uint64_t max_streams = 0; |
734 | | |
735 | 47.5k | if (!ossl_quic_wire_decode_frame_max_streams(pkt, &max_streams)) { |
736 | 25 | ossl_quic_channel_raise_protocol_error(ch, |
737 | 25 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
738 | 25 | frame_type, |
739 | 25 | "decode error"); |
740 | 25 | return 0; |
741 | 25 | } |
742 | | |
743 | 47.5k | if (max_streams > (((uint64_t)1) << 60)) { |
744 | 68 | ossl_quic_channel_raise_protocol_error(ch, |
745 | 68 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
746 | 68 | frame_type, |
747 | 68 | "invalid max streams value"); |
748 | 68 | return 0; |
749 | 68 | } |
750 | | |
751 | 47.4k | switch (frame_type) { |
752 | 14.7k | case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI: |
753 | 14.7k | if (max_streams > ch->max_local_streams_bidi) |
754 | 583 | ch->max_local_streams_bidi = max_streams; |
755 | | |
756 | | /* Some streams may now be able to send. */ |
757 | 14.7k | ossl_quic_stream_map_visit(&ch->qsm, update_streams_bidi, ch); |
758 | 14.7k | break; |
759 | 32.7k | case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI: |
760 | 32.7k | if (max_streams > ch->max_local_streams_uni) |
761 | 1.02k | ch->max_local_streams_uni = max_streams; |
762 | | |
763 | | /* Some streams may now be able to send. */ |
764 | 32.7k | ossl_quic_stream_map_visit(&ch->qsm, update_streams_uni, ch); |
765 | 32.7k | break; |
766 | 0 | default: |
767 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
768 | 0 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
769 | 0 | frame_type, |
770 | 0 | "decode error"); |
771 | 0 | return 0; |
772 | 47.4k | } |
773 | | |
774 | 47.4k | return 1; |
775 | 47.4k | } |
776 | | |
777 | | static int depack_do_frame_data_blocked(PACKET *pkt, |
778 | | QUIC_CHANNEL *ch, |
779 | | OSSL_ACKM_RX_PKT *ackm_data) |
780 | 12.7k | { |
781 | 12.7k | uint64_t max_data = 0; |
782 | | |
783 | 12.7k | if (!ossl_quic_wire_decode_frame_data_blocked(pkt, &max_data)) { |
784 | 14 | ossl_quic_channel_raise_protocol_error(ch, |
785 | 14 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
786 | 14 | OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED, |
787 | 14 | "decode error"); |
788 | 14 | return 0; |
789 | 14 | } |
790 | | |
791 | | /* No-op - informative/debugging frame. */ |
792 | 12.7k | return 1; |
793 | 12.7k | } |
794 | | |
795 | | static int depack_do_frame_stream_data_blocked(PACKET *pkt, |
796 | | QUIC_CHANNEL *ch, |
797 | | OSSL_ACKM_RX_PKT *ackm_data) |
798 | 4.65k | { |
799 | 4.65k | uint64_t stream_id = 0; |
800 | 4.65k | uint64_t max_data = 0; |
801 | 4.65k | QUIC_STREAM *stream; |
802 | | |
803 | 4.65k | if (!ossl_quic_wire_decode_frame_stream_data_blocked(pkt, &stream_id, |
804 | 4.65k | &max_data)) { |
805 | 37 | ossl_quic_channel_raise_protocol_error(ch, |
806 | 37 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
807 | 37 | OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, |
808 | 37 | "decode error"); |
809 | 37 | return 0; |
810 | 37 | } |
811 | | |
812 | | /* |
813 | | * This is an informative/debugging frame, so we don't have to do anything, |
814 | | * but it does trigger stream creation. |
815 | | */ |
816 | 4.61k | if (!depack_do_implicit_stream_create(ch, stream_id, |
817 | 4.61k | OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, |
818 | 4.61k | &stream)) |
819 | 78 | return 0; /* error already raised for us */ |
820 | | |
821 | 4.53k | if (stream == NULL) |
822 | 0 | return 1; /* old deleted stream, not a protocol violation, ignore */ |
823 | | |
824 | 4.53k | if (!ossl_quic_stream_has_recv(stream)) { |
825 | | /* |
826 | | * RFC 9000 s. 19.14: "An endpoint that receives a STREAM_DATA_BLOCKED |
827 | | * frame for a send-only stream MUST terminate the connection with error |
828 | | * STREAM_STATE_ERROR." |
829 | | */ |
830 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
831 | 0 | OSSL_QUIC_ERR_STREAM_STATE_ERROR, |
832 | 0 | OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, |
833 | 0 | "STREAM_DATA_BLOCKED frame for " |
834 | 0 | "TX only stream"); |
835 | 0 | return 0; |
836 | 0 | } |
837 | | |
838 | | /* No-op - informative/debugging frame. */ |
839 | 4.53k | return 1; |
840 | 4.53k | } |
841 | | |
842 | | static int depack_do_frame_streams_blocked(PACKET *pkt, |
843 | | QUIC_CHANNEL *ch, |
844 | | OSSL_ACKM_RX_PKT *ackm_data, |
845 | | uint64_t frame_type) |
846 | 118k | { |
847 | 118k | uint64_t max_data = 0; |
848 | | |
849 | 118k | if (!ossl_quic_wire_decode_frame_streams_blocked(pkt, &max_data)) { |
850 | 20 | ossl_quic_channel_raise_protocol_error(ch, |
851 | 20 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
852 | 20 | frame_type, |
853 | 20 | "decode error"); |
854 | 20 | return 0; |
855 | 20 | } |
856 | | |
857 | 117k | if (max_data > (((uint64_t)1) << 60)) { |
858 | | /* |
859 | | * RFC 9000 s. 19.14: "This value cannot exceed 2**60, as it is not |
860 | | * possible to encode stream IDs larger than 2**62 - 1. Receipt of a |
861 | | * frame that encodes a larger stream ID MUST be treated as a connection |
862 | | * error of type STREAM_LIMIT_ERROR or FRAME_ENCODING_ERROR." |
863 | | */ |
864 | 137 | ossl_quic_channel_raise_protocol_error(ch, |
865 | 137 | OSSL_QUIC_ERR_STREAM_LIMIT_ERROR, |
866 | 137 | frame_type, |
867 | 137 | "invalid stream count limit"); |
868 | 137 | return 0; |
869 | 137 | } |
870 | | |
871 | | /* No-op - informative/debugging frame. */ |
872 | 117k | return 1; |
873 | 117k | } |
874 | | |
875 | | static int depack_do_frame_new_conn_id(PACKET *pkt, |
876 | | QUIC_CHANNEL *ch, |
877 | | OSSL_ACKM_RX_PKT *ackm_data) |
878 | 18.5k | { |
879 | 18.5k | OSSL_QUIC_FRAME_NEW_CONN_ID frame_data; |
880 | | |
881 | 18.5k | if (!ossl_quic_wire_decode_frame_new_conn_id(pkt, &frame_data)) { |
882 | 761 | ossl_quic_channel_raise_protocol_error(ch, |
883 | 761 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
884 | 761 | OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID, |
885 | 761 | "decode error"); |
886 | 761 | return 0; |
887 | 761 | } |
888 | | |
889 | 17.8k | ossl_quic_channel_on_new_conn_id(ch, &frame_data); |
890 | | |
891 | 17.8k | return 1; |
892 | 18.5k | } |
893 | | |
894 | | static int depack_do_frame_retire_conn_id(PACKET *pkt, |
895 | | QUIC_CHANNEL *ch, |
896 | | OSSL_ACKM_RX_PKT *ackm_data) |
897 | 76 | { |
898 | 76 | uint64_t seq_num; |
899 | | |
900 | 76 | if (!ossl_quic_wire_decode_frame_retire_conn_id(pkt, &seq_num)) { |
901 | 11 | ossl_quic_channel_raise_protocol_error(ch, |
902 | 11 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
903 | 11 | OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, |
904 | 11 | "decode error"); |
905 | 11 | return 0; |
906 | 11 | } |
907 | | |
908 | | /* |
909 | | * RFC 9000 s. 19.16: "An endpoint cannot send this frame if it was provided |
910 | | * with a zero-length connection ID by its peer. An endpoint that provides a |
911 | | * zero-length connection ID MUST treat receipt of a RETIRE_CONNECTION_ID |
912 | | * frame as a connection error of type PROTOCOL_VIOLATION." |
913 | | * |
914 | | * Since we always use a zero-length SCID as a client, there is no case |
915 | | * where it is valid for a server to send this. Our server support is |
916 | | * currently non-conformant and for internal testing use; simply handle it |
917 | | * as a no-op in this case. |
918 | | * |
919 | | * TODO(QUIC FUTURE): Revise and implement correctly for server support. |
920 | | */ |
921 | 65 | if (!ch->is_server) { |
922 | 65 | ossl_quic_channel_raise_protocol_error(ch, |
923 | 65 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
924 | 65 | OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, |
925 | 65 | "conn has zero-length CID"); |
926 | 65 | return 0; |
927 | 65 | } |
928 | | |
929 | 0 | return 1; |
930 | 65 | } |
931 | | |
932 | | static void free_path_response(unsigned char *buf, size_t buf_len, void *arg) |
933 | 261k | { |
934 | 261k | OPENSSL_free(buf); |
935 | 261k | } |
936 | | |
937 | | static int depack_do_frame_path_challenge(PACKET *pkt, |
938 | | QUIC_CHANNEL *ch, |
939 | | OSSL_ACKM_RX_PKT *ackm_data) |
940 | 261k | { |
941 | 261k | uint64_t frame_data = 0; |
942 | 261k | unsigned char *encoded = NULL; |
943 | 261k | size_t encoded_len; |
944 | 261k | WPACKET wpkt; |
945 | | |
946 | 261k | if (!ossl_quic_wire_decode_frame_path_challenge(pkt, &frame_data)) { |
947 | 77 | ossl_quic_channel_raise_protocol_error(ch, |
948 | 77 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
949 | 77 | OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, |
950 | 77 | "decode error"); |
951 | 77 | return 0; |
952 | 77 | } |
953 | | |
954 | | /* |
955 | | * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint MUST |
956 | | * respond by echoing the data contained in the PATH_CHALLENGE frame in a |
957 | | * PATH_RESPONSE frame. |
958 | | * |
959 | | * TODO(QUIC FUTURE): We should try to avoid allocation here in the future. |
960 | | */ |
961 | 261k | encoded_len = sizeof(uint64_t) + 1; |
962 | 261k | if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) |
963 | 0 | goto err; |
964 | | |
965 | 261k | if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) |
966 | 0 | goto err; |
967 | | |
968 | 261k | if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { |
969 | 0 | WPACKET_cleanup(&wpkt); |
970 | 0 | goto err; |
971 | 0 | } |
972 | | |
973 | 261k | WPACKET_finish(&wpkt); |
974 | | |
975 | 261k | if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, |
976 | 261k | OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, |
977 | 261k | QUIC_CFQ_ITEM_FLAG_UNRELIABLE, |
978 | 261k | encoded, encoded_len, |
979 | 261k | free_path_response, NULL)) |
980 | 0 | goto err; |
981 | | |
982 | 261k | return 1; |
983 | | |
984 | 0 | err: |
985 | 0 | OPENSSL_free(encoded); |
986 | 0 | ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_INTERNAL_ERROR, |
987 | 0 | OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, |
988 | 0 | "internal error"); |
989 | 0 | return 0; |
990 | 261k | } |
991 | | |
992 | | static int depack_do_frame_path_response(PACKET *pkt, |
993 | | QUIC_CHANNEL *ch, |
994 | | OSSL_ACKM_RX_PKT *ackm_data) |
995 | 30.4k | { |
996 | 30.4k | uint64_t frame_data = 0; |
997 | | |
998 | 30.4k | if (!ossl_quic_wire_decode_frame_path_response(pkt, &frame_data)) { |
999 | 15 | ossl_quic_channel_raise_protocol_error(ch, |
1000 | 15 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
1001 | 15 | OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, |
1002 | 15 | "decode error"); |
1003 | 15 | return 0; |
1004 | 15 | } |
1005 | | |
1006 | | /* TODO(QUIC MULTIPATH): ADD CODE to send |frame_data| to the ch manager */ |
1007 | | |
1008 | 30.4k | return 1; |
1009 | 30.4k | } |
1010 | | |
1011 | | static int depack_do_frame_conn_close(PACKET *pkt, QUIC_CHANNEL *ch, |
1012 | | uint64_t frame_type) |
1013 | 2.38k | { |
1014 | 2.38k | OSSL_QUIC_FRAME_CONN_CLOSE frame_data; |
1015 | | |
1016 | 2.38k | if (!ossl_quic_wire_decode_frame_conn_close(pkt, &frame_data)) { |
1017 | 406 | ossl_quic_channel_raise_protocol_error(ch, |
1018 | 406 | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
1019 | 406 | frame_type, |
1020 | 406 | "decode error"); |
1021 | 406 | return 0; |
1022 | 406 | } |
1023 | | |
1024 | 1.97k | ossl_quic_channel_on_remote_conn_close(ch, &frame_data); |
1025 | 1.97k | return 1; |
1026 | 2.38k | } |
1027 | | |
1028 | | static int depack_do_frame_handshake_done(PACKET *pkt, |
1029 | | QUIC_CHANNEL *ch, |
1030 | | OSSL_ACKM_RX_PKT *ackm_data) |
1031 | 544k | { |
1032 | 544k | if (!ossl_quic_wire_decode_frame_handshake_done(pkt)) { |
1033 | | /* This can fail only with an internal error. */ |
1034 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
1035 | 0 | OSSL_QUIC_ERR_INTERNAL_ERROR, |
1036 | 0 | OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE, |
1037 | 0 | "internal error (decode frame handshake done)"); |
1038 | 0 | return 0; |
1039 | 0 | } |
1040 | | |
1041 | 544k | ossl_quic_channel_on_handshake_confirmed(ch); |
1042 | 544k | return 1; |
1043 | 544k | } |
1044 | | |
1045 | | /* Main frame processor */ |
1046 | | |
1047 | | static int depack_process_frames(QUIC_CHANNEL *ch, PACKET *pkt, |
1048 | | OSSL_QRX_PKT *parent_pkt, uint32_t enc_level, |
1049 | | OSSL_TIME received, OSSL_ACKM_RX_PKT *ackm_data) |
1050 | 385k | { |
1051 | 385k | uint32_t pkt_type = parent_pkt->hdr->type; |
1052 | 385k | uint32_t packet_space = ossl_quic_enc_level_to_pn_space(enc_level); |
1053 | | |
1054 | 385k | if (PACKET_remaining(pkt) == 0) { |
1055 | | /* |
1056 | | * RFC 9000 s. 12.4: An endpoint MUST treat receipt of a packet |
1057 | | * containing no frames as a connection error of type |
1058 | | * PROTOCOL_VIOLATION. |
1059 | | */ |
1060 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
1061 | 0 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1062 | 0 | 0, |
1063 | 0 | "empty packet payload"); |
1064 | 0 | return 0; |
1065 | 0 | } |
1066 | | |
1067 | 2.93M | while (PACKET_remaining(pkt) > 0) { |
1068 | 2.56M | int was_minimal; |
1069 | 2.56M | uint64_t frame_type; |
1070 | 2.56M | const unsigned char *sof = NULL; |
1071 | 2.56M | uint64_t datalen = 0; |
1072 | | |
1073 | 2.56M | if (ch->msg_callback != NULL) |
1074 | 0 | sof = PACKET_data(pkt); |
1075 | | |
1076 | 2.56M | if (!ossl_quic_wire_peek_frame_header(pkt, &frame_type, &was_minimal)) { |
1077 | 560 | ossl_quic_channel_raise_protocol_error(ch, |
1078 | 560 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1079 | 560 | 0, |
1080 | 560 | "malformed frame header"); |
1081 | 560 | return 0; |
1082 | 560 | } |
1083 | | |
1084 | 2.56M | if (!was_minimal) { |
1085 | 103 | ossl_quic_channel_raise_protocol_error(ch, |
1086 | 103 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1087 | 103 | frame_type, |
1088 | 103 | "non-minimal frame type encoding"); |
1089 | 103 | return 0; |
1090 | 103 | } |
1091 | | |
1092 | | /* |
1093 | | * There are only a few frame types which are not ACK-eliciting. Handle |
1094 | | * these centrally to make error handling cases more resilient, as we |
1095 | | * should tell the ACKM about an ACK-eliciting frame even if it was not |
1096 | | * successfully handled. |
1097 | | */ |
1098 | 2.56M | switch (frame_type) { |
1099 | 323k | case OSSL_QUIC_FRAME_TYPE_PADDING: |
1100 | 421k | case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN: |
1101 | 476k | case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN: |
1102 | 477k | case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT: |
1103 | 478k | case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP: |
1104 | 478k | break; |
1105 | 2.08M | default: |
1106 | 2.08M | ackm_data->is_ack_eliciting = 1; |
1107 | 2.08M | break; |
1108 | 2.56M | } |
1109 | | |
1110 | 2.56M | switch (frame_type) { |
1111 | 1.12M | case OSSL_QUIC_FRAME_TYPE_PING: |
1112 | | /* Allowed in all packet types */ |
1113 | 1.12M | if (!depack_do_frame_ping(pkt, ch, enc_level, ackm_data)) |
1114 | 0 | return 0; |
1115 | 1.12M | break; |
1116 | 1.12M | case OSSL_QUIC_FRAME_TYPE_PADDING: |
1117 | | /* Allowed in all packet types */ |
1118 | 323k | if (!depack_do_frame_padding(pkt)) |
1119 | 0 | return 0; |
1120 | 323k | break; |
1121 | | |
1122 | 323k | case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN: |
1123 | 153k | case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN: |
1124 | | /* ACK frames are valid everywhere except in 0RTT packets */ |
1125 | 153k | if (pkt_type == QUIC_PKT_TYPE_0RTT) { |
1126 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
1127 | 0 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1128 | 0 | frame_type, |
1129 | 0 | "ACK not valid in 0-RTT"); |
1130 | 0 | return 0; |
1131 | 0 | } |
1132 | 153k | if (!depack_do_frame_ack(pkt, ch, packet_space, received, |
1133 | 153k | frame_type, parent_pkt)) |
1134 | 1.31k | return 0; |
1135 | 152k | break; |
1136 | | |
1137 | 152k | case OSSL_QUIC_FRAME_TYPE_RESET_STREAM: |
1138 | | /* RESET_STREAM frames are valid in 0RTT and 1RTT packets */ |
1139 | 5.13k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1140 | 5.13k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1141 | 94 | ossl_quic_channel_raise_protocol_error(ch, |
1142 | 94 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1143 | 94 | frame_type, |
1144 | 94 | "RESET_STREAM not valid in " |
1145 | 94 | "INITIAL/HANDSHAKE"); |
1146 | 94 | return 0; |
1147 | 94 | } |
1148 | 5.03k | if (!depack_do_frame_reset_stream(pkt, ch, ackm_data)) |
1149 | 239 | return 0; |
1150 | 4.80k | break; |
1151 | 51.4k | case OSSL_QUIC_FRAME_TYPE_STOP_SENDING: |
1152 | | /* STOP_SENDING frames are valid in 0RTT and 1RTT packets */ |
1153 | 51.4k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1154 | 51.4k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1155 | 56 | ossl_quic_channel_raise_protocol_error(ch, |
1156 | 56 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1157 | 56 | frame_type, |
1158 | 56 | "STOP_SENDING not valid in " |
1159 | 56 | "INITIAL/HANDSHAKE"); |
1160 | 56 | return 0; |
1161 | 56 | } |
1162 | 51.4k | if (!depack_do_frame_stop_sending(pkt, ch, ackm_data)) |
1163 | 139 | return 0; |
1164 | 51.2k | break; |
1165 | 186k | case OSSL_QUIC_FRAME_TYPE_CRYPTO: |
1166 | | /* CRYPTO frames are valid everywhere except in 0RTT packets */ |
1167 | 186k | if (pkt_type == QUIC_PKT_TYPE_0RTT) { |
1168 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
1169 | 0 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1170 | 0 | frame_type, |
1171 | 0 | "CRYPTO frame not valid in 0-RTT"); |
1172 | 0 | return 0; |
1173 | 0 | } |
1174 | 186k | if (!depack_do_frame_crypto(pkt, ch, parent_pkt, ackm_data, &datalen)) |
1175 | 784 | return 0; |
1176 | 186k | break; |
1177 | 186k | case OSSL_QUIC_FRAME_TYPE_NEW_TOKEN: |
1178 | | /* NEW_TOKEN frames are valid in 1RTT packets */ |
1179 | 2.14k | if (pkt_type != QUIC_PKT_TYPE_1RTT) { |
1180 | 41 | ossl_quic_channel_raise_protocol_error(ch, |
1181 | 41 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1182 | 41 | frame_type, |
1183 | 41 | "NEW_TOKEN valid only in 1-RTT"); |
1184 | 41 | return 0; |
1185 | 41 | } |
1186 | | |
1187 | | /* |
1188 | | * RFC 9000 s. 19.7: "A server MUST treat receipt of a NEW_TOKEN |
1189 | | * frame as a connection error of type PROTOCOL_VIOLATION." |
1190 | | */ |
1191 | 2.10k | if (ch->is_server) { |
1192 | 0 | ossl_quic_channel_raise_protocol_error(ch, |
1193 | 0 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1194 | 0 | frame_type, |
1195 | 0 | "NEW_TOKEN can only be sent by a server"); |
1196 | 0 | return 0; |
1197 | 0 | } |
1198 | | |
1199 | 2.10k | if (!depack_do_frame_new_token(pkt, ch, ackm_data)) |
1200 | 60 | return 0; |
1201 | 2.04k | break; |
1202 | | |
1203 | 3.15k | case OSSL_QUIC_FRAME_TYPE_STREAM: |
1204 | 8.12k | case OSSL_QUIC_FRAME_TYPE_STREAM_FIN: |
1205 | 9.34k | case OSSL_QUIC_FRAME_TYPE_STREAM_LEN: |
1206 | 12.0k | case OSSL_QUIC_FRAME_TYPE_STREAM_LEN_FIN: |
1207 | 12.3k | case OSSL_QUIC_FRAME_TYPE_STREAM_OFF: |
1208 | 20.9k | case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_FIN: |
1209 | 21.2k | case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN: |
1210 | 41.0k | case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN_FIN: |
1211 | | /* STREAM frames are valid in 0RTT and 1RTT packets */ |
1212 | 41.0k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1213 | 41.0k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1214 | 213 | ossl_quic_channel_raise_protocol_error(ch, |
1215 | 213 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1216 | 213 | frame_type, |
1217 | 213 | "STREAM valid only in 0/1-RTT"); |
1218 | 213 | return 0; |
1219 | 213 | } |
1220 | 40.8k | if (!depack_do_frame_stream(pkt, ch, parent_pkt, ackm_data, |
1221 | 40.8k | frame_type, &datalen)) |
1222 | 697 | return 0; |
1223 | 40.1k | break; |
1224 | | |
1225 | 40.1k | case OSSL_QUIC_FRAME_TYPE_MAX_DATA: |
1226 | | /* MAX_DATA frames are valid in 0RTT and 1RTT packets */ |
1227 | 37.3k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1228 | 37.3k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1229 | 40 | ossl_quic_channel_raise_protocol_error(ch, |
1230 | 40 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1231 | 40 | frame_type, |
1232 | 40 | "MAX_DATA valid only in 0/1-RTT"); |
1233 | 40 | return 0; |
1234 | 40 | } |
1235 | 37.2k | if (!depack_do_frame_max_data(pkt, ch, ackm_data)) |
1236 | 17 | return 0; |
1237 | 37.2k | break; |
1238 | 37.2k | case OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA: |
1239 | | /* MAX_STREAM_DATA frames are valid in 0RTT and 1RTT packets */ |
1240 | 5.50k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1241 | 5.50k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1242 | 22 | ossl_quic_channel_raise_protocol_error(ch, |
1243 | 22 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1244 | 22 | frame_type, |
1245 | 22 | "MAX_STREAM_DATA valid only in 0/1-RTT"); |
1246 | 22 | return 0; |
1247 | 22 | } |
1248 | 5.48k | if (!depack_do_frame_max_stream_data(pkt, ch, ackm_data)) |
1249 | 92 | return 0; |
1250 | 5.39k | break; |
1251 | | |
1252 | 7.02k | case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI: |
1253 | 24.0k | case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI: |
1254 | | /* MAX_STREAMS frames are valid in 0RTT and 1RTT packets */ |
1255 | 24.0k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1256 | 24.0k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1257 | 38 | ossl_quic_channel_raise_protocol_error(ch, |
1258 | 38 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1259 | 38 | frame_type, |
1260 | 38 | "MAX_STREAMS valid only in 0/1-RTT"); |
1261 | 38 | return 0; |
1262 | 38 | } |
1263 | 24.0k | if (!depack_do_frame_max_streams(pkt, ch, ackm_data, |
1264 | 24.0k | frame_type)) |
1265 | 54 | return 0; |
1266 | 23.9k | break; |
1267 | | |
1268 | 23.9k | case OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED: |
1269 | | /* DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */ |
1270 | 8.29k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1271 | 8.29k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1272 | 18 | ossl_quic_channel_raise_protocol_error(ch, |
1273 | 18 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1274 | 18 | frame_type, |
1275 | 18 | "DATA_BLOCKED valid only in 0/1-RTT"); |
1276 | 18 | return 0; |
1277 | 18 | } |
1278 | 8.27k | if (!depack_do_frame_data_blocked(pkt, ch, ackm_data)) |
1279 | 9 | return 0; |
1280 | 8.26k | break; |
1281 | 8.26k | case OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED: |
1282 | | /* STREAM_DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */ |
1283 | 2.75k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1284 | 2.75k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1285 | 21 | ossl_quic_channel_raise_protocol_error(ch, |
1286 | 21 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1287 | 21 | frame_type, |
1288 | 21 | "STREAM_DATA_BLOCKED valid only in 0/1-RTT"); |
1289 | 21 | return 0; |
1290 | 21 | } |
1291 | 2.73k | if (!depack_do_frame_stream_data_blocked(pkt, ch, ackm_data)) |
1292 | 71 | return 0; |
1293 | 2.66k | break; |
1294 | | |
1295 | 3.06k | case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI: |
1296 | 74.1k | case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI: |
1297 | | /* STREAMS_BLOCKED frames are valid in 0RTT and 1RTT packets */ |
1298 | 74.1k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1299 | 74.1k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1300 | 34 | ossl_quic_channel_raise_protocol_error(ch, |
1301 | 34 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1302 | 34 | frame_type, |
1303 | 34 | "STREAMS valid only in 0/1-RTT"); |
1304 | 34 | return 0; |
1305 | 34 | } |
1306 | 74.0k | if (!depack_do_frame_streams_blocked(pkt, ch, ackm_data, |
1307 | 74.0k | frame_type)) |
1308 | 105 | return 0; |
1309 | 73.9k | break; |
1310 | | |
1311 | 73.9k | case OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID: |
1312 | | /* NEW_CONN_ID frames are valid in 0RTT and 1RTT packets */ |
1313 | 11.0k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1314 | 11.0k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1315 | 778 | ossl_quic_channel_raise_protocol_error(ch, |
1316 | 778 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1317 | 778 | frame_type, |
1318 | 778 | "NEW_CONN_ID valid only in 0/1-RTT"); |
1319 | 778 | } |
1320 | 11.0k | if (!depack_do_frame_new_conn_id(pkt, ch, ackm_data)) |
1321 | 443 | return 0; |
1322 | 10.6k | break; |
1323 | 10.6k | case OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID: |
1324 | | /* RETIRE_CONN_ID frames are valid in 0RTT and 1RTT packets */ |
1325 | 60 | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1326 | 60 | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1327 | 11 | ossl_quic_channel_raise_protocol_error(ch, |
1328 | 11 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1329 | 11 | frame_type, |
1330 | 11 | "RETIRE_CONN_ID valid only in 0/1-RTT"); |
1331 | 11 | return 0; |
1332 | 11 | } |
1333 | 49 | if (!depack_do_frame_retire_conn_id(pkt, ch, ackm_data)) |
1334 | 49 | return 0; |
1335 | 0 | break; |
1336 | 144k | case OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE: |
1337 | | /* PATH_CHALLENGE frames are valid in 0RTT and 1RTT packets */ |
1338 | 144k | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1339 | 144k | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1340 | 12 | ossl_quic_channel_raise_protocol_error(ch, |
1341 | 12 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1342 | 12 | frame_type, |
1343 | 12 | "PATH_CHALLENGE valid only in 0/1-RTT"); |
1344 | 12 | return 0; |
1345 | 12 | } |
1346 | 144k | if (!depack_do_frame_path_challenge(pkt, ch, ackm_data)) |
1347 | 52 | return 0; |
1348 | | |
1349 | 144k | break; |
1350 | 144k | case OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE: |
1351 | | /* PATH_RESPONSE frames are valid in 1RTT packets */ |
1352 | 17.0k | if (pkt_type != QUIC_PKT_TYPE_1RTT) { |
1353 | 42 | ossl_quic_channel_raise_protocol_error(ch, |
1354 | 42 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1355 | 42 | frame_type, |
1356 | 42 | "PATH_CHALLENGE valid only in 1-RTT"); |
1357 | 42 | return 0; |
1358 | 42 | } |
1359 | 17.0k | if (!depack_do_frame_path_response(pkt, ch, ackm_data)) |
1360 | 10 | return 0; |
1361 | 17.0k | break; |
1362 | | |
1363 | 17.0k | case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP: |
1364 | | /* CONN_CLOSE_APP frames are valid in 0RTT and 1RTT packets */ |
1365 | 544 | if (pkt_type != QUIC_PKT_TYPE_0RTT |
1366 | 544 | && pkt_type != QUIC_PKT_TYPE_1RTT) { |
1367 | 13 | ossl_quic_channel_raise_protocol_error(ch, |
1368 | 13 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1369 | 13 | frame_type, |
1370 | 13 | "CONN_CLOSE (APP) valid only in 0/1-RTT"); |
1371 | 13 | return 0; |
1372 | 13 | } |
1373 | | /* FALLTHRU */ |
1374 | 1.41k | case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT: |
1375 | | /* CONN_CLOSE_TRANSPORT frames are valid in all packets */ |
1376 | 1.41k | if (!depack_do_frame_conn_close(pkt, ch, frame_type)) |
1377 | 240 | return 0; |
1378 | 1.17k | break; |
1379 | | |
1380 | 343k | case OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE: |
1381 | | /* HANDSHAKE_DONE frames are valid in 1RTT packets */ |
1382 | 343k | if (pkt_type != QUIC_PKT_TYPE_1RTT) { |
1383 | 21 | ossl_quic_channel_raise_protocol_error(ch, |
1384 | 21 | OSSL_QUIC_ERR_PROTOCOL_VIOLATION, |
1385 | 21 | frame_type, |
1386 | 21 | "HANDSHAKE_DONE valid only in 1-RTT"); |
1387 | 21 | return 0; |
1388 | 21 | } |
1389 | 343k | if (!depack_do_frame_handshake_done(pkt, ch, ackm_data)) |
1390 | 0 | return 0; |
1391 | 343k | break; |
1392 | | |
1393 | 343k | default: |
1394 | | /* Unknown frame type */ |
1395 | 3.09k | ossl_quic_channel_raise_protocol_error(ch, |
1396 | 3.09k | OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, |
1397 | 3.09k | frame_type, |
1398 | 3.09k | "Unknown frame type received"); |
1399 | 3.09k | return 0; |
1400 | 2.56M | } |
1401 | | |
1402 | 2.55M | if (ch->msg_callback != NULL) { |
1403 | 0 | int ctype = SSL3_RT_QUIC_FRAME_FULL; |
1404 | |
|
1405 | 0 | size_t framelen = PACKET_data(pkt) - sof; |
1406 | |
|
1407 | 0 | if (frame_type == OSSL_QUIC_FRAME_TYPE_PADDING) { |
1408 | 0 | ctype = SSL3_RT_QUIC_FRAME_PADDING; |
1409 | 0 | } else if (OSSL_QUIC_FRAME_TYPE_IS_STREAM(frame_type) |
1410 | 0 | || frame_type == OSSL_QUIC_FRAME_TYPE_CRYPTO) { |
1411 | 0 | ctype = SSL3_RT_QUIC_FRAME_HEADER; |
1412 | 0 | framelen -= (size_t)datalen; |
1413 | 0 | } |
1414 | |
|
1415 | 0 | ch->msg_callback(0, OSSL_QUIC1_VERSION, ctype, sof, framelen, |
1416 | 0 | ch->msg_callback_ssl, ch->msg_callback_arg); |
1417 | 0 | } |
1418 | 2.55M | } |
1419 | | |
1420 | 376k | return 1; |
1421 | 385k | } |
1422 | | |
1423 | | QUIC_NEEDS_LOCK |
1424 | | int ossl_quic_handle_frames(QUIC_CHANNEL *ch, OSSL_QRX_PKT *qpacket) |
1425 | 385k | { |
1426 | 385k | PACKET pkt; |
1427 | 385k | OSSL_ACKM_RX_PKT ackm_data; |
1428 | 385k | uint32_t enc_level; |
1429 | 385k | size_t dgram_len = qpacket->datagram_len; |
1430 | | |
1431 | 385k | if (ch == NULL) |
1432 | 0 | return 0; |
1433 | | |
1434 | 385k | ch->did_crypto_frame = 0; |
1435 | | |
1436 | | /* Initialize |ackm_data| (and reinitialize |ok|)*/ |
1437 | 385k | memset(&ackm_data, 0, sizeof(ackm_data)); |
1438 | | /* |
1439 | | * ASSUMPTION: All packets that aren't special case have a |
1440 | | * packet number. |
1441 | | */ |
1442 | 385k | ackm_data.pkt_num = qpacket->pn; |
1443 | 385k | ackm_data.time = qpacket->time; |
1444 | 385k | enc_level = ossl_quic_pkt_type_to_enc_level(qpacket->hdr->type); |
1445 | 385k | if (enc_level >= QUIC_ENC_LEVEL_NUM) |
1446 | | /* |
1447 | | * Retry and Version Negotiation packets should not be passed to this |
1448 | | * function. |
1449 | | */ |
1450 | 0 | return 0; |
1451 | | |
1452 | 385k | ackm_data.pkt_space = ossl_quic_enc_level_to_pn_space(enc_level); |
1453 | | |
1454 | | /* |
1455 | | * RFC 9000 s. 8.1 |
1456 | | * We can consider the connection to be validated, if we receive a packet |
1457 | | * from the client protected via handshake keys, meaning that the |
1458 | | * amplification limit no longer applies (i.e. we can set it as validated. |
1459 | | * Otherwise, add the size of this packet to the unvalidated credit for |
1460 | | * the connection. |
1461 | | */ |
1462 | 385k | if (enc_level == QUIC_ENC_LEVEL_HANDSHAKE) |
1463 | 22.5k | ossl_quic_tx_packetiser_set_validated(ch->txp); |
1464 | 362k | else |
1465 | 362k | ossl_quic_tx_packetiser_add_unvalidated_credit(ch->txp, dgram_len); |
1466 | | |
1467 | | /* Now that special cases are out of the way, parse frames */ |
1468 | 385k | if (!PACKET_buf_init(&pkt, qpacket->hdr->data, qpacket->hdr->len) |
1469 | 385k | || !depack_process_frames(ch, &pkt, qpacket, |
1470 | 385k | enc_level, |
1471 | 385k | qpacket->time, |
1472 | 385k | &ackm_data)) |
1473 | 8.81k | return 0; |
1474 | | |
1475 | 376k | ossl_ackm_on_rx_packet(ch->ackm, &ackm_data); |
1476 | | |
1477 | 376k | return 1; |
1478 | 385k | } |