From 6ee53322d97961cab375fdd64b410cc55fcedd5d Mon Sep 17 00:00:00 2001 From: zhaowu Date: Mon, 11 Dec 2023 18:08:20 +0800 Subject: [PATCH 1/4] [!] fix error instruction in README --- README.md | 14 ++++++++++++++ docs/docs-zh/README-zh.md | 16 +++++++++++++++- 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index c21c9394..3afd87c8 100644 --- a/README.md +++ b/README.md @@ -94,6 +94,13 @@ cd ../.. git submodule update --init --recursive mkdir -p build; cd build cmake -DGCOV=on -DCMAKE_BUILD_TYPE=Debug -DXQC_ENABLE_TESTING=1 -DXQC_SUPPORT_SENDMMSG_BUILD=1 -DXQC_ENABLE_EVENT_LOG=1 -DXQC_ENABLE_BBR2=1 -DXQC_ENABLE_RENO=1 -DSSL_TYPE=${SSL_TYPE_STR} -DSSL_PATH=${SSL_PATH_STR} .. + +# exit if cmake error +if [ $? -ne 0 ]; then + echo "cmake failed" + exit 1 +fi + make -j ``` @@ -120,6 +127,13 @@ cd - git submodule update --init --recursive mkdir -p build; cd build cmake -DGCOV=on -DCMAKE_BUILD_TYPE=Debug -DXQC_ENABLE_TESTING=1 -DXQC_SUPPORT_SENDMMSG_BUILD=1 -DXQC_ENABLE_EVENT_LOG=1 -DXQC_ENABLE_BBR2=1 -DXQC_ENABLE_RENO=1 -DSSL_TYPE=${SSL_TYPE_STR} -DSSL_PATH=${SSL_PATH_STR} .. + +# exit if cmake error +if [ $? -ne 0 ]; then + echo "cmake failed" + exit 1 +fi + make -j ``` diff --git a/docs/docs-zh/README-zh.md b/docs/docs-zh/README-zh.md index e0047c32..6babc927 100644 --- a/docs/docs-zh/README-zh.md +++ b/docs/docs-zh/README-zh.md @@ -47,7 +47,14 @@ cd - # 下,可以通过-DCUNIT_DIR、-DLIBEVENT_DIR指定目录。 git submodule update --init --recursive mkdir -p build; cd build -cmake -DGCOV=on -DCMAKE_BUILD_TYPE=Debug -DXQC_ENABLE_TESTING=1 -DXQC_SUPPORT_SENDMMSG_BUILD=1 -DXQC_ENABLE_EVENT_LOG=1 -DXQC_ENABLE_BBR2=1 -DXQC_ENABLE_RENO=1 -DSSL_TYPE=${SSL_TYPE_STR} -DSSL_PATH=${SSL_PATH_STR .. +cmake -DGCOV=on -DCMAKE_BUILD_TYPE=Debug -DXQC_ENABLE_TESTING=1 -DXQC_SUPPORT_SENDMMSG_BUILD=1 -DXQC_ENABLE_EVENT_LOG=1 -DXQC_ENABLE_BBR2=1 -DXQC_ENABLE_RENO=1 -DSSL_TYPE=${SSL_TYPE_STR} -DSSL_PATH=${SSL_PATH_STR} .. + +# 如果CMake发生错误,则结束编译 +if [ $? -ne 0 ]; then + echo "cmake failed" + exit 1 +fi + make -j ``` @@ -77,6 +84,13 @@ cd ../.. git submodule update --init --recursive mkdir -p build; cd build cmake -DGCOV=on -DCMAKE_BUILD_TYPE=Debug -DXQC_ENABLE_TESTING=1 -DXQC_SUPPORT_SENDMMSG_BUILD=1 -DXQC_ENABLE_EVENT_LOG=1 -DXQC_ENABLE_BBR2=1 -DXQC_ENABLE_RENO=1 -DSSL_TYPE=${SSL_TYPE_STR} -DSSL_PATH=${SSL_PATH_STR} .. + +# 如果CMake发生错误,则结束编译 +if [ $? -ne 0 ]; then + echo "cmake failed" + exit 1 +fi + make -j ``` From 2e1880dd508e1abc8db830f50dbc052c3fcb0618 Mon Sep 17 00:00:00 2001 From: zhaowu Date: Tue, 12 Dec 2023 21:36:59 +0800 Subject: [PATCH 2/4] [!] close connection with PROTOCOL_VIOLATION when receiving packets containing no frames --- src/transport/xqc_frame.c | 10 ++ src/transport/xqc_packet_out.c | 4 +- src/transport/xqc_packet_parser.c | 2 +- src/transport/xqc_packet_parser.h | 2 +- tests/unittest/main.c | 1 + tests/unittest/xqc_packet_test.c | 210 ++++++++++++++++++++++++++++++ tests/unittest/xqc_packet_test.h | 2 + 7 files changed, 227 insertions(+), 4 deletions(-) diff --git a/src/transport/xqc_frame.c b/src/transport/xqc_frame.c index 4f7118c2..e572cac6 100644 --- a/src/transport/xqc_frame.c +++ b/src/transport/xqc_frame.c @@ -367,6 +367,16 @@ xqc_process_frames(xqc_connection_t *conn, xqc_packet_in_t *packet_in) } } + /* + * An endpoint MUST treat receipt of a packet containing no frames as a + * connection error of type PROTOCOL_VIOLATION + */ + if (packet_in->pi_frame_types == 0) { + xqc_log(conn->log, XQC_LOG_ERROR, "|receive packet with no frame, close" + "with PROTOCOL_VIOLATION|"); + XQC_CONN_ERR(conn, TRA_PROTOCOL_VIOLATION); + } + xqc_path_ctx_t *path = xqc_conn_find_path_by_path_id(conn, packet_in->pi_path_id); if (path != NULL && (packet_in->pi_frame_types & XQC_FRAME_BIT_DATAGRAM)) diff --git a/src/transport/xqc_packet_out.c b/src/transport/xqc_packet_out.c index f9754af0..e405c6f0 100644 --- a/src/transport/xqc_packet_out.c +++ b/src/transport/xqc_packet_out.c @@ -247,7 +247,7 @@ xqc_write_packet_header(xqc_connection_t *conn, xqc_packet_out_t *packet_out) return XQC_OK; } - int ret = XQC_OK; + ssize_t ret = XQC_OK; xqc_pkt_type_t pkt_type = packet_out->po_pkt.pkt_type; @@ -266,7 +266,7 @@ xqc_write_packet_header(xqc_connection_t *conn, xqc_packet_out_t *packet_out) } if (ret < 0) { - xqc_log(conn->log, XQC_LOG_ERROR, "|gen header error|%d|", ret); + xqc_log(conn->log, XQC_LOG_ERROR, "|gen header error|%z|", ret); return ret; } packet_out->po_used_size += ret; diff --git a/src/transport/xqc_packet_parser.c b/src/transport/xqc_packet_parser.c index 85f0bb58..dc867fd5 100644 --- a/src/transport/xqc_packet_parser.c +++ b/src/transport/xqc_packet_parser.c @@ -390,7 +390,7 @@ void xqc_packet_update_reserved_bits(xqc_packet_out_t *packet_out) } } -int +ssize_t xqc_gen_long_packet_header (xqc_packet_out_t *packet_out, const unsigned char *dcid, unsigned char dcid_len, const unsigned char *scid, unsigned char scid_len, diff --git a/src/transport/xqc_packet_parser.h b/src/transport/xqc_packet_parser.h index a90b4db6..05686505 100644 --- a/src/transport/xqc_packet_parser.h +++ b/src/transport/xqc_packet_parser.h @@ -33,7 +33,7 @@ void xqc_short_packet_update_dcid(xqc_packet_out_t *packet_out, xqc_cid_t dcid); void xqc_packet_update_reserved_bits(xqc_packet_out_t *packet_out); -int xqc_gen_long_packet_header(xqc_packet_out_t *packet_out, +ssize_t xqc_gen_long_packet_header(xqc_packet_out_t *packet_out, const unsigned char *dcid, unsigned char dcid_len, const unsigned char *scid, unsigned char scid_len, const unsigned char *token, uint32_t token_len, diff --git a/tests/unittest/main.c b/tests/unittest/main.c index 56b337ab..3607870c 100644 --- a/tests/unittest/main.c +++ b/tests/unittest/main.c @@ -71,6 +71,7 @@ main() || !CU_add_test(pSuite, "xqc_test_cubic", xqc_test_cubic) || !CU_add_test(pSuite, "xqc_test_short_header_parse_cid", xqc_test_short_header_packet_parse_cid) || !CU_add_test(pSuite, "xqc_test_long_header_parse_cid", xqc_test_long_header_packet_parse_cid) + || !CU_add_test(pSuite, "xqc_test_empty_pkt", xqc_test_empty_pkt) || !CU_add_test(pSuite, "xqc_test_engine_packet_process", xqc_test_engine_packet_process) || !CU_add_test(pSuite, "xqc_test_stream_frame", xqc_test_stream_frame) || !CU_add_test(pSuite, "xqc_test_wakeup_pq", xqc_test_wakeup_pq) diff --git a/tests/unittest/xqc_packet_test.c b/tests/unittest/xqc_packet_test.c index 4994beb4..eab29384 100644 --- a/tests/unittest/xqc_packet_test.c +++ b/tests/unittest/xqc_packet_test.c @@ -67,3 +67,213 @@ xqc_test_long_header_packet_parse_cid() } + + + +extern xqc_usec_t xqc_now(); + + + +typedef struct test_ctx { + xqc_engine_t *engine; + xqc_connection_t *c; + xqc_cid_t cid; + char buf[2048]; + size_t buf_len; +} test_ctx; + + +ssize_t +xqc_test_server_write(const unsigned char *buf, size_t size, + const struct sockaddr *peer_addr, + socklen_t peer_addrlen, void *conn_user_data) +{ + test_ctx *tctx = (test_ctx *)conn_user_data; + memcpy(tctx->buf, buf, size); + tctx->buf_len = size; + + return size; +} + +int +xqc_test_server_conn_create_notify(xqc_connection_t *conn, const xqc_cid_t *cid, + void *user_data, void *conn_proto_data) +{ + test_ctx *tctx = (test_ctx *)user_data; + tctx->c = conn; + memcpy(&tctx->cid, cid, sizeof(xqc_cid_t)); + + xqc_conn_set_alp_user_data(conn, tctx); + + return 0; +} + +ssize_t +xqc_test_client_write(const unsigned char *buf, size_t size, + const struct sockaddr *peer_addr, + socklen_t peer_addrlen, void *conn_user_data) +{ + test_ctx *tctx = (test_ctx *)conn_user_data; + memcpy(tctx->buf, buf, size); + tctx->buf_len = size; + + return size; +} + +int +xqc_test_client_conn_create_notify(xqc_connection_t *conn, const xqc_cid_t *cid, + void *user_data, void *conn_proto_data) +{ + test_ctx *tctx = (test_ctx *)user_data; + tctx->c = conn; + memcpy(&tctx->cid, cid, sizeof(xqc_cid_t)); + + xqc_conn_set_alp_user_data(conn, tctx); + + return 0; +} + +void +xqc_test_set_event_timer(xqc_msec_t wake_after, void *engine_user_data) +{ + return; +} + +xqc_engine_t * +test_create_engine_buf_server(test_ctx *tctx) +{ + xqc_engine_ssl_config_t engine_ssl_config; + engine_ssl_config.private_key_file = "./server.key"; + engine_ssl_config.cert_file = "./server.crt"; + engine_ssl_config.ciphers = XQC_TLS_CIPHERS; + engine_ssl_config.groups = XQC_TLS_GROUPS; + engine_ssl_config.session_ticket_key_len = 0; + engine_ssl_config.session_ticket_key_data = NULL; + + xqc_engine_callback_t callback = { + .set_event_timer = xqc_test_set_event_timer, + }; + + xqc_transport_callbacks_t tcbs = { + .write_socket = xqc_test_server_write, + }; + + xqc_app_proto_callbacks_t transport_cbs = { + .conn_cbs.conn_create_notify = xqc_test_server_conn_create_notify, + }; + + xqc_conn_settings_t conn_settings; + xqc_engine_t *engine = xqc_engine_create(XQC_ENGINE_SERVER, NULL, &engine_ssl_config, + &callback, &tcbs, tctx); + + /* transport ALPN */ + xqc_engine_register_alpn(engine, "transport", 9, &transport_cbs); + + return engine; +} + + + +xqc_engine_t * +test_create_engine_buf_client(test_ctx *tctx) +{ + xqc_engine_ssl_config_t engine_ssl_config; + engine_ssl_config.private_key_file = "./server.key"; + engine_ssl_config.cert_file = "./server.crt"; + engine_ssl_config.ciphers = XQC_TLS_CIPHERS; + engine_ssl_config.groups = XQC_TLS_GROUPS; + engine_ssl_config.session_ticket_key_len = 0; + engine_ssl_config.session_ticket_key_data = NULL; + + xqc_engine_callback_t callback = { + .set_event_timer = xqc_test_set_event_timer, + }; + + xqc_transport_callbacks_t tcbs = { + .write_socket = xqc_test_client_write, + }; + + xqc_app_proto_callbacks_t transport_cbs = { + .conn_cbs.conn_create_notify = xqc_test_client_conn_create_notify, + }; + + xqc_conn_settings_t conn_settings; + xqc_engine_t *engine = xqc_engine_create(XQC_ENGINE_CLIENT, NULL, &engine_ssl_config, + &callback, &tcbs, tctx); + + /* transport ALPN */ + xqc_engine_register_alpn(engine, "transport", 9, &transport_cbs); + + return engine; +} + + +void +xqc_test_empty_pkt() +{ + test_ctx svr_tctx = {0}; + test_ctx cli_tctx = {0}; + + xqc_engine_t *svr_eng = NULL; + xqc_engine_t *cli_eng = NULL; + + xqc_connection_t *svr_conn = NULL; + xqc_connection_t *cli_conn = NULL; + + svr_tctx.engine = test_create_engine_buf_server(&svr_tctx); + cli_tctx.engine = test_create_engine_buf_client(&cli_tctx); + + + xqc_conn_settings_t conn_settings; + memset(&conn_settings, 0, sizeof(xqc_conn_settings_t)); + conn_settings.proto_version = XQC_VERSION_V1; + xqc_conn_ssl_config_t conn_ssl_config; + memset(&conn_ssl_config, 0, sizeof(conn_ssl_config)); + + /* create client instance, will trigger create_notiry and write_socket */ + xqc_connect(cli_tctx.engine, &conn_settings, NULL, 0, "", 0, + &conn_ssl_config, NULL, 0, "transport", &cli_tctx); + + struct sockaddr_in6 peer_addr; + socklen_t peer_addrlen = sizeof(peer_addr); + + struct sockaddr_in6 local_addr; + socklen_t local_addrlen = sizeof(local_addr); + + /* server will process the initial packet and get the secret of initial pns */ + xqc_engine_packet_process(svr_tctx.engine, cli_tctx.buf, cli_tctx.buf_len, + (struct sockaddr *)&local_addr, local_addrlen, + (struct sockaddr *)&peer_addr, peer_addrlen, + 0, xqc_now(), &svr_tctx); + + + /* generate an Initial pkt with no payload */ + xqc_packet_out_t *po; + po = xqc_packet_out_create(2048); + CU_ASSERT(po != NULL); + + memcpy(po->po_pkt.pkt_scid.cid_buf, cli_tctx.c->scid_set.user_scid.cid_buf, + cli_tctx.c->scid_set.user_scid.cid_len); + po->po_pkt.pkt_scid.cid_len = cli_tctx.c->scid_set.user_scid.cid_len; + + memcpy(po->po_pkt.pkt_dcid.cid_buf, cli_tctx.c->dcid_set.current_dcid.cid_buf, + cli_tctx.c->dcid_set.current_dcid.cid_len); + po->po_pkt.pkt_dcid.cid_len = cli_tctx.c->dcid_set.current_dcid.cid_len; + + ssize_t po_size = xqc_gen_long_packet_header( + po, po->po_pkt.pkt_dcid.cid_buf, po->po_pkt.pkt_dcid.cid_len, + po->po_pkt.pkt_scid.cid_buf, po->po_pkt.pkt_scid.cid_len, + NULL, 0, XQC_VERSION_V1, XQC_PKTNO_BITS); + CU_ASSERT(po_size > 0); + po->po_used_size += po_size; + + /* client encrypt the Initial pkt */ + xqc_int_t ret = xqc_packet_encrypt(cli_tctx.c, po); + CU_ASSERT(ret == XQC_OK); + + /* server decrypt the Initial pkt */ + ret = xqc_conn_process_packet(svr_tctx.c, cli_tctx.c->enc_pkt, + cli_tctx.c->enc_pkt_len, 0, xqc_now()); + CU_ASSERT(svr_tctx.c->conn_err == TRA_PROTOCOL_VIOLATION); +} + diff --git a/tests/unittest/xqc_packet_test.h b/tests/unittest/xqc_packet_test.h index e1f695b5..f68768ef 100644 --- a/tests/unittest/xqc_packet_test.h +++ b/tests/unittest/xqc_packet_test.h @@ -7,5 +7,7 @@ void xqc_test_short_header_packet_parse_cid(); void xqc_test_long_header_packet_parse_cid(); +void xqc_test_empty_pkt(); + #endif From 5a9e6d0534254639625cff39547333cb359f40e6 Mon Sep 17 00:00:00 2001 From: zhaowu Date: Tue, 12 Dec 2023 21:46:53 +0800 Subject: [PATCH 3/4] [=] delete unused variables --- tests/unittest/xqc_packet_test.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/tests/unittest/xqc_packet_test.c b/tests/unittest/xqc_packet_test.c index eab29384..d3cde764 100644 --- a/tests/unittest/xqc_packet_test.c +++ b/tests/unittest/xqc_packet_test.c @@ -214,12 +214,6 @@ xqc_test_empty_pkt() test_ctx svr_tctx = {0}; test_ctx cli_tctx = {0}; - xqc_engine_t *svr_eng = NULL; - xqc_engine_t *cli_eng = NULL; - - xqc_connection_t *svr_conn = NULL; - xqc_connection_t *cli_conn = NULL; - svr_tctx.engine = test_create_engine_buf_server(&svr_tctx); cli_tctx.engine = test_create_engine_buf_client(&cli_tctx); @@ -248,8 +242,7 @@ xqc_test_empty_pkt() /* generate an Initial pkt with no payload */ - xqc_packet_out_t *po; - po = xqc_packet_out_create(2048); + xqc_packet_out_t *po = xqc_packet_out_create(2048); CU_ASSERT(po != NULL); memcpy(po->po_pkt.pkt_scid.cid_buf, cli_tctx.c->scid_set.user_scid.cid_buf, @@ -275,5 +268,13 @@ xqc_test_empty_pkt() ret = xqc_conn_process_packet(svr_tctx.c, cli_tctx.c->enc_pkt, cli_tctx.c->enc_pkt_len, 0, xqc_now()); CU_ASSERT(svr_tctx.c->conn_err == TRA_PROTOCOL_VIOLATION); + + + xqc_packet_out_destroy(po); + xqc_conn_close(cli_tctx.engine, &cli_tctx.cid); + xqc_engine_destroy(cli_tctx.engine); + + xqc_conn_close(svr_tctx.engine, &svr_tctx.cid); + xqc_engine_destroy(svr_tctx.engine); } From ac58920a26326b22576c41d5516ab526e3ec0082 Mon Sep 17 00:00:00 2001 From: zhaowu Date: Wed, 13 Dec 2023 18:56:41 +0800 Subject: [PATCH 4/4] [!] fix build error with xqc_build.sh --- cmake/CMakeLists.txt | 11 ----------- xqc_build.sh | 13 ++++++++++--- 2 files changed, 10 insertions(+), 14 deletions(-) diff --git a/cmake/CMakeLists.txt b/cmake/CMakeLists.txt index 533009a4..cc90324b 100644 --- a/cmake/CMakeLists.txt +++ b/cmake/CMakeLists.txt @@ -293,17 +293,6 @@ if(XQC_ENABLE_UNLIMITED) endif() -if(XQC_ENABLE_TH3) - set(XQC_ENABLE_TUNNEL 1) - set( - TH3_SOURCES - "tunnel/tunnel_h3/th3_ctx.c" - "tunnel/tunnel_h3/th3_vconn.c" - ) -endif() - - ) -endif() if (XQC_NO_SHARED) set(XQC_BINARY_TYPE STATIC) diff --git a/xqc_build.sh b/xqc_build.sh index 865d570c..8778d11b 100755 --- a/xqc_build.sh +++ b/xqc_build.sh @@ -13,11 +13,16 @@ artifact_dir=$3 # boringssl is used as default ssl_type="boringssl" -ssl_path=third_party/boringssl - +ssl_path=$4 +# if ssl_path is not defined, try to use the default path if [ -z "$ssl_path" ] ; then - echo "ssl environment not specified" + ssl_path="`pwd`/third_party/boringssl" + echo "use default ssl path: $ssl_path" +fi + +if [ ! -d "$ssl_path" ] ; then + echo "ssl environment not exists" exit 0 fi @@ -44,6 +49,8 @@ if [ x"$platform" == xios ] ; then archs=${ios_archs[@]} configures="-DSSL_TYPE=${ssl_type} -DSSL_PATH=${ssl_path} + -DBORINGSSL_PREFIX=bs + -DBORINGSSL_PREFIX_SYMBOLS=$cur_dir/bssl_symbols.txt -DDEPLOYMENT_TARGET=10.0 -DCMAKE_BUILD_TYPE=Minsizerel -DXQC_ENABLE_TESTING=OFF