1 /* 2 * ngtcp2 3 * 4 * Copyright (c) 2017 ngtcp2 contributors 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining 7 * a copy of this software and associated documentation files (the 8 * "Software"), to deal in the Software without restriction, including 9 * without limitation the rights to use, copy, modify, merge, publish, 10 * distribute, sublicense, and/or sell copies of the Software, and to 11 * permit persons to whom the Software is furnished to do so, subject to 12 * the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be 15 * included in all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 18 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 19 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 20 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 21 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 22 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 23 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 24 */ 25 #ifndef NGTCP2_CONN_H 26 #define NGTCP2_CONN_H 27 28 #ifdef HAVE_CONFIG_H 29 # include <config.h> 30 #endif /* HAVE_CONFIG_H */ 31 32 #include <ngtcp2/ngtcp2.h> 33 34 #include "ngtcp2_mem.h" 35 #include "ngtcp2_crypto.h" 36 #include "ngtcp2_acktr.h" 37 #include "ngtcp2_rtb.h" 38 #include "ngtcp2_strm.h" 39 #include "ngtcp2_idtr.h" 40 #include "ngtcp2_str.h" 41 #include "ngtcp2_pkt.h" 42 #include "ngtcp2_log.h" 43 #include "ngtcp2_pq.h" 44 #include "ngtcp2_cc.h" 45 #include "ngtcp2_bbr.h" 46 #include "ngtcp2_pv.h" 47 #include "ngtcp2_cid.h" 48 #include "ngtcp2_buf.h" 49 #include "ngtcp2_ppe.h" 50 #include "ngtcp2_qlog.h" 51 #include "ngtcp2_rst.h" 52 53 typedef enum { 54 /* Client specific handshake states */ 55 NGTCP2_CS_CLIENT_INITIAL, 56 NGTCP2_CS_CLIENT_WAIT_HANDSHAKE, 57 NGTCP2_CS_CLIENT_TLS_HANDSHAKE_FAILED, 58 /* Server specific handshake states */ 59 NGTCP2_CS_SERVER_INITIAL, 60 NGTCP2_CS_SERVER_WAIT_HANDSHAKE, 61 NGTCP2_CS_SERVER_TLS_HANDSHAKE_FAILED, 62 /* Shared by both client and server */ 63 NGTCP2_CS_POST_HANDSHAKE, 64 NGTCP2_CS_CLOSING, 65 NGTCP2_CS_DRAINING, 66 } ngtcp2_conn_state; 67 68 /* NGTCP2_MAX_STREAMS is the maximum number of streams. */ 69 #define NGTCP2_MAX_STREAMS (1LL << 60) 70 71 /* NGTCP2_MAX_NUM_BUFFED_RX_PKTS is the maximum number of buffered 72 reordered packets. */ 73 #define NGTCP2_MAX_NUM_BUFFED_RX_PKTS 4 74 75 /* NGTCP2_MAX_REORDERED_CRYPTO_DATA is the maximum offset of crypto 76 data which is not continuous. In other words, there is a gap of 77 unreceived data. */ 78 #define NGTCP2_MAX_REORDERED_CRYPTO_DATA 65536 79 80 /* NGTCP2_MAX_RX_INITIAL_CRYPTO_DATA is the maximum offset of received 81 crypto stream in Initial packet. We set this hard limit here 82 because crypto stream is unbounded. */ 83 #define NGTCP2_MAX_RX_INITIAL_CRYPTO_DATA 65536 84 /* NGTCP2_MAX_RX_HANDSHAKE_CRYPTO_DATA is the maximum offset of 85 received crypto stream in Handshake packet. We set this hard limit 86 here because crypto stream is unbounded. */ 87 #define NGTCP2_MAX_RX_HANDSHAKE_CRYPTO_DATA 65536 88 89 /* NGTCP2_MAX_RETRIES is the number of Retry packet which client can 90 accept. */ 91 #define NGTCP2_MAX_RETRIES 3 92 93 /* NGTCP2_MAX_BOUND_DCID_POOL_SIZE is the maximum number of 94 destination connection ID which have been bound to a particular 95 path, but not yet used as primary path and path validation is not 96 performed from the local endpoint. */ 97 #define NGTCP2_MAX_BOUND_DCID_POOL_SIZE 4 98 /* NGTCP2_MAX_DCID_POOL_SIZE is the maximum number of destination 99 connection ID the remote endpoint provides to store. It must be 100 the power of 2. */ 101 #define NGTCP2_MAX_DCID_POOL_SIZE 8 102 /* NGTCP2_MAX_DCID_RETIRED_SIZE is the maximum number of retired DCID 103 kept to catch in-flight packet on retired path. */ 104 #define NGTCP2_MAX_DCID_RETIRED_SIZE 2 105 /* NGTCP2_MAX_SCID_POOL_SIZE is the maximum number of source 106 connection ID the local endpoint provides to the remote endpoint. 107 The chosen value was described in old draft. Now a remote endpoint 108 tells the maximum value. The value can be quite large, and we have 109 to put the sane limit.*/ 110 #define NGTCP2_MAX_SCID_POOL_SIZE 8 111 112 /* NGTCP2_MAX_NON_ACK_TX_PKT is the maximum number of continuous non 113 ACK-eliciting packets. */ 114 #define NGTCP2_MAX_NON_ACK_TX_PKT 3 115 116 /* NGTCP2_ECN_MAX_NUM_VALIDATION_PKTS is the maximum number of ECN marked 117 packets sent in NGTCP2_ECN_STATE_TESTING period. */ 118 #define NGTCP2_ECN_MAX_NUM_VALIDATION_PKTS 10 119 120 /* 121 * ngtcp2_max_frame is defined so that it covers the largest ACK 122 * frame. 123 */ 124 typedef union ngtcp2_max_frame { 125 ngtcp2_frame fr; 126 struct { 127 ngtcp2_ack ack; 128 /* ack includes 1 ngtcp2_ack_blk. */ 129 ngtcp2_ack_blk blks[NGTCP2_MAX_ACK_BLKS - 1]; 130 } ackfr; 131 } ngtcp2_max_frame; 132 133 typedef struct ngtcp2_path_challenge_entry { 134 ngtcp2_path_storage ps; 135 uint8_t data[8]; 136 } ngtcp2_path_challenge_entry; 137 138 void ngtcp2_path_challenge_entry_init(ngtcp2_path_challenge_entry *pcent, 139 const ngtcp2_path *path, 140 const uint8_t *data); 141 142 /* NGTCP2_CONN_FLAG_NONE indicates that no flag is set. */ 143 #define NGTCP2_CONN_FLAG_NONE 0x00 144 /* NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED is set if handshake 145 completed. */ 146 #define NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED 0x01 147 /* NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED is set if connection ID is 148 negotiated. This is only used for client. */ 149 #define NGTCP2_CONN_FLAG_CONN_ID_NEGOTIATED 0x02 150 /* NGTCP2_CONN_FLAG_TRANSPORT_PARAM_RECVED is set if transport 151 parameters are received. */ 152 #define NGTCP2_CONN_FLAG_TRANSPORT_PARAM_RECVED 0x04 153 /* NGTCP2_CONN_FLAG_LOCAL_TRANSPORT_PARAMS_COMMITTED is set when a 154 local transport parameters are applied. */ 155 #define NGTCP2_CONN_FLAG_LOCAL_TRANSPORT_PARAMS_COMMITTED 0x08 156 /* NGTCP2_CONN_FLAG_RECV_RETRY is set when a client receives Retry 157 packet. */ 158 #define NGTCP2_CONN_FLAG_RECV_RETRY 0x10 159 /* NGTCP2_CONN_FLAG_EARLY_DATA_REJECTED is set when 0-RTT packet is 160 rejected by a peer. */ 161 #define NGTCP2_CONN_FLAG_EARLY_DATA_REJECTED 0x20 162 /* NGTCP2_CONN_FLAG_KEEP_ALIVE_CANCELLED is set when the expired 163 keep-alive timer has been cancelled. */ 164 #define NGTCP2_CONN_FLAG_KEEP_ALIVE_CANCELLED 0x40 165 /* NGTCP2_CONN_FLAG_HANDSHAKE_CONFIRMED is set when an endpoint 166 confirmed completion of handshake. */ 167 #define NGTCP2_CONN_FLAG_HANDSHAKE_CONFIRMED 0x80 168 /* NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED_HANDLED is set when the 169 library transitions its state to "post handshake". */ 170 #define NGTCP2_CONN_FLAG_HANDSHAKE_COMPLETED_HANDLED 0x0100 171 /* NGTCP2_CONN_FLAG_HANDSHAKE_EARLY_RETRANSMIT is set when the early 172 handshake retransmission has done when server receives overlapping 173 Initial crypto data. */ 174 #define NGTCP2_CONN_FLAG_HANDSHAKE_EARLY_RETRANSMIT 0x0200 175 /* NGTCP2_CONN_FLAG_CLEAR_FIXED_BIT indicates that the local endpoint 176 sends a QUIC packet without Fixed Bit set if a remote endpoint 177 supports Greasing QUIC Bit extension. */ 178 #define NGTCP2_CONN_FLAG_CLEAR_FIXED_BIT 0x0400 179 /* NGTCP2_CONN_FLAG_KEY_UPDATE_NOT_CONFIRMED is set when key update is 180 not confirmed by the local endpoint. That is, it has not received 181 ACK frame which acknowledges packet which is encrypted with new 182 key. */ 183 #define NGTCP2_CONN_FLAG_KEY_UPDATE_NOT_CONFIRMED 0x0800 184 /* NGTCP2_CONN_FLAG_PPE_PENDING is set when 185 NGTCP2_WRITE_STREAM_FLAG_MORE is used and the intermediate state of 186 ngtcp2_ppe is stored in pkt struct of ngtcp2_conn. */ 187 #define NGTCP2_CONN_FLAG_PPE_PENDING 0x1000 188 /* NGTCP2_CONN_FLAG_RESTART_IDLE_TIMER_ON_WRITE is set when idle timer 189 should be restarted on next write. */ 190 #define NGTCP2_CONN_FLAG_RESTART_IDLE_TIMER_ON_WRITE 0x2000 191 /* NGTCP2_CONN_FLAG_SERVER_ADDR_VERIFIED indicates that server as peer 192 verified client address. This flag is only used by client. */ 193 #define NGTCP2_CONN_FLAG_SERVER_ADDR_VERIFIED 0x4000 194 /* NGTCP2_CONN_FLAG_EARLY_KEY_INSTALLED indicates that an early key is 195 installed. conn->early.ckm cannot be used for this purpose because 196 it might be discarded when a certain condition is met. */ 197 #define NGTCP2_CONN_FLAG_EARLY_KEY_INSTALLED 0x8000 198 199 typedef struct ngtcp2_crypto_data { 200 ngtcp2_buf buf; 201 /* pkt_type is the type of packet to send data in buf. If it is 0, 202 it must be sent in Short packet. Otherwise, it is sent the long 203 packet type denoted by pkt_type. */ 204 uint8_t pkt_type; 205 } ngtcp2_crypto_data; 206 207 typedef struct ngtcp2_pktns { 208 struct { 209 /* last_pkt_num is the packet number which the local endpoint sent 210 last time.*/ 211 int64_t last_pkt_num; 212 ngtcp2_frame_chain *frq; 213 /* num_non_ack_pkt is the number of continuous non ACK-eliciting 214 packets. */ 215 size_t num_non_ack_pkt; 216 217 struct { 218 /* ect0 is the number of QUIC packets, not UDP datagram, which 219 are sent in UDP datagram with ECT0 marking. */ 220 size_t ect0; 221 /* start_pkt_num is the lowest packet number that are sent 222 during ECN validation period. */ 223 int64_t start_pkt_num; 224 /* validation_pkt_sent is the number of QUIC packets sent during 225 validation period. */ 226 size_t validation_pkt_sent; 227 /* validation_pkt_lost is the number of QUIC packets lost during 228 validation period. */ 229 size_t validation_pkt_lost; 230 } ecn; 231 } tx; 232 233 struct { 234 /* pngap tracks received packet number in order to suppress 235 duplicated packet number. */ 236 ngtcp2_gaptr pngap; 237 /* max_pkt_num is the largest packet number received so far. */ 238 int64_t max_pkt_num; 239 /* max_pkt_ts is the timestamp when max_pkt_num packet is 240 received. */ 241 ngtcp2_tstamp max_pkt_ts; 242 /* max_ack_eliciting_pkt_num is the largest ack-eliciting packet 243 number received so far. */ 244 int64_t max_ack_eliciting_pkt_num; 245 /* 246 * buffed_pkts is buffered packets which cannot be decrypted with 247 * the current encryption level. 248 * 249 * In server Initial encryption level, 0-RTT packet may be buffered. 250 * In server Handshake encryption level, Short packet may be buffered. 251 * 252 * In client Initial encryption level, Handshake or Short packet may 253 * be buffered. In client Handshake encryption level, Short packet 254 * may be buffered. 255 * 256 * - 0-RTT packet is only buffered in server Initial encryption 257 * level ngtcp2_pktns. 258 * 259 * - Handshake packet is only buffered in client Handshake 260 * encryption level ngtcp2_pktns. 261 * 262 * - Short packet is only buffered in Short encryption level 263 * ngtcp2_pktns. 264 */ 265 ngtcp2_pkt_chain *buffed_pkts; 266 267 struct { 268 /* ect0, ect1, and ce are the number of QUIC packets received 269 with those markings. */ 270 size_t ect0; 271 size_t ect1; 272 size_t ce; 273 struct { 274 /* ect0, ect1, ce are the ECN counts received in the latest 275 ACK frame. */ 276 uint64_t ect0; 277 uint64_t ect1; 278 uint64_t ce; 279 } ack; 280 } ecn; 281 } rx; 282 283 struct { 284 struct { 285 /* frq contains crypto data sorted by their offset. */ 286 ngtcp2_ksl frq; 287 /* offset is the offset of crypto stream in this packet number 288 space. */ 289 uint64_t offset; 290 /* ckm is a cryptographic key, and iv to encrypt outgoing 291 packets. */ 292 ngtcp2_crypto_km *ckm; 293 /* hp_ctx is cipher context for packet header protection. */ 294 ngtcp2_crypto_cipher_ctx hp_ctx; 295 /* data is the submitted crypto data. */ 296 ngtcp2_buf_chain *data; 297 } tx; 298 299 struct { 300 /* ckm is a cryptographic key, and iv to decrypt incoming 301 packets. */ 302 ngtcp2_crypto_km *ckm; 303 /* hp_ctx is cipher context for packet header protection. */ 304 ngtcp2_crypto_cipher_ctx hp_ctx; 305 } rx; 306 307 ngtcp2_strm strm; 308 ngtcp2_crypto_ctx ctx; 309 } crypto; 310 311 ngtcp2_acktr acktr; 312 ngtcp2_rtb rtb; 313 } ngtcp2_pktns; 314 315 typedef enum ngtcp2_ecn_state { 316 NGTCP2_ECN_STATE_TESTING, 317 NGTCP2_ECN_STATE_UNKNOWN, 318 NGTCP2_ECN_STATE_FAILED, 319 NGTCP2_ECN_STATE_CAPABLE, 320 } ngtcp2_ecn_state; 321 322 struct ngtcp2_conn { 323 ngtcp2_conn_state state; 324 ngtcp2_callbacks callbacks; 325 /* rcid is a connection ID present in Initial or 0-RTT packet from 326 client as destination connection ID. Server uses this field to 327 check that duplicated Initial or 0-RTT packet are indeed sent to 328 this connection. Client uses this field to validate 329 original_destination_connection_id transport parameter. */ 330 ngtcp2_cid rcid; 331 /* oscid is the source connection ID initially used by the local 332 endpoint. */ 333 ngtcp2_cid oscid; 334 /* retry_scid is the source connection ID from Retry packet. Client 335 records it in order to verify retry_source_connection_id 336 transport parameter. Server does not use this field. */ 337 ngtcp2_cid retry_scid; 338 ngtcp2_pktns *in_pktns; 339 ngtcp2_pktns *hs_pktns; 340 ngtcp2_pktns pktns; 341 342 struct { 343 /* current is the current destination connection ID. */ 344 ngtcp2_dcid current; 345 /* bound is a set of destination connection IDs which are bound to 346 particular paths. These paths are not validated yet. */ 347 ngtcp2_ringbuf bound; 348 /* unused is a set of unused CID received from peer. */ 349 ngtcp2_ringbuf unused; 350 /* retired is a set of CID retired by local endpoint. Keep them 351 in 3*PTO to catch packets in flight along the old path. */ 352 ngtcp2_ringbuf retired; 353 /* seqgap tracks received sequence numbers in order to ignore 354 retransmitted duplicated NEW_CONNECTION_ID frame. */ 355 ngtcp2_gaptr seqgap; 356 /* retire_prior_to is the largest retire_prior_to received so 357 far. */ 358 uint64_t retire_prior_to; 359 /* num_retire_queued is the number of RETIRE_CONNECTION_ID frames 360 queued for transmission. */ 361 size_t num_retire_queued; 362 /* zerolen_seq is a pseudo sequence number of zero-length 363 Destination Connection ID in order to distinguish between 364 them. */ 365 uint64_t zerolen_seq; 366 } dcid; 367 368 struct { 369 /* set is a set of CID sent to peer. The peer can use any CIDs in 370 this set. This includes used CID as well as unused ones. */ 371 ngtcp2_ksl set; 372 /* used is a set of CID used by peer. The sort function of this 373 priority queue takes timestamp when CID is retired and sorts 374 them in ascending order. */ 375 ngtcp2_pq used; 376 /* last_seq is the last sequence number of connection ID. */ 377 uint64_t last_seq; 378 /* num_retired is the number of retired Connection ID still 379 included in set. */ 380 size_t num_retired; 381 } scid; 382 383 struct { 384 /* strmq contains ngtcp2_strm which has frames to send. */ 385 ngtcp2_pq strmq; 386 /* ack is ACK frame. The underlying buffer is reused. */ 387 ngtcp2_frame *ack; 388 /* max_ack_blks is the number of additional ngtcp2_ack_blk which 389 ack can contain. */ 390 size_t max_ack_blks; 391 /* offset is the offset the local endpoint has sent to the remote 392 endpoint. */ 393 uint64_t offset; 394 /* max_offset is the maximum offset that local endpoint can 395 send. */ 396 uint64_t max_offset; 397 /* last_max_data_ts is the timestamp when last MAX_DATA frame is 398 sent. */ 399 ngtcp2_tstamp last_max_data_ts; 400 401 struct { 402 /* state is the state of ECN validation */ 403 ngtcp2_ecn_state state; 404 /* validation_start_ts is the timestamp when ECN validation is 405 started. It is UINT64_MAX if it has not started yet. */ 406 ngtcp2_tstamp validation_start_ts; 407 /* dgram_sent is the number of UDP datagram sent during ECN 408 validation period. */ 409 size_t dgram_sent; 410 } ecn; 411 412 struct { 413 /* pktlen is the number of bytes written before calling 414 ngtcp2_conn_update_pkt_tx_time which resets this field to 415 0. */ 416 size_t pktlen; 417 /* next_ts is the time to send next packet. It is UINT64_MAX if 418 packet pacing is disabled or expired.*/ 419 ngtcp2_tstamp next_ts; 420 } pacing; 421 } tx; 422 423 struct { 424 /* unsent_max_offset is the maximum offset that remote endpoint 425 can send without extending MAX_DATA. This limit is not yet 426 notified to the remote endpoint. */ 427 uint64_t unsent_max_offset; 428 /* offset is the cumulative sum of stream data received for this 429 connection. */ 430 uint64_t offset; 431 /* max_offset is the maximum offset that remote endpoint can 432 send. */ 433 uint64_t max_offset; 434 /* window is the connection-level flow control window size. */ 435 uint64_t window; 436 /* path_challenge stores received PATH_CHALLENGE data. */ 437 ngtcp2_ringbuf path_challenge; 438 /* ccec is the received connection close error code. */ 439 ngtcp2_connection_close_error_code ccec; 440 } rx; 441 442 struct { 443 ngtcp2_crypto_km *ckm; 444 ngtcp2_crypto_cipher_ctx hp_ctx; 445 ngtcp2_crypto_ctx ctx; 446 /* discard_started_ts is the timestamp when the timer to discard 447 early key has started. Used by server only. */ 448 ngtcp2_tstamp discard_started_ts; 449 /* transport_params is the values remembered by client from the 450 previous session. These are set by 451 ngtcp2_conn_set_early_remote_transport_params(). Server does 452 not use this field. Server must not set values for these 453 parameters that are smaller than the remembered values. */ 454 struct { 455 uint64_t initial_max_streams_bidi; 456 uint64_t initial_max_streams_uni; 457 uint64_t initial_max_stream_data_bidi_local; 458 uint64_t initial_max_stream_data_bidi_remote; 459 uint64_t initial_max_stream_data_uni; 460 uint64_t initial_max_data; 461 uint64_t active_connection_id_limit; 462 uint64_t max_datagram_frame_size; 463 } transport_params; 464 } early; 465 466 struct { 467 ngtcp2_settings settings; 468 /* transport_params is the local transport parameters. It is used 469 for Short packet only. */ 470 ngtcp2_transport_params transport_params; 471 struct { 472 /* max_streams is the maximum number of bidirectional streams which 473 the local endpoint can open. */ 474 uint64_t max_streams; 475 /* next_stream_id is the bidirectional stream ID which the local 476 endpoint opens next. */ 477 int64_t next_stream_id; 478 } bidi; 479 480 struct { 481 /* max_streams is the maximum number of unidirectional streams 482 which the local endpoint can open. */ 483 uint64_t max_streams; 484 /* next_stream_id is the unidirectional stream ID which the 485 local endpoint opens next. */ 486 int64_t next_stream_id; 487 } uni; 488 } local; 489 490 struct { 491 /* transport_params is the received transport parameters during 492 handshake. It is used for Short packet only. */ 493 ngtcp2_transport_params transport_params; 494 /* pending_transport_params is received transport parameters 495 during handshake. It is copied to transport_params when 1RTT 496 key is available. */ 497 ngtcp2_transport_params pending_transport_params; 498 struct { 499 ngtcp2_idtr idtr; 500 /* unsent_max_streams is the maximum number of streams of peer 501 initiated bidirectional stream which the local endpoint can 502 accept. This limit is not yet notified to the remote 503 endpoint. */ 504 uint64_t unsent_max_streams; 505 /* max_streams is the maximum number of streams of peer 506 initiated bidirectional stream which the local endpoint can 507 accept. */ 508 uint64_t max_streams; 509 } bidi; 510 511 struct { 512 ngtcp2_idtr idtr; 513 /* unsent_max_streams is the maximum number of streams of peer 514 initiated unidirectional stream which the local endpoint can 515 accept. This limit is not yet notified to the remote 516 endpoint. */ 517 uint64_t unsent_max_streams; 518 /* max_streams is the maximum number of streams of peer 519 initiated unidirectional stream which the local endpoint can 520 accept. */ 521 uint64_t max_streams; 522 } uni; 523 } remote; 524 525 struct { 526 struct { 527 /* new_tx_ckm is a new sender 1RTT key which has not been 528 used. */ 529 ngtcp2_crypto_km *new_tx_ckm; 530 /* new_rx_ckm is a new receiver 1RTT key which has not 531 successfully decrypted incoming packet yet. */ 532 ngtcp2_crypto_km *new_rx_ckm; 533 /* old_rx_ckm is an old receiver 1RTT key. */ 534 ngtcp2_crypto_km *old_rx_ckm; 535 /* confirmed_ts is the time instant when the key update is 536 confirmed by the local endpoint last time. UINT64_MAX means 537 undefined value. */ 538 ngtcp2_tstamp confirmed_ts; 539 } key_update; 540 541 /* tls_native_handle is a native handle to TLS session object. */ 542 void *tls_native_handle; 543 /* decrypt_hp_buf is a buffer which is used to write unprotected 544 packet header. */ 545 ngtcp2_vec decrypt_hp_buf; 546 /* decrypt_buf is a buffer which is used to write decrypted data. */ 547 ngtcp2_vec decrypt_buf; 548 /* retry_aead is AEAD to verify Retry packet integrity. It is 549 used by client only. */ 550 ngtcp2_crypto_aead retry_aead; 551 /* retry_aead_ctx is AEAD cipher context to verify Retry packet 552 integrity. It is used by client only. */ 553 ngtcp2_crypto_aead_ctx retry_aead_ctx; 554 /* tls_error is TLS related error. */ 555 int tls_error; 556 /* decryption_failure_count is the number of received packets that 557 fail authentication. */ 558 uint64_t decryption_failure_count; 559 } crypto; 560 561 /* pkt contains the packet intermediate construction data to support 562 NGTCP2_WRITE_STREAM_FLAG_MORE */ 563 struct { 564 ngtcp2_crypto_cc cc; 565 ngtcp2_pkt_hd hd; 566 ngtcp2_ppe ppe; 567 ngtcp2_frame_chain **pfrc; 568 int pkt_empty; 569 int hd_logged; 570 uint8_t rtb_entry_flags; 571 ngtcp2_ssize hs_spktlen; 572 int require_padding; 573 } pkt; 574 575 struct { 576 /* last_ts is a timestamp when a last packet is sent or received 577 on a current path. */ 578 ngtcp2_tstamp last_ts; 579 /* timeout is keep-alive timeout. When it expires, a packet 580 should be sent to a current path to keep connection alive. It 581 might be used to keep NAT binding intact. If 0 is set, 582 keep-alive timer is disabled. */ 583 ngtcp2_duration timeout; 584 } keep_alive; 585 586 ngtcp2_map strms; 587 ngtcp2_conn_stat cstat; 588 ngtcp2_pv *pv; 589 ngtcp2_log log; 590 ngtcp2_qlog qlog; 591 ngtcp2_rst rst; 592 ngtcp2_cc_algo cc_algo; 593 ngtcp2_cc cc; 594 const ngtcp2_mem *mem; 595 /* idle_ts is the time instant when idle timer started. */ 596 ngtcp2_tstamp idle_ts; 597 void *user_data; 598 uint32_t version; 599 /* flags is bitwise OR of zero or more of NGTCP2_CONN_FLAG_*. */ 600 uint16_t flags; 601 int server; 602 }; 603 604 typedef enum ngtcp2_vmsg_type { 605 NGTCP2_VMSG_TYPE_STREAM, 606 NGTCP2_VMSG_TYPE_DATAGRAM, 607 } ngtcp2_vmsg_type; 608 609 typedef struct ngtcp2_vmsg_stream { 610 /* strm is a stream that data is sent to. */ 611 ngtcp2_strm *strm; 612 /* flags is bitwise OR of zero or more of 613 NGTCP2_WRITE_STREAM_FLAG_*. */ 614 uint32_t flags; 615 /* data is the pointer to ngtcp2_vec array which contains the stream 616 data to send. */ 617 const ngtcp2_vec *data; 618 /* datacnt is the number of ngtcp2_vec pointed by data. */ 619 size_t datacnt; 620 /* pdatalen is the pointer to the variable which the number of bytes 621 written is assigned to if pdatalen is not NULL. */ 622 ngtcp2_ssize *pdatalen; 623 } ngtcp2_vmsg_stream; 624 625 typedef struct ngtcp2_vmsg_datagram { 626 /* data is the pointer to ngtcp2_vec array which contains the data 627 to send. */ 628 const ngtcp2_vec *data; 629 /* datacnt is the number of ngtcp2_vec pointed by data. */ 630 size_t datacnt; 631 /* dgram_id is an opaque identifier chosen by an application. */ 632 uint64_t dgram_id; 633 /* flags is bitwise OR of zero or more of 634 NGTCP2_WRITE_DATAGRAM_FLAG_*. */ 635 uint32_t flags; 636 /* paccepted is the pointer to the variable which, if it is not 637 NULL, is assigned nonzero if data is written to a packet. */ 638 int *paccepted; 639 } ngtcp2_vmsg_datagram; 640 641 typedef struct ngtcp2_vmsg { 642 ngtcp2_vmsg_type type; 643 union { 644 ngtcp2_vmsg_stream stream; 645 ngtcp2_vmsg_datagram datagram; 646 }; 647 } ngtcp2_vmsg; 648 649 /* 650 * ngtcp2_conn_sched_ack stores packet number |pkt_num| and its 651 * reception timestamp |ts| in order to send its ACK. 652 * 653 * It returns 0 if it succeeds, or one of the following negative error 654 * codes: 655 * 656 * NGTCP2_ERR_NOMEM 657 * Out of memory 658 * NGTCP2_ERR_PROTO 659 * Same packet number has already been added. 660 */ 661 int ngtcp2_conn_sched_ack(ngtcp2_conn *conn, ngtcp2_acktr *acktr, 662 int64_t pkt_num, int active_ack, ngtcp2_tstamp ts); 663 664 /* 665 * ngtcp2_conn_find_stream returns a stream whose stream ID is 666 * |stream_id|. If no such stream is found, it returns NULL. 667 */ 668 ngtcp2_strm *ngtcp2_conn_find_stream(ngtcp2_conn *conn, int64_t stream_id); 669 670 /* 671 * conn_init_stream initializes |strm|. Its stream ID is |stream_id|. 672 * This function adds |strm| to conn->strms. |strm| must be allocated 673 * by the caller. 674 * 675 * This function returns 0 if it succeeds, or one of the following 676 * negative error codes: 677 * 678 * NGTCP2_ERR_NOMEM 679 * Out of memory 680 * NGTCP2_ERR_CALLBACK_FAILURE 681 * User-callback function failed. 682 */ 683 int ngtcp2_conn_init_stream(ngtcp2_conn *conn, ngtcp2_strm *strm, 684 int64_t stream_id, void *stream_user_data); 685 686 /* 687 * ngtcp2_conn_close_stream closes stream |strm|. 688 * 689 * This function returns 0 if it succeeds, or one of the following 690 * negative error codes: 691 * 692 * NGTCP2_ERR_INVALID_ARGUMENT 693 * Stream is not found. 694 * NGTCP2_ERR_CALLBACK_FAILURE 695 * User-defined callback function failed. 696 */ 697 int ngtcp2_conn_close_stream(ngtcp2_conn *conn, ngtcp2_strm *strm); 698 699 /* 700 * ngtcp2_conn_close_stream closes stream |strm| if no further 701 * transmission and reception are allowed, and all reordered incoming 702 * data are emitted to the application, and the transmitted data are 703 * acked. 704 * 705 * This function returns 0 if it succeeds, or one of the following 706 * negative error codes: 707 * 708 * NGTCP2_ERR_INVALID_ARGUMENT 709 * Stream is not found. 710 * NGTCP2_ERR_CALLBACK_FAILURE 711 * User-defined callback function failed. 712 */ 713 int ngtcp2_conn_close_stream_if_shut_rdwr(ngtcp2_conn *conn, ngtcp2_strm *strm); 714 715 /* 716 * ngtcp2_conn_update_rtt updates RTT measurements. |rtt| is a latest 717 * RTT which is not adjusted by ack delay. |ack_delay| is unscaled 718 * ack_delay included in ACK frame. |ack_delay| is actually tainted 719 * (sent by peer), so don't assume that |ack_delay| is always smaller 720 * than, or equals to |rtt|. 721 */ 722 void ngtcp2_conn_update_rtt(ngtcp2_conn *conn, ngtcp2_duration rtt, 723 ngtcp2_duration ack_delay, ngtcp2_tstamp ts); 724 725 void ngtcp2_conn_set_loss_detection_timer(ngtcp2_conn *conn, ngtcp2_tstamp ts); 726 727 /* 728 * ngtcp2_conn_detect_lost_pkt detects lost packets. 729 * 730 * This function returns 0 if it succeeds, or one of the following 731 * negative error codes: 732 * 733 * NGTCP2_ERR_NOMEM 734 * Out of memory. 735 */ 736 int ngtcp2_conn_detect_lost_pkt(ngtcp2_conn *conn, ngtcp2_pktns *pktns, 737 ngtcp2_conn_stat *cstat, ngtcp2_tstamp ts); 738 739 /* 740 * ngtcp2_conn_tx_strmq_top returns the ngtcp2_strm which sits on the 741 * top of queue. tx_strmq must not be empty. 742 */ 743 ngtcp2_strm *ngtcp2_conn_tx_strmq_top(ngtcp2_conn *conn); 744 745 /* 746 * ngtcp2_conn_tx_strmq_pop pops the ngtcp2_strm from the queue. 747 * tx_strmq must not be empty. 748 */ 749 void ngtcp2_conn_tx_strmq_pop(ngtcp2_conn *conn); 750 751 /* 752 * ngtcp2_conn_tx_strmq_push pushes |strm| into tx_strmq. 753 * 754 * This function returns 0 if it succeeds, or one of the following 755 * negative error codes: 756 * 757 * NGTCP2_ERR_NOMEM 758 * Out of memory. 759 */ 760 int ngtcp2_conn_tx_strmq_push(ngtcp2_conn *conn, ngtcp2_strm *strm); 761 762 /* 763 * ngtcp2_conn_internal_expiry returns the minimum expiry time among 764 * all timers in |conn|. 765 */ 766 ngtcp2_tstamp ngtcp2_conn_internal_expiry(ngtcp2_conn *conn); 767 768 ngtcp2_ssize ngtcp2_conn_write_vmsg(ngtcp2_conn *conn, ngtcp2_path *path, 769 int pkt_info_version, ngtcp2_pkt_info *pi, 770 uint8_t *dest, size_t destlen, 771 ngtcp2_vmsg *vmsg, ngtcp2_tstamp ts); 772 773 /* 774 * ngtcp2_conn_write_single_frame_pkt writes a packet which contains |fr| 775 * frame only in the buffer pointed by |dest| whose length if 776 * |destlen|. |type| is a long packet type to send. If |type| is 0, 777 * Short packet is used. |dcid| is used as a destination connection 778 * ID. 779 * 780 * The packet written by this function will not be retransmitted. 781 * 782 * This function returns the number of bytes written in |dest| if it 783 * succeeds, or one of the following negative error codes: 784 * 785 * NGTCP2_ERR_CALLBACK_FAILURE 786 * User-defined callback function failed. 787 */ 788 ngtcp2_ssize ngtcp2_conn_write_single_frame_pkt( 789 ngtcp2_conn *conn, ngtcp2_pkt_info *pi, uint8_t *dest, size_t destlen, 790 uint8_t type, const ngtcp2_cid *dcid, ngtcp2_frame *fr, uint8_t rtb_flags, 791 const ngtcp2_path *path, ngtcp2_tstamp ts); 792 793 /* 794 * ngtcp2_conn_commit_local_transport_params commits the local 795 * transport parameters, which is currently set to 796 * conn->local.settings.transport_params. This function will do some 797 * amends on transport parameters for adjusting default values. 798 * 799 * This function returns 0 if it succeeds, or one of the following 800 * negative error codes: 801 * 802 * NGTCP2_ERR_NOMEM 803 * Out of memory. 804 * NGTCP2_ERR_INVALID_ARGUMENT 805 * CID in preferred address equals to the original SCID. 806 */ 807 int ngtcp2_conn_commit_local_transport_params(ngtcp2_conn *conn); 808 809 /* 810 * ngtcp2_conn_lost_pkt_expiry returns the earliest expiry time of 811 * lost packet. 812 */ 813 ngtcp2_tstamp ngtcp2_conn_lost_pkt_expiry(ngtcp2_conn *conn); 814 815 /* 816 * ngtcp2_conn_remove_lost_pkt removes the expired lost packet. 817 */ 818 void ngtcp2_conn_remove_lost_pkt(ngtcp2_conn *conn, ngtcp2_tstamp ts); 819 820 /* 821 * ngtcp2_conn_resched_frames reschedules frames linked from |*pfrc| 822 * for retransmission. 823 * 824 * This function returns 0 if it succeeds, or one of the following 825 * negative error codes: 826 * 827 * NGTCP2_ERR_NOMEM 828 * Out of memory. 829 */ 830 int ngtcp2_conn_resched_frames(ngtcp2_conn *conn, ngtcp2_pktns *pktns, 831 ngtcp2_frame_chain **pfrc); 832 833 uint64_t ngtcp2_conn_tx_strmq_first_cycle(ngtcp2_conn *conn); 834 835 /** 836 * @function 837 * 838 * `ngtcp2_conn_ack_delay_expiry` returns the expiry time point of 839 * delayed protected ACK. One should call 840 * `ngtcp2_conn_cancel_expired_ack_delay_timer` and 841 * `ngtcp2_conn_write_pkt` (or `ngtcp2_conn_writev_stream`) when it 842 * expires. It returns UINT64_MAX if there is no expiry. 843 */ 844 ngtcp2_tstamp ngtcp2_conn_ack_delay_expiry(ngtcp2_conn *conn); 845 846 /** 847 * @function 848 * 849 * `ngtcp2_conn_cancel_expired_ack_delay_timer` stops expired ACK 850 * delay timer. |ts| is the current time. This function must be 851 * called when `ngtcp2_conn_ack_delay_expiry` <= ts. 852 */ 853 void ngtcp2_conn_cancel_expired_ack_delay_timer(ngtcp2_conn *conn, 854 ngtcp2_tstamp ts); 855 856 /** 857 * @function 858 * 859 * `ngtcp2_conn_loss_detection_expiry` returns the expiry time point 860 * of loss detection timer. One should call 861 * `ngtcp2_conn_on_loss_detection_timer` and `ngtcp2_conn_write_pkt` 862 * (or `ngtcp2_conn_writev_stream`) when it expires. It returns 863 * UINT64_MAX if loss detection timer is not armed. 864 */ 865 ngtcp2_tstamp ngtcp2_conn_loss_detection_expiry(ngtcp2_conn *conn); 866 867 ngtcp2_duration ngtcp2_conn_compute_pto(ngtcp2_conn *conn, ngtcp2_pktns *pktns); 868 869 #endif /* NGTCP2_CONN_H */ 870