From: Frédéric Lécaille Date: Mon, 27 Nov 2023 15:56:50 +0000 (+0100) Subject: REORG: quic: Move qc_handle_conn_migration() to quic_conn.c X-Git-Tag: v2.9-dev12~60 X-Git-Url: http://git.haproxy.org/?a=commitdiff_plain;h=3482455ddd732a7ed597c50191058c45eac41014;p=haproxy-3.0.git REORG: quic: Move qc_handle_conn_migration() to quic_conn.c This function manipulates only quic_conn objects. Its location is definitively in quic_conn.c. --- diff --git a/include/haproxy/quic_conn.h b/include/haproxy/quic_conn.h index 3ef4feb..73d1789 100644 --- a/include/haproxy/quic_conn.h +++ b/include/haproxy/quic_conn.h @@ -181,6 +181,9 @@ int quic_dgram_parse(struct quic_dgram *dgram, struct quic_conn *qc, int qc_set_tid_affinity(struct quic_conn *qc, uint new_tid, struct listener *new_li); void qc_finalize_affinity_rebind(struct quic_conn *qc); +int qc_handle_conn_migration(struct quic_conn *qc, + const struct sockaddr_storage *peer_addr, + const struct sockaddr_storage *local_addr); /* Function pointer that can be used to compute a hash from first generated CID (derived from ODCID) */ extern uint64_t (*quic_hash64_from_cid)(const unsigned char *cid, int size, const unsigned char *secret, size_t secretlen); diff --git a/src/quic_conn.c b/src/quic_conn.c index 14d9c9a..4d599fa 100644 --- a/src/quic_conn.c +++ b/src/quic_conn.c @@ -1181,6 +1181,74 @@ struct quic_conn *qc_new_conn(const struct quic_version *qv, int ipv4, return NULL; } +/* React to a connection migration initiated on by a client with the new + * path addresses /. + * + * Returns 0 on success else non-zero. + */ +int qc_handle_conn_migration(struct quic_conn *qc, + const struct sockaddr_storage *peer_addr, + const struct sockaddr_storage *local_addr) +{ + TRACE_ENTER(QUIC_EV_CONN_LPKT, qc); + + /* RFC 9000. Connection Migration + * + * If the peer sent the disable_active_migration transport parameter, + * an endpoint also MUST NOT send packets (including probing packets; + * see Section 9.1) from a different local address to the address the peer + * used during the handshake, unless the endpoint has acted on a + * preferred_address transport parameter from the peer. + */ + if (qc->li->bind_conf->quic_params.disable_active_migration) { + TRACE_ERROR("Active migration was disabled, datagram dropped", QUIC_EV_CONN_LPKT, qc); + goto err; + } + + /* RFC 9000 9. Connection Migration + * + * The design of QUIC relies on endpoints retaining a stable address for + * the duration of the handshake. An endpoint MUST NOT initiate + * connection migration before the handshake is confirmed, as defined in + * Section 4.1.2 of [QUIC-TLS]. + */ + if (qc->state < QUIC_HS_ST_COMPLETE) { + TRACE_STATE("Connection migration during handshake rejected", QUIC_EV_CONN_LPKT, qc); + goto err; + } + + /* RFC 9000 9. Connection Migration + * + * TODO + * An endpoint MUST + * perform path validation (Section 8.2) if it detects any change to a + * peer's address, unless it has previously validated that address. + */ + + /* Update quic-conn owned socket if in used. + * TODO try to reuse it instead of closing and opening a new one. + */ + if (qc_test_fd(qc)) { + /* TODO try to reuse socket instead of closing it and opening a new one. */ + TRACE_STATE("Connection migration detected, allocate a new connection socket", QUIC_EV_CONN_LPKT, qc); + qc_release_fd(qc, 1); + /* TODO need to adjust on socket allocation failure. */ + qc_alloc_fd(qc, local_addr, peer_addr); + } + + qc->local_addr = *local_addr; + qc->peer_addr = *peer_addr; + qc->cntrs.conn_migration_done++; + + TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc); + return 0; + + err: + TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc); + return 1; +} + + /* Update the proxy counters of QUIC connection from its counters */ static inline void quic_conn_prx_cntrs_update(struct quic_conn *qc) { diff --git a/src/quic_rx.c b/src/quic_rx.c index 9957550..368b2ac 100644 --- a/src/quic_rx.c +++ b/src/quic_rx.c @@ -2195,73 +2195,6 @@ static int qc_rx_check_closing(struct quic_conn *qc, return 1; } -/* React to a connection migration initiated on by a client with the new - * path addresses /. - * - * Returns 0 on success else non-zero. - */ -static int qc_handle_conn_migration(struct quic_conn *qc, - const struct sockaddr_storage *peer_addr, - const struct sockaddr_storage *local_addr) -{ - TRACE_ENTER(QUIC_EV_CONN_LPKT, qc); - - /* RFC 9000. Connection Migration - * - * If the peer sent the disable_active_migration transport parameter, - * an endpoint also MUST NOT send packets (including probing packets; - * see Section 9.1) from a different local address to the address the peer - * used during the handshake, unless the endpoint has acted on a - * preferred_address transport parameter from the peer. - */ - if (qc->li->bind_conf->quic_params.disable_active_migration) { - TRACE_ERROR("Active migration was disabled, datagram dropped", QUIC_EV_CONN_LPKT, qc); - goto err; - } - - /* RFC 9000 9. Connection Migration - * - * The design of QUIC relies on endpoints retaining a stable address for - * the duration of the handshake. An endpoint MUST NOT initiate - * connection migration before the handshake is confirmed, as defined in - * Section 4.1.2 of [QUIC-TLS]. - */ - if (qc->state < QUIC_HS_ST_COMPLETE) { - TRACE_STATE("Connection migration during handshake rejected", QUIC_EV_CONN_LPKT, qc); - goto err; - } - - /* RFC 9000 9. Connection Migration - * - * TODO - * An endpoint MUST - * perform path validation (Section 8.2) if it detects any change to a - * peer's address, unless it has previously validated that address. - */ - - /* Update quic-conn owned socket if in used. - * TODO try to reuse it instead of closing and opening a new one. - */ - if (qc_test_fd(qc)) { - /* TODO try to reuse socket instead of closing it and opening a new one. */ - TRACE_STATE("Connection migration detected, allocate a new connection socket", QUIC_EV_CONN_LPKT, qc); - qc_release_fd(qc, 1); - /* TODO need to adjust on socket allocation failure. */ - qc_alloc_fd(qc, local_addr, peer_addr); - } - - qc->local_addr = *local_addr; - qc->peer_addr = *peer_addr; - qc->cntrs.conn_migration_done++; - - TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc); - return 0; - - err: - TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc); - return 1; -} - /* Release the memory for the RX packets which are no more referenced * and consume their payloads which have been copied to the RX buffer * for the connection.