diff --git a/packet_packer.go b/packet_packer.go index e68ba21b..463a9428 100644 --- a/packet_packer.go +++ b/packet_packer.go @@ -70,14 +70,6 @@ type frameSource interface { AppendControlFrames([]wire.Frame, protocol.ByteCount) ([]wire.Frame, protocol.ByteCount) } -// sentAndReceivedPacketManager is only needed until STOP_WAITING is removed -type sentAndReceivedPacketManager struct { - ackhandler.SentPacketHandler - ackhandler.ReceivedPacketHandler -} - -var _ ackFrameSource = &sentAndReceivedPacketManager{} - type ackFrameSource interface { GetAckFrame() *wire.AckFrame GetStopWaitingFrame(bool) *wire.StopWaitingFrame @@ -91,8 +83,7 @@ type packetPacker struct { version protocol.VersionNumber cryptoSetup sealingManager - token []byte - divNonce []byte + token []byte packetNumberGenerator *packetNumberGenerator getPacketNumberLen func(protocol.PacketNumber) protocol.PacketNumberLen @@ -100,7 +91,6 @@ type packetPacker struct { framer frameSource acks ackFrameSource - omitConnectionID bool maxPacketSize protocol.ByteCount hasSentPacket bool // has the packetPacker already sent a packet numNonRetransmittableAcks int @@ -115,7 +105,6 @@ func newPacketPacker( getPacketNumberLen func(protocol.PacketNumber) protocol.PacketNumberLen, remoteAddr net.Addr, // only used for determining the max packet size token []byte, - divNonce []byte, cryptoStream cryptoStream, cryptoSetup sealingManager, framer frameSource, @@ -126,7 +115,6 @@ func newPacketPacker( return &packetPacker{ cryptoStream: cryptoStream, cryptoSetup: cryptoSetup, - divNonce: divNonce, token: token, destConnID: destConnID, srcConnID: srcConnID, @@ -162,14 +150,6 @@ func (p *packetPacker) MaybePackAckPacket() (*packedPacket, error) { encLevel, sealer := p.cryptoSetup.GetSealer() header := p.getHeader(encLevel) frames := []wire.Frame{ack} - // add a STOP_WAITING frame, when using gQUIC - if p.version.UsesStopWaitingFrames() { - if swf := p.acks.GetStopWaitingFrame(false); swf != nil { - swf.PacketNumber = header.PacketNumber - swf.PacketNumberLen = header.PacketNumberLen - frames = append(frames, swf) - } - } raw, err := p.writeAndSealPacket(header, frames, sealer) return &packedPacket{ header: header, @@ -201,11 +181,6 @@ func (p *packetPacker) PackRetransmission(packet *ackhandler.Packet) ([]*packedP var packets []*packedPacket encLevel, sealer := p.cryptoSetup.GetSealer() - var swf *wire.StopWaitingFrame - // for gQUIC: add a STOP_WAITING for *every* retransmission - if p.version.UsesStopWaitingFrames() { - swf = p.acks.GetStopWaitingFrame(true) - } for len(controlFrames) > 0 || len(streamFrames) > 0 { var frames []wire.Frame var length protocol.ByteCount @@ -217,17 +192,6 @@ func (p *packetPacker) PackRetransmission(packet *ackhandler.Packet) ([]*packedP } maxSize := p.maxPacketSize - protocol.ByteCount(sealer.Overhead()) - headerLength - if p.version.UsesStopWaitingFrames() { - // create a new STOP_WAIITNG Frame, since we might need to send more than one packet as a retransmission - stopWaitingFrame := &wire.StopWaitingFrame{ - LeastUnacked: swf.LeastUnacked, - PacketNumber: header.PacketNumber, - PacketNumberLen: header.PacketNumberLen, - } - length += stopWaitingFrame.Length(p.version) - frames = append(frames, stopWaitingFrame) - } - for len(controlFrames) > 0 { frame := controlFrames[0] frameLen := frame.Length(p.version) @@ -286,20 +250,11 @@ func (p *packetPacker) packHandshakeRetransmission(packet *ackhandler.Packet) (* } header := p.getHeader(packet.EncryptionLevel) header.Type = packet.PacketType - var frames []wire.Frame - if p.version.UsesStopWaitingFrames() { // for gQUIC: pack a STOP_WAITING first - swf := p.acks.GetStopWaitingFrame(true) - swf.PacketNumber = header.PacketNumber - swf.PacketNumberLen = header.PacketNumberLen - frames = append([]wire.Frame{swf}, packet.Frames...) - } else { - frames = packet.Frames - } - raw, err := p.writeAndSealPacket(header, frames, sealer) + raw, err := p.writeAndSealPacket(header, packet.Frames, sealer) return &packedPacket{ header: header, raw: raw, - frames: frames, + frames: packet.Frames, encryptionLevel: packet.EncryptionLevel, }, err } @@ -328,7 +283,7 @@ func (p *packetPacker) PackPacket() (*packedPacket, error) { } maxSize := p.maxPacketSize - protocol.ByteCount(sealer.Overhead()) - headerLength - frames, err := p.composeNextPacket(header, maxSize, p.canSendData(encLevel)) + frames, err := p.composeNextPacket(maxSize, p.canSendData(encLevel)) if err != nil { return nil, err } @@ -337,7 +292,7 @@ func (p *packetPacker) PackPacket() (*packedPacket, error) { if len(frames) == 0 { return nil, nil } - // check if this packet only contains an ACK (and maybe a STOP_WAITING) + // check if this packet only contains an ACK if !ackhandler.HasRetransmittableFrames(frames) { if p.numNonRetransmittableAcks >= protocol.MaxNonRetransmittableAcks { frames = append(frames, &wire.PingFrame{}) @@ -388,27 +343,16 @@ func (p *packetPacker) maybePackCryptoPacket() (*packedPacket, error) { } func (p *packetPacker) composeNextPacket( - header *wire.Header, // only needed to fill in the STOP_WAITING frame maxFrameSize protocol.ByteCount, canSendStreamFrames bool, ) ([]wire.Frame, error) { var length protocol.ByteCount var frames []wire.Frame - // STOP_WAITING and ACK will always fit // ACKs need to go first, so that the sentPacketHandler will recognize them if ack := p.acks.GetAckFrame(); ack != nil { frames = append(frames, ack) length += ack.Length(p.version) - // add a STOP_WAITING, for gQUIC - if p.version.UsesStopWaitingFrames() { - if swf := p.acks.GetStopWaitingFrame(false); swf != nil { - swf.PacketNumber = header.PacketNumber - swf.PacketNumberLen = header.PacketNumberLen - frames = append(frames, swf) - length += swf.Length(p.version) - } - } } var lengthAdded protocol.ByteCount @@ -420,15 +364,10 @@ func (p *packetPacker) composeNextPacket( } // temporarily increase the maxFrameSize by the (minimum) length of the DataLen field - // this leads to a properly sized packet in all cases, since we do all the packet length calculations with StreamFrames that have the DataLen set + // this leads to a properly sized packet in all cases, since we do all the packet length calculations with STREAM frames that have the DataLen set // however, for the last STREAM frame in the packet, we can omit the DataLen, thus yielding a packet of exactly the correct size - // for gQUIC STREAM frames, DataLen is always 2 bytes - // for IETF draft style STREAM frames, the length is encoded to either 1 or 2 bytes - if p.version.UsesIETFFrameFormat() { - maxFrameSize++ - } else { - maxFrameSize += 2 - } + // the length is encoded to either 1 or 2 bytes + maxFrameSize++ frames = p.framer.AppendStreamFrames(frames, maxFrameSize-length) if len(frames) > 0 { @@ -445,17 +384,15 @@ func (p *packetPacker) getHeader(encLevel protocol.EncryptionLevel) *wire.Header packetNumberLen := p.getPacketNumberLen(pnum) header := &wire.Header{ - PacketNumber: pnum, - PacketNumberLen: packetNumberLen, - Version: p.version, + PacketNumber: pnum, + PacketNumberLen: packetNumberLen, + Version: p.version, + DestConnectionID: p.destConnID, } - if p.version.UsesIETFHeaderFormat() && encLevel != protocol.EncryptionForwardSecure { + if encLevel != protocol.EncryptionForwardSecure { header.IsLongHeader = true header.SrcConnectionID = p.srcConnID - if !p.version.UsesVarintPacketNumbers() { - header.PacketNumberLen = protocol.PacketNumberLen4 - } // Set the payload len to maximum size. // Since it is encoded as a varint, this guarantees us that the header will end up at most as big as GetLength() returns. header.PayloadLen = p.maxPacketSize @@ -467,18 +404,6 @@ func (p *packetPacker) getHeader(encLevel protocol.EncryptionLevel) *wire.Header } } - if !p.omitConnectionID || encLevel != protocol.EncryptionForwardSecure { - header.DestConnectionID = p.destConnID - } - if !p.version.UsesTLS() { - if p.perspective == protocol.PerspectiveServer && encLevel == protocol.EncryptionSecure { - header.Type = protocol.PacketType0RTT - header.DiversificationNonce = p.divNonce - } - if p.perspective == protocol.PerspectiveClient && encLevel != protocol.EncryptionForwardSecure { - header.VersionFlag = true - } - } return header } @@ -521,8 +446,7 @@ func (p *packetPacker) writeAndSealPacket( return nil, err } } - // if this is an IETF QUIC Initial packet, we need to pad it to fulfill the minimum size requirement - // in gQUIC, padding is handled in the CHLO + // if this is an Initial packet, we need to pad it to fulfill the minimum size requirement if header.Type == protocol.PacketTypeInitial { paddingLen := protocol.MinInitialPacketSize - sealer.Overhead() - buffer.Len() if paddingLen > 0 { @@ -558,7 +482,6 @@ func (p *packetPacker) ChangeDestConnectionID(connID protocol.ConnectionID) { } func (p *packetPacker) HandleTransportParameters(params *handshake.TransportParameters) { - p.omitConnectionID = params.OmitConnectionID if params.MaxPacketSize != 0 { p.maxPacketSize = utils.MinByteCount(p.maxPacketSize, params.MaxPacketSize) } diff --git a/packet_packer_legacy.go b/packet_packer_legacy.go new file mode 100644 index 00000000..2fb20ed5 --- /dev/null +++ b/packet_packer_legacy.go @@ -0,0 +1,455 @@ +package quic + +import ( + "bytes" + "errors" + "fmt" + "net" + + "github.com/lucas-clemente/quic-go/internal/ackhandler" + "github.com/lucas-clemente/quic-go/internal/handshake" + "github.com/lucas-clemente/quic-go/internal/protocol" + "github.com/lucas-clemente/quic-go/internal/wire" +) + +// sentAndReceivedPacketManager is only needed until STOP_WAITING is removed +type sentAndReceivedPacketManager struct { + ackhandler.SentPacketHandler + ackhandler.ReceivedPacketHandler +} + +var _ ackFrameSource = &sentAndReceivedPacketManager{} + +type packetPackerLegacy struct { + destConnID protocol.ConnectionID + srcConnID protocol.ConnectionID + + perspective protocol.Perspective + version protocol.VersionNumber + cryptoSetup sealingManager + + divNonce []byte + + packetNumberGenerator *packetNumberGenerator + getPacketNumberLen func(protocol.PacketNumber) protocol.PacketNumberLen + cryptoStream cryptoStream + framer frameSource + acks ackFrameSource + + omitConnectionID bool + maxPacketSize protocol.ByteCount + hasSentPacket bool // has the packetPacker already sent a packet + numNonRetransmittableAcks int +} + +var _ packer = &packetPackerLegacy{} + +func newPacketPackerLegacy( + destConnID protocol.ConnectionID, + srcConnID protocol.ConnectionID, + getPacketNumberLen func(protocol.PacketNumber) protocol.PacketNumberLen, + remoteAddr net.Addr, // only used for determining the max packet size + divNonce []byte, + cryptoStream cryptoStream, + cryptoSetup sealingManager, + framer frameSource, + acks ackFrameSource, + perspective protocol.Perspective, + version protocol.VersionNumber, +) *packetPackerLegacy { + return &packetPackerLegacy{ + cryptoStream: cryptoStream, + cryptoSetup: cryptoSetup, + divNonce: divNonce, + destConnID: destConnID, + srcConnID: srcConnID, + perspective: perspective, + version: version, + framer: framer, + acks: acks, + getPacketNumberLen: getPacketNumberLen, + packetNumberGenerator: newPacketNumberGenerator(1, protocol.SkipPacketAveragePeriodLength), + maxPacketSize: getMaxPacketSize(remoteAddr), + } +} + +// PackConnectionClose packs a packet that ONLY contains a ConnectionCloseFrame +func (p *packetPackerLegacy) PackConnectionClose(ccf *wire.ConnectionCloseFrame) (*packedPacket, error) { + frames := []wire.Frame{ccf} + encLevel, sealer := p.cryptoSetup.GetSealer() + header := p.getHeader(encLevel) + raw, err := p.writeAndSealPacket(header, frames, sealer) + return &packedPacket{ + header: header, + raw: raw, + frames: frames, + encryptionLevel: encLevel, + }, err +} + +func (p *packetPackerLegacy) MaybePackAckPacket() (*packedPacket, error) { + ack := p.acks.GetAckFrame() + if ack == nil { + return nil, nil + } + encLevel, sealer := p.cryptoSetup.GetSealer() + header := p.getHeader(encLevel) + frames := []wire.Frame{ack} + // add a STOP_WAITING frame, if necessary + if p.version.UsesStopWaitingFrames() { + if swf := p.acks.GetStopWaitingFrame(false); swf != nil { + swf.PacketNumber = header.PacketNumber + swf.PacketNumberLen = header.PacketNumberLen + frames = append(frames, swf) + } + } + raw, err := p.writeAndSealPacket(header, frames, sealer) + return &packedPacket{ + header: header, + raw: raw, + frames: frames, + encryptionLevel: encLevel, + }, err +} + +// PackRetransmission packs a retransmission +// For packets sent after completion of the handshake, it might happen that 2 packets have to be sent. +// This can happen e.g. when a longer packet number is used in the header. +func (p *packetPackerLegacy) PackRetransmission(packet *ackhandler.Packet) ([]*packedPacket, error) { + if packet.EncryptionLevel != protocol.EncryptionForwardSecure { + p, err := p.packHandshakeRetransmission(packet) + return []*packedPacket{p}, err + } + + var controlFrames []wire.Frame + var streamFrames []*wire.StreamFrame + for _, f := range packet.Frames { + if sf, ok := f.(*wire.StreamFrame); ok { + sf.DataLenPresent = true + streamFrames = append(streamFrames, sf) + } else { + controlFrames = append(controlFrames, f) + } + } + + var packets []*packedPacket + encLevel, sealer := p.cryptoSetup.GetSealer() + var swf *wire.StopWaitingFrame + // add a STOP_WAITING for *every* retransmission + if p.version.UsesStopWaitingFrames() { + swf = p.acks.GetStopWaitingFrame(true) + } + for len(controlFrames) > 0 || len(streamFrames) > 0 { + var frames []wire.Frame + var length protocol.ByteCount + + header := p.getHeader(encLevel) + headerLength, err := header.GetLength(p.version) + if err != nil { + return nil, err + } + maxSize := p.maxPacketSize - protocol.ByteCount(sealer.Overhead()) - headerLength + + if p.version.UsesStopWaitingFrames() { + // create a new STOP_WAIITNG Frame, since we might need to send more than one packet as a retransmission + stopWaitingFrame := &wire.StopWaitingFrame{ + LeastUnacked: swf.LeastUnacked, + PacketNumber: header.PacketNumber, + PacketNumberLen: header.PacketNumberLen, + } + length += stopWaitingFrame.Length(p.version) + frames = append(frames, stopWaitingFrame) + } + + for len(controlFrames) > 0 { + frame := controlFrames[0] + frameLen := frame.Length(p.version) + if length+frameLen > maxSize { + break + } + length += frameLen + frames = append(frames, frame) + controlFrames = controlFrames[1:] + } + + // temporarily increase the maxFrameSize by the (minimum) length of the DataLen field + // this leads to a properly sized packet in all cases, since we do all the packet length calculations with StreamFrames that have the DataLen set + // however, for the last STREAM frame in the packet, we can omit the DataLen, thus yielding a packet of exactly the correct size + maxSize += 2 + + for len(streamFrames) > 0 && length+protocol.MinStreamFrameSize < maxSize { + frame := streamFrames[0] + frameToAdd := frame + + sf, err := frame.MaybeSplitOffFrame(maxSize-length, p.version) + if err != nil { + return nil, err + } + if sf != nil { + frameToAdd = sf + } else { + streamFrames = streamFrames[1:] + } + length += frameToAdd.Length(p.version) + frames = append(frames, frameToAdd) + } + if sf, ok := frames[len(frames)-1].(*wire.StreamFrame); ok { + sf.DataLenPresent = false + } + raw, err := p.writeAndSealPacket(header, frames, sealer) + if err != nil { + return nil, err + } + packets = append(packets, &packedPacket{ + header: header, + raw: raw, + frames: frames, + encryptionLevel: encLevel, + }) + } + return packets, nil +} + +// packHandshakeRetransmission retransmits a handshake packet, that was sent with less than forward-secure encryption +func (p *packetPackerLegacy) packHandshakeRetransmission(packet *ackhandler.Packet) (*packedPacket, error) { + sealer, err := p.cryptoSetup.GetSealerWithEncryptionLevel(packet.EncryptionLevel) + if err != nil { + return nil, err + } + // make sure that the retransmission for an Initial packet is sent as an Initial packet + if packet.PacketType == protocol.PacketTypeInitial { + p.hasSentPacket = false + } + header := p.getHeader(packet.EncryptionLevel) + header.Type = packet.PacketType + var frames []wire.Frame + if p.version.UsesStopWaitingFrames() { // pack a STOP_WAITING first + swf := p.acks.GetStopWaitingFrame(true) + swf.PacketNumber = header.PacketNumber + swf.PacketNumberLen = header.PacketNumberLen + frames = append([]wire.Frame{swf}, packet.Frames...) + } else { + frames = packet.Frames + } + raw, err := p.writeAndSealPacket(header, frames, sealer) + return &packedPacket{ + header: header, + raw: raw, + frames: frames, + encryptionLevel: packet.EncryptionLevel, + }, err +} + +// PackPacket packs a new packet +// the other controlFrames are sent in the next packet, but might be queued and sent in the next packet if the packet would overflow MaxPacketSize otherwise +func (p *packetPackerLegacy) PackPacket() (*packedPacket, error) { + packet, err := p.maybePackCryptoPacket() + if err != nil { + return nil, err + } + if packet != nil { + return packet, nil + } + // if this is the first packet to be send, make sure it contains stream data + if !p.hasSentPacket && packet == nil { + return nil, nil + } + + encLevel, sealer := p.cryptoSetup.GetSealer() + + header := p.getHeader(encLevel) + headerLength, err := header.GetLength(p.version) + if err != nil { + return nil, err + } + + maxSize := p.maxPacketSize - protocol.ByteCount(sealer.Overhead()) - headerLength + frames, err := p.composeNextPacket(header, maxSize, p.canSendData(encLevel)) + if err != nil { + return nil, err + } + + // Check if we have enough frames to send + if len(frames) == 0 { + return nil, nil + } + // check if this packet only contains an ACK (and maybe a STOP_WAITING) + if !ackhandler.HasRetransmittableFrames(frames) { + if p.numNonRetransmittableAcks >= protocol.MaxNonRetransmittableAcks { + frames = append(frames, &wire.PingFrame{}) + p.numNonRetransmittableAcks = 0 + } else { + p.numNonRetransmittableAcks++ + } + } else { + p.numNonRetransmittableAcks = 0 + } + + raw, err := p.writeAndSealPacket(header, frames, sealer) + if err != nil { + return nil, err + } + return &packedPacket{ + header: header, + raw: raw, + frames: frames, + encryptionLevel: encLevel, + }, nil +} + +func (p *packetPackerLegacy) maybePackCryptoPacket() (*packedPacket, error) { + if !p.cryptoStream.hasData() { + return nil, nil + } + encLevel, sealer := p.cryptoSetup.GetSealerForCryptoStream() + header := p.getHeader(encLevel) + headerLength, err := header.GetLength(p.version) + if err != nil { + return nil, err + } + maxLen := p.maxPacketSize - protocol.ByteCount(sealer.Overhead()) - protocol.NonForwardSecurePacketSizeReduction - headerLength + sf, _ := p.cryptoStream.popStreamFrame(maxLen) + sf.DataLenPresent = false + frames := []wire.Frame{sf} + raw, err := p.writeAndSealPacket(header, frames, sealer) + if err != nil { + return nil, err + } + return &packedPacket{ + header: header, + raw: raw, + frames: frames, + encryptionLevel: encLevel, + }, nil +} + +func (p *packetPackerLegacy) composeNextPacket( + header *wire.Header, // only needed to fill in the STOP_WAITING frame + maxFrameSize protocol.ByteCount, + canSendStreamFrames bool, +) ([]wire.Frame, error) { + var length protocol.ByteCount + var frames []wire.Frame + + // STOP_WAITING and ACK will always fit + // ACKs need to go first, so that the sentPacketHandler will recognize them + if ack := p.acks.GetAckFrame(); ack != nil { + frames = append(frames, ack) + length += ack.Length(p.version) + // add a STOP_WAITING, for gQUIC + if p.version.UsesStopWaitingFrames() { + if swf := p.acks.GetStopWaitingFrame(false); swf != nil { + swf.PacketNumber = header.PacketNumber + swf.PacketNumberLen = header.PacketNumberLen + frames = append(frames, swf) + length += swf.Length(p.version) + } + } + } + + var lengthAdded protocol.ByteCount + frames, lengthAdded = p.framer.AppendControlFrames(frames, maxFrameSize-length) + length += lengthAdded + + if !canSendStreamFrames { + return frames, nil + } + + // temporarily increase the maxFrameSize by the (minimum) length of the DataLen field + // this leads to a properly sized packet in all cases, since we do all the packet length calculations with StreamFrames that have the DataLen set + // however, for the last STREAM frame in the packet, we can omit the DataLen, thus yielding a packet of exactly the correct size + maxFrameSize += 2 + + frames = p.framer.AppendStreamFrames(frames, maxFrameSize-length) + if len(frames) > 0 { + lastFrame := frames[len(frames)-1] + if sf, ok := lastFrame.(*wire.StreamFrame); ok { + sf.DataLenPresent = false + } + } + return frames, nil +} + +func (p *packetPackerLegacy) getHeader(encLevel protocol.EncryptionLevel) *wire.Header { + pnum := p.packetNumberGenerator.Peek() + packetNumberLen := p.getPacketNumberLen(pnum) + + header := &wire.Header{ + PacketNumber: pnum, + PacketNumberLen: packetNumberLen, + Version: p.version, + } + + if p.version.UsesIETFHeaderFormat() && encLevel != protocol.EncryptionForwardSecure { + header.IsLongHeader = true + header.SrcConnectionID = p.srcConnID + header.PacketNumberLen = protocol.PacketNumberLen4 + if !p.hasSentPacket && p.perspective == protocol.PerspectiveClient { + header.Type = protocol.PacketTypeInitial + } else { + header.Type = protocol.PacketTypeHandshake + } + } + + if !p.omitConnectionID || encLevel != protocol.EncryptionForwardSecure { + header.DestConnectionID = p.destConnID + } + if p.perspective == protocol.PerspectiveServer && encLevel == protocol.EncryptionSecure { + header.Type = protocol.PacketType0RTT + header.DiversificationNonce = p.divNonce + } + if p.perspective == protocol.PerspectiveClient && encLevel != protocol.EncryptionForwardSecure { + header.VersionFlag = true + } + return header +} + +func (p *packetPackerLegacy) writeAndSealPacket( + header *wire.Header, + frames []wire.Frame, + sealer handshake.Sealer, +) ([]byte, error) { + raw := *getPacketBuffer() + buffer := bytes.NewBuffer(raw[:0]) + + if err := header.Write(buffer, p.perspective, p.version); err != nil { + return nil, err + } + payloadStartIndex := buffer.Len() + + for _, frame := range frames { + if err := frame.Write(buffer, p.version); err != nil { + return nil, err + } + } + + if size := protocol.ByteCount(buffer.Len() + sealer.Overhead()); size > p.maxPacketSize { + return nil, fmt.Errorf("PacketPacker BUG: packet too large (%d bytes, allowed %d bytes)", size, p.maxPacketSize) + } + + raw = raw[0:buffer.Len()] + _ = sealer.Seal(raw[payloadStartIndex:payloadStartIndex], raw[payloadStartIndex:], header.PacketNumber, raw[:payloadStartIndex]) + raw = raw[0 : buffer.Len()+sealer.Overhead()] + + num := p.packetNumberGenerator.Pop() + if num != header.PacketNumber { + return nil, errors.New("packetPacker BUG: Peeked and Popped packet numbers do not match") + } + p.hasSentPacket = true + return raw, nil +} + +func (p *packetPackerLegacy) canSendData(encLevel protocol.EncryptionLevel) bool { + if p.perspective == protocol.PerspectiveClient { + return encLevel >= protocol.EncryptionSecure + } + return encLevel == protocol.EncryptionForwardSecure +} + +func (p *packetPackerLegacy) ChangeDestConnectionID(connID protocol.ConnectionID) { + panic("changing connection IDs not supported by gQUIC") +} + +func (p *packetPackerLegacy) HandleTransportParameters(params *handshake.TransportParameters) { + p.omitConnectionID = params.OmitConnectionID +} diff --git a/packet_packer_legacy_test.go b/packet_packer_legacy_test.go new file mode 100644 index 00000000..5067c53e --- /dev/null +++ b/packet_packer_legacy_test.go @@ -0,0 +1,895 @@ +package quic + +import ( + "bytes" + "fmt" + "math/rand" + "net" + + "github.com/golang/mock/gomock" + "github.com/lucas-clemente/quic-go/internal/ackhandler" + "github.com/lucas-clemente/quic-go/internal/handshake" + "github.com/lucas-clemente/quic-go/internal/mocks" + "github.com/lucas-clemente/quic-go/internal/protocol" + "github.com/lucas-clemente/quic-go/internal/wire" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +var _ = Describe("Packet packer (legacy)", func() { + const maxPacketSize protocol.ByteCount = 1357 + var ( + packer *packetPackerLegacy + framer *MockFrameSource + ackFramer *MockAckFrameSource + cryptoStream *MockCryptoStream + sealingManager *MockSealingManager + sealer *mocks.MockSealer + divNonce []byte + ) + + expectAppendStreamFrames := func(frames ...wire.Frame) { + framer.EXPECT().AppendStreamFrames(gomock.Any(), gomock.Any()).DoAndReturn(func(fs []wire.Frame, _ protocol.ByteCount) []wire.Frame { + return append(fs, frames...) + }) + } + + expectAppendControlFrames := func(frames ...wire.Frame) { + framer.EXPECT().AppendControlFrames(gomock.Any(), gomock.Any()).DoAndReturn(func(fs []wire.Frame, _ protocol.ByteCount) ([]wire.Frame, protocol.ByteCount) { + var length protocol.ByteCount + for _, f := range frames { + length += f.Length(packer.version) + } + return append(fs, frames...), length + }) + } + + BeforeEach(func() { + rand.Seed(GinkgoRandomSeed()) + version := versionGQUICFrames + mockSender := NewMockStreamSender(mockCtrl) + mockSender.EXPECT().onHasStreamData(gomock.Any()).AnyTimes() + cryptoStream = NewMockCryptoStream(mockCtrl) + framer = NewMockFrameSource(mockCtrl) + ackFramer = NewMockAckFrameSource(mockCtrl) + sealingManager = NewMockSealingManager(mockCtrl) + sealer = mocks.NewMockSealer(mockCtrl) + sealer.EXPECT().Overhead().Return(9).AnyTimes() + sealer.EXPECT().Seal(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).DoAndReturn(func(dst, src []byte, pn protocol.PacketNumber, associatedData []byte) []byte { + return append(src, bytes.Repeat([]byte{0}, 9)...) + }).AnyTimes() + + divNonce = bytes.Repeat([]byte{'e'}, 32) + + packer = newPacketPackerLegacy( + protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8}, + protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8}, + func(protocol.PacketNumber) protocol.PacketNumberLen { return protocol.PacketNumberLen2 }, + &net.TCPAddr{}, + divNonce, + cryptoStream, + sealingManager, + framer, + ackFramer, + protocol.PerspectiveServer, + version, + ) + packer.hasSentPacket = true + packer.version = version + packer.maxPacketSize = maxPacketSize + }) + + It("returns nil when no packet is queued", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + ackFramer.EXPECT().GetAckFrame() + cryptoStream.EXPECT().hasData() + framer.EXPECT().AppendControlFrames(nil, gomock.Any()) + framer.EXPECT().AppendStreamFrames(nil, gomock.Any()) + p, err := packer.PackPacket() + Expect(p).To(BeNil()) + Expect(err).ToNot(HaveOccurred()) + }) + + It("packs single packets", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + expectAppendControlFrames() + f := &wire.StreamFrame{ + StreamID: 5, + Data: []byte{0xDE, 0xCA, 0xFB, 0xAD}, + } + expectAppendStreamFrames(f) + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p).ToNot(BeNil()) + b := &bytes.Buffer{} + f.Write(b, packer.version) + Expect(p.frames).To(Equal([]wire.Frame{f})) + Expect(p.raw).To(ContainSubstring(b.String())) + }) + + It("stores the encryption level a packet was sealed with", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + expectAppendControlFrames() + expectAppendStreamFrames(&wire.StreamFrame{ + StreamID: 5, + Data: []byte("foobar"), + }) + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p.encryptionLevel).To(Equal(protocol.EncryptionForwardSecure)) + }) + + Context("generating a packet header", func() { + Context("Public Header", func() { + It("doesn't set the source connection ID", func() { + ph := packer.getHeader(protocol.EncryptionForwardSecure) + Expect(ph.SrcConnectionID).To(BeEmpty()) + }) + + It("it omits the connection ID for forward-secure packets", func() { + packer.version = protocol.Version43 + ph := packer.getHeader(protocol.EncryptionForwardSecure) + Expect(ph.DestConnectionID.Len()).ToNot(BeZero()) + packer.HandleTransportParameters(&handshake.TransportParameters{ + OmitConnectionID: true, + }) + ph = packer.getHeader(protocol.EncryptionForwardSecure) + Expect(ph.DestConnectionID.Len()).To(BeZero()) + }) + + It("doesn't omit the connection ID for non-forward-secure packets", func() { + packer.HandleTransportParameters(&handshake.TransportParameters{ + OmitConnectionID: true, + }) + ph := packer.getHeader(protocol.EncryptionSecure) + Expect(ph.DestConnectionID.Len()).ToNot(BeZero()) + }) + + It("adds the Version Flag to the Public Header before the crypto handshake is finished", func() { + packer.perspective = protocol.PerspectiveClient + ph := packer.getHeader(protocol.EncryptionSecure) + Expect(ph.VersionFlag).To(BeTrue()) + }) + + It("doesn't add the Version Flag to the Public Header for forward-secure packets", func() { + packer.perspective = protocol.PerspectiveClient + ph := packer.getHeader(protocol.EncryptionForwardSecure) + Expect(ph.VersionFlag).To(BeFalse()) + }) + + Context("diversificaton nonces", func() { + It("doesn't include a div nonce, when sending a packet with initial encryption", func() { + ph := packer.getHeader(protocol.EncryptionUnencrypted) + Expect(ph.DiversificationNonce).To(BeEmpty()) + }) + + It("includes a div nonce, when sending a packet with secure encryption", func() { + ph := packer.getHeader(protocol.EncryptionSecure) + Expect(ph.DiversificationNonce).To(Equal(divNonce)) + }) + + It("doesn't include a div nonce, when sending a packet with forward-secure encryption", func() { + ph := packer.getHeader(protocol.EncryptionForwardSecure) + Expect(ph.DiversificationNonce).To(BeEmpty()) + }) + + It("doesn't send a div nonce as a client", func() { + packer.perspective = protocol.PerspectiveClient + ph := packer.getHeader(protocol.EncryptionSecure) + Expect(ph.DiversificationNonce).To(BeEmpty()) + }) + }) + }) + + Context("Header (for gQUIC 44)", func() { + BeforeEach(func() { + packer.version = protocol.Version44 + }) + + It("sends an Initial packet as the first packets, for the client", func() { + packer.perspective = protocol.PerspectiveClient + packer.hasSentPacket = false + h := packer.getHeader(protocol.EncryptionUnencrypted) + Expect(h.IsLongHeader).To(BeTrue()) + Expect(h.Type).To(Equal(protocol.PacketTypeInitial)) + Expect(h.Version).To(Equal(protocol.Version44)) + Expect(h.DestConnectionID).To(Equal(packer.destConnID)) + Expect(h.SrcConnectionID).To(Equal(packer.srcConnID)) + Expect(h.PacketNumberLen).To(Equal(protocol.PacketNumberLen4)) + }) + + It("sends a Handshake for non-forward-secure packets, for the server", func() { + packer.perspective = protocol.PerspectiveServer + h := packer.getHeader(protocol.EncryptionUnencrypted) + Expect(h.IsLongHeader).To(BeTrue()) + Expect(h.Type).To(Equal(protocol.PacketTypeHandshake)) + Expect(h.Version).To(Equal(protocol.Version44)) + Expect(h.DestConnectionID).To(Equal(packer.destConnID)) + Expect(h.SrcConnectionID).To(Equal(packer.srcConnID)) + Expect(h.PacketNumberLen).To(Equal(protocol.PacketNumberLen4)) + }) + + It("sets the Diversification Nonce for secure packets", func() { + packer.perspective = protocol.PerspectiveServer + Expect(divNonce).ToNot(BeEmpty()) + h := packer.getHeader(protocol.EncryptionSecure) + Expect(h.IsLongHeader).To(BeTrue()) + Expect(h.Version).To(Equal(protocol.Version44)) + Expect(h.Type).To(Equal(protocol.PacketType0RTT)) + Expect(h.DiversificationNonce).To(Equal(divNonce)) + }) + + It("uses the Short Header for forward-secure packets", func() { + h := packer.getHeader(protocol.EncryptionForwardSecure) + Expect(h.IsLongHeader).To(BeFalse()) + Expect(h.IsPublicHeader).To(BeFalse()) + Expect(h.DestConnectionID).To(Equal(packer.destConnID)) + }) + }) + }) + + It("packs a CONNECTION_CLOSE", func() { + ccf := wire.ConnectionCloseFrame{ + ErrorCode: 0x1337, + ReasonPhrase: "foobar", + } + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + p, err := packer.PackConnectionClose(&ccf) + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(HaveLen(1)) + Expect(p.frames[0]).To(Equal(&ccf)) + }) + + It("doesn't send any other frames when sending a CONNECTION_CLOSE", func() { + // expect no framer.PopStreamFrames + ccf := &wire.ConnectionCloseFrame{ + ErrorCode: 0x1337, + ReasonPhrase: "foobar", + } + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + p, err := packer.PackConnectionClose(ccf) + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(Equal([]wire.Frame{ccf})) + }) + + It("packs control frames", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + frames := []wire.Frame{&wire.RstStreamFrame{}, &wire.MaxDataFrame{}} + expectAppendControlFrames(frames...) + expectAppendStreamFrames() + p, err := packer.PackPacket() + Expect(p).ToNot(BeNil()) + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(Equal(frames)) + Expect(p.raw).NotTo(BeEmpty()) + }) + + It("increases the packet number", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer).Times(2) + cryptoStream.EXPECT().hasData().Times(2) + ackFramer.EXPECT().GetAckFrame().Times(2) + expectAppendControlFrames() + expectAppendStreamFrames(&wire.StreamFrame{Data: []byte("foobar")}) + expectAppendControlFrames() + expectAppendStreamFrames(&wire.StreamFrame{Data: []byte("raboof")}) + p1, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p1).ToNot(BeNil()) + p2, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p2).ToNot(BeNil()) + Expect(p2.header.PacketNumber).To(BeNumerically(">", p1.header.PacketNumber)) + }) + + It("packs ACKs and STOP_WAITING frames first, then control frames, then STREAM frames", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 100}}} + swf := &wire.StopWaitingFrame{LeastUnacked: 10} + mdf := &wire.MaxDataFrame{ByteOffset: 0x1234} + sf := &wire.StreamFrame{Data: []byte("foobar")} + ackFramer.EXPECT().GetAckFrame().Return(ack) + ackFramer.EXPECT().GetStopWaitingFrame(false).Return(swf) + expectAppendControlFrames(mdf) + expectAppendStreamFrames(sf) + packer.packetNumberGenerator.next = 15 + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p).ToNot(BeNil()) + Expect(p.frames).To(Equal([]wire.Frame{ack, swf, mdf, sf})) + }) + + It("sets the LeastUnackedDelta length of a STOP_WAITING frame", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + swf := &wire.StopWaitingFrame{LeastUnacked: 0x1337 - 0x100} + ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 100}}}) + ackFramer.EXPECT().GetStopWaitingFrame(false).Return(swf) + expectAppendControlFrames() + expectAppendStreamFrames() + packer.packetNumberGenerator.next = 0x1337 + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(HaveLen(2)) + Expect(p.frames[1].(*wire.StopWaitingFrame).PacketNumberLen).To(Equal(protocol.PacketNumberLen2)) + }) + + It("refuses to send a packet that doesn't contain crypto stream data, if it has never sent a packet before", func() { + cryptoStream.EXPECT().hasData() + packer.hasSentPacket = false + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p).To(BeNil()) + }) + + It("accounts for the space consumed by control frames", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + var maxSize protocol.ByteCount + gomock.InOrder( + framer.EXPECT().AppendControlFrames(gomock.Any(), gomock.Any()).DoAndReturn(func(fs []wire.Frame, maxLen protocol.ByteCount) ([]wire.Frame, protocol.ByteCount) { + maxSize = maxLen + return fs, 444 + }), + framer.EXPECT().AppendStreamFrames(gomock.Any(), gomock.Any()).Do(func(_ []wire.Frame, maxLen protocol.ByteCount) []wire.Frame { + Expect(maxLen).To(Equal(maxSize - 444 + 2 /* data length of the STREAM frame */)) + return nil + }), + ) + _, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + }) + + It("only increases the packet number when there is an actual packet to send", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer).Times(2) + ackFramer.EXPECT().GetAckFrame().Times(2) + cryptoStream.EXPECT().hasData().Times(2) + expectAppendStreamFrames() + expectAppendControlFrames() + packer.packetNumberGenerator.nextToSkip = 1000 + p, err := packer.PackPacket() + Expect(p).To(BeNil()) + Expect(err).ToNot(HaveOccurred()) + Expect(packer.packetNumberGenerator.Peek()).To(Equal(protocol.PacketNumber(1))) + expectAppendControlFrames() + expectAppendStreamFrames(&wire.StreamFrame{Data: []byte("foobar")}) + p, err = packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p).ToNot(BeNil()) + Expect(p.header.PacketNumber).To(Equal(protocol.PacketNumber(1))) + Expect(packer.packetNumberGenerator.Peek()).To(Equal(protocol.PacketNumber(2))) + }) + + Context("making ACK packets retransmittable", func() { + sendMaxNumNonRetransmittableAcks := func() { + cryptoStream.EXPECT().hasData().Times(protocol.MaxNonRetransmittableAcks) + for i := 0; i < protocol.MaxNonRetransmittableAcks; i++ { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 1}}}) + ackFramer.EXPECT().GetStopWaitingFrame(false) + expectAppendControlFrames() + expectAppendStreamFrames() + p, err := packer.PackPacket() + Expect(p).ToNot(BeNil()) + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(HaveLen(1)) + } + } + + It("adds a PING frame when it's supposed to send a retransmittable packet", func() { + sendMaxNumNonRetransmittableAcks() + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 1}}}) + ackFramer.EXPECT().GetStopWaitingFrame(false) + expectAppendControlFrames() + expectAppendStreamFrames() + p, err := packer.PackPacket() + Expect(p).ToNot(BeNil()) + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(ContainElement(&wire.PingFrame{})) + // make sure the next packet doesn't contain another PING + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 1}}}) + ackFramer.EXPECT().GetStopWaitingFrame(false) + expectAppendControlFrames() + expectAppendStreamFrames() + p, err = packer.PackPacket() + Expect(p).ToNot(BeNil()) + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(HaveLen(1)) + }) + + It("waits until there's something to send before adding a PING frame", func() { + sendMaxNumNonRetransmittableAcks() + // nothing to send + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + expectAppendControlFrames() + expectAppendStreamFrames() + ackFramer.EXPECT().GetAckFrame() + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p).To(BeNil()) + // now add some frame to send + expectAppendControlFrames() + expectAppendStreamFrames() + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 1}}}) + ackFramer.EXPECT().GetStopWaitingFrame(false) + p, err = packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(HaveLen(2)) + Expect(p.frames).To(ContainElement(&wire.PingFrame{})) + }) + + It("doesn't send a PING if it already sent another retransmittable frame", func() { + sendMaxNumNonRetransmittableAcks() + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + expectAppendStreamFrames() + expectAppendControlFrames(&wire.MaxDataFrame{}) + p, err := packer.PackPacket() + Expect(p).ToNot(BeNil()) + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).ToNot(ContainElement(&wire.PingFrame{})) + }) + }) + + Context("STREAM frame handling", func() { + It("does not split a STREAM frame with maximum size", func() { + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + expectAppendControlFrames() + sf := &wire.StreamFrame{ + Offset: 1, + StreamID: 5, + DataLenPresent: true, + } + framer.EXPECT().AppendStreamFrames(gomock.Any(), gomock.Any()).DoAndReturn(func(_ []wire.Frame, maxSize protocol.ByteCount) ([]wire.Frame, protocol.ByteCount) { + sf.Data = bytes.Repeat([]byte{'f'}, int(maxSize-sf.Length(packer.version))) + return []wire.Frame{sf}, sf.Length(packer.version) + }) + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(HaveLen(1)) + Expect(p.raw).To(HaveLen(int(maxPacketSize))) + Expect(p.frames[0].(*wire.StreamFrame).Data).To(HaveLen(len(sf.Data))) + Expect(p.frames[0].(*wire.StreamFrame).DataLenPresent).To(BeFalse()) + }) + + It("packs multiple small STREAM frames into single packet", func() { + f1 := &wire.StreamFrame{ + StreamID: 5, + Data: []byte("frame 1"), + DataLenPresent: true, + } + f2 := &wire.StreamFrame{ + StreamID: 5, + Data: []byte("frame 2"), + DataLenPresent: true, + } + f3 := &wire.StreamFrame{ + StreamID: 3, + Data: []byte("frame 3"), + DataLenPresent: true, + } + cryptoStream.EXPECT().hasData() + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + ackFramer.EXPECT().GetAckFrame() + expectAppendControlFrames() + expectAppendStreamFrames(f1, f2, f3) + p, err := packer.PackPacket() + Expect(p).ToNot(BeNil()) + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(HaveLen(3)) + Expect(p.frames[0].(*wire.StreamFrame).Data).To(Equal([]byte("frame 1"))) + Expect(p.frames[0].(*wire.StreamFrame).DataLenPresent).To(BeTrue()) + Expect(p.frames[1].(*wire.StreamFrame).Data).To(Equal([]byte("frame 2"))) + Expect(p.frames[1].(*wire.StreamFrame).DataLenPresent).To(BeTrue()) + Expect(p.frames[2].(*wire.StreamFrame).Data).To(Equal([]byte("frame 3"))) + Expect(p.frames[2].(*wire.StreamFrame).DataLenPresent).To(BeFalse()) + }) + + It("refuses to send unencrypted stream data on a data stream", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionUnencrypted, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + expectAppendControlFrames() + // don't expect a call to framer.PopStreamFrames + p, err := packer.PackPacket() + Expect(err).NotTo(HaveOccurred()) + Expect(p).To(BeNil()) + }) + + It("sends non forward-secure data as the client", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + expectAppendControlFrames() + f := &wire.StreamFrame{ + StreamID: 5, + Data: []byte("foobar"), + } + expectAppendStreamFrames(f) + packer.perspective = protocol.PerspectiveClient + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p.encryptionLevel).To(Equal(protocol.EncryptionSecure)) + Expect(p.frames).To(Equal([]wire.Frame{f})) + }) + + It("does not send non forward-secure data as the server", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionSecure, sealer) + cryptoStream.EXPECT().hasData() + ackFramer.EXPECT().GetAckFrame() + expectAppendControlFrames() + // don't expect a call to framer.PopStreamFrames + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p).To(BeNil()) + }) + + It("sends unencrypted stream data on the crypto stream", func() { + sealingManager.EXPECT().GetSealerForCryptoStream().Return(protocol.EncryptionUnencrypted, sealer) + f := &wire.StreamFrame{ + StreamID: packer.version.CryptoStreamID(), + Data: []byte("foobar"), + } + cryptoStream.EXPECT().hasData().Return(true) + cryptoStream.EXPECT().popStreamFrame(gomock.Any()).Return(f, false) + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(Equal([]wire.Frame{f})) + Expect(p.encryptionLevel).To(Equal(protocol.EncryptionUnencrypted)) + }) + + It("sends encrypted stream data on the crypto stream", func() { + sealingManager.EXPECT().GetSealerForCryptoStream().Return(protocol.EncryptionSecure, sealer) + f := &wire.StreamFrame{ + StreamID: packer.version.CryptoStreamID(), + Data: []byte("foobar"), + } + cryptoStream.EXPECT().hasData().Return(true) + cryptoStream.EXPECT().popStreamFrame(gomock.Any()).Return(f, false) + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(Equal([]wire.Frame{f})) + Expect(p.encryptionLevel).To(Equal(protocol.EncryptionSecure)) + }) + + It("does not pack STREAM frames if not allowed", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionUnencrypted, sealer) + cryptoStream.EXPECT().hasData() + ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 10, Smallest: 1}}} + ackFramer.EXPECT().GetAckFrame().Return(ack) + ackFramer.EXPECT().GetStopWaitingFrame(false) + expectAppendControlFrames() + // don't expect a call to framer.PopStreamFrames + p, err := packer.PackPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p.frames).To(Equal([]wire.Frame{ack})) + }) + }) + + It("packs a single ACK", func() { + cryptoStream.EXPECT().hasData() + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 42, Smallest: 1}}} + ackFramer.EXPECT().GetAckFrame().Return(ack) + ackFramer.EXPECT().GetStopWaitingFrame(false) + expectAppendControlFrames() + expectAppendStreamFrames() + p, err := packer.PackPacket() + Expect(err).NotTo(HaveOccurred()) + Expect(p).ToNot(BeNil()) + Expect(p.frames[0]).To(Equal(ack)) + }) + + Context("retransmitting of handshake packets", func() { + sf := &wire.StreamFrame{ + StreamID: 1, + Data: []byte("foobar"), + } + + It("packs a retransmission with the right encryption level", func() { + sealingManager.EXPECT().GetSealerWithEncryptionLevel(protocol.EncryptionUnencrypted).Return(sealer, nil) + swf := &wire.StopWaitingFrame{LeastUnacked: 1} + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + packet := &ackhandler.Packet{ + PacketType: protocol.PacketTypeHandshake, + EncryptionLevel: protocol.EncryptionUnencrypted, + Frames: []wire.Frame{sf}, + } + p, err := packer.PackRetransmission(packet) + Expect(err).ToNot(HaveOccurred()) + Expect(p).To(HaveLen(1)) + Expect(p[0].header.Type).To(Equal(protocol.PacketTypeHandshake)) + Expect(p[0].frames).To(Equal([]wire.Frame{swf, sf})) + Expect(p[0].encryptionLevel).To(Equal(protocol.EncryptionUnencrypted)) + }) + + It("packs a retransmission for a packet sent with secure encryption", func() { + sealingManager.EXPECT().GetSealerWithEncryptionLevel(protocol.EncryptionSecure).Return(sealer, nil) + swf := &wire.StopWaitingFrame{LeastUnacked: 1} + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + packet := &ackhandler.Packet{ + EncryptionLevel: protocol.EncryptionSecure, + Frames: []wire.Frame{sf}, + } + p, err := packer.PackRetransmission(packet) + Expect(err).ToNot(HaveOccurred()) + Expect(p).To(HaveLen(1)) + Expect(p[0].frames).To(Equal([]wire.Frame{swf, sf})) + Expect(p[0].encryptionLevel).To(Equal(protocol.EncryptionSecure)) + // a packet sent by the server with secure encryption contains the SHLO + // it needs to have a diversification nonce + Expect(p[0].raw).To(ContainSubstring(string(divNonce))) + }) + + // this should never happen, since non forward-secure packets are limited to a size smaller than MaxPacketSize, such that it is always possible to retransmit them without splitting the StreamFrame + // (note that the retransmitted packet needs to have enough space for the StopWaitingFrame) + It("refuses to send a packet larger than MaxPacketSize", func() { + sealingManager.EXPECT().GetSealerWithEncryptionLevel(gomock.Any()).Return(sealer, nil) + swf := &wire.StopWaitingFrame{LeastUnacked: 1} + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + packet := &ackhandler.Packet{ + EncryptionLevel: protocol.EncryptionSecure, + Frames: []wire.Frame{ + &wire.StreamFrame{ + StreamID: 1, + Data: bytes.Repeat([]byte{'f'}, int(maxPacketSize-5)), + }, + }, + } + _, err := packer.PackRetransmission(packet) + Expect(err).To(HaveOccurred()) + Expect(err.Error()).To(ContainSubstring("PacketPacker BUG: packet too large")) + }) + + It("packs a retransmission for an Initial packet", func() { + sealingManager.EXPECT().GetSealerWithEncryptionLevel(protocol.EncryptionUnencrypted).Return(sealer, nil) + packer.version = protocol.Version44 + packer.perspective = protocol.PerspectiveClient + packet := &ackhandler.Packet{ + PacketType: protocol.PacketTypeInitial, + EncryptionLevel: protocol.EncryptionUnencrypted, + Frames: []wire.Frame{sf}, + } + p, err := packer.PackRetransmission(packet) + Expect(err).ToNot(HaveOccurred()) + Expect(p).To(HaveLen(1)) + Expect(p[0].frames).To(Equal([]wire.Frame{sf})) + Expect(p[0].encryptionLevel).To(Equal(protocol.EncryptionUnencrypted)) + Expect(p[0].header.Type).To(Equal(protocol.PacketTypeInitial)) + }) + }) + + Context("retransmission of forward-secure packets", func() { + It("retransmits a small packet", func() { + swf := &wire.StopWaitingFrame{LeastUnacked: 7} + packer.packetNumberGenerator.next = 10 + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + frames := []wire.Frame{ + &wire.MaxDataFrame{ByteOffset: 0x1234}, + &wire.StreamFrame{StreamID: 42, Data: []byte("foobar")}, + } + packets, err := packer.PackRetransmission(&ackhandler.Packet{ + EncryptionLevel: protocol.EncryptionForwardSecure, + Frames: frames, + }) + Expect(err).ToNot(HaveOccurred()) + Expect(packets).To(HaveLen(1)) + p := packets[0] + Expect(p.encryptionLevel).To(Equal(protocol.EncryptionForwardSecure)) + Expect(p.frames).To(HaveLen(3)) + Expect(p.frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) + Expect(p.frames[0].(*wire.StopWaitingFrame).LeastUnacked).To(Equal(protocol.PacketNumber(7))) + Expect(p.frames[0].(*wire.StopWaitingFrame).PacketNumber).To(Equal(p.header.PacketNumber)) + Expect(p.frames[0].(*wire.StopWaitingFrame).PacketNumberLen).To(Equal(p.header.PacketNumberLen)) + Expect(p.frames[1:]).To(Equal(frames)) + }) + + It("packs two packets for retransmission if the original packet contained many control frames", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + var frames []wire.Frame + var totalLen protocol.ByteCount + // pack a bunch of control frames, such that the packet is way bigger than a single packet + for i := 0; totalLen < maxPacketSize*3/2; i++ { + f := &wire.MaxStreamDataFrame{ + StreamID: protocol.StreamID(i), + ByteOffset: protocol.ByteCount(i), + } + frames = append(frames, f) + totalLen += f.Length(packer.version) + } + packer.packetNumberGenerator.next = 10 + swf := &wire.StopWaitingFrame{LeastUnacked: 7} + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + packets, err := packer.PackRetransmission(&ackhandler.Packet{ + EncryptionLevel: protocol.EncryptionForwardSecure, + Frames: frames, + }) + Expect(err).ToNot(HaveOccurred()) + Expect(packets).To(HaveLen(2)) + Expect(len(packets[0].frames) + len(packets[1].frames)).To(Equal(len(frames) + 2)) // all frames, plus 2 STOP_WAITING frames + Expect(packets[0].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) + Expect(packets[1].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) + Expect(packets[0].frames[1:]).To(Equal(frames[:len(packets[0].frames)-1])) + Expect(packets[1].frames[1:]).To(Equal(frames[len(packets[0].frames)-1:])) + // check that the first packet was filled up as far as possible: + // if the first frame (after the STOP_WAITING) was packed into the first packet, it would have overflown the MaxPacketSize + Expect(len(packets[0].raw) + int(packets[1].frames[1].Length(packer.version))).To(BeNumerically(">", maxPacketSize)) + }) + + It("splits a STREAM frame that doesn't fit", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + swf := &wire.StopWaitingFrame{} + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + packets, err := packer.PackRetransmission(&ackhandler.Packet{ + EncryptionLevel: protocol.EncryptionForwardSecure, + Frames: []wire.Frame{&wire.StreamFrame{ + StreamID: 42, + Offset: 1337, + Data: bytes.Repeat([]byte{'a'}, int(maxPacketSize)*3/2), + }}, + }) + Expect(err).ToNot(HaveOccurred()) + Expect(packets).To(HaveLen(2)) + Expect(packets[0].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) + Expect(packets[1].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) + Expect(packets[0].frames[1]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) + Expect(packets[1].frames[1]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) + sf1 := packets[0].frames[1].(*wire.StreamFrame) + sf2 := packets[1].frames[1].(*wire.StreamFrame) + Expect(sf1.StreamID).To(Equal(protocol.StreamID(42))) + Expect(sf1.Offset).To(Equal(protocol.ByteCount(1337))) + Expect(sf1.DataLenPresent).To(BeFalse()) + Expect(sf2.StreamID).To(Equal(protocol.StreamID(42))) + Expect(sf2.Offset).To(Equal(protocol.ByteCount(1337) + sf1.DataLen())) + Expect(sf2.DataLenPresent).To(BeFalse()) + Expect(sf1.DataLen() + sf2.DataLen()).To(Equal(maxPacketSize * 3 / 2)) + Expect(packets[0].raw).To(HaveLen(int(maxPacketSize))) + }) + + It("splits STREAM frames, if necessary", func() { + for i := 0; i < 100; i++ { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer).MaxTimes(2) + swf := &wire.StopWaitingFrame{} + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + sf1 := &wire.StreamFrame{ + StreamID: 42, + Offset: 1337, + Data: bytes.Repeat([]byte{'a'}, 1+int(rand.Int31n(int32(maxPacketSize*4/5)))), + } + sf2 := &wire.StreamFrame{ + StreamID: 2, + Offset: 42, + Data: bytes.Repeat([]byte{'b'}, 1+int(rand.Int31n(int32(maxPacketSize*4/5)))), + } + expectedDataLen := sf1.DataLen() + sf2.DataLen() + fmt.Fprintf(GinkgoWriter, "STREAM frame 1: %d bytes, STREAM frame 2: %d\n", sf1.DataLen(), sf2.DataLen()) + frames := []wire.Frame{sf1, sf2} + packets, err := packer.PackRetransmission(&ackhandler.Packet{ + EncryptionLevel: protocol.EncryptionForwardSecure, + Frames: frames, + }) + Expect(err).ToNot(HaveOccurred()) + + if len(packets) > 1 { + Expect(packets[0].raw).To(HaveLen(int(maxPacketSize))) + } + + var dataLen protocol.ByteCount + for _, p := range packets { + for _, f := range p.frames { + if sf, ok := f.(*wire.StreamFrame); ok { + dataLen += sf.DataLen() + } + } + } + Expect(dataLen).To(Equal(expectedDataLen)) + } + }) + + It("packs two packets for retransmission if the original packet contained many STREAM frames", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + swf := &wire.StopWaitingFrame{} + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + var frames []wire.Frame + var totalLen protocol.ByteCount + // pack a bunch of control frames, such that the packet is way bigger than a single packet + for i := 0; totalLen < maxPacketSize*3/2; i++ { + f := &wire.StreamFrame{ + StreamID: protocol.StreamID(i), + Data: []byte("foobar"), + DataLenPresent: true, + } + frames = append(frames, f) + totalLen += f.Length(packer.version) + } + packets, err := packer.PackRetransmission(&ackhandler.Packet{ + EncryptionLevel: protocol.EncryptionForwardSecure, + Frames: frames, + }) + Expect(err).ToNot(HaveOccurred()) + Expect(packets).To(HaveLen(2)) + Expect(len(packets[0].frames) + len(packets[1].frames)).To(Equal(len(frames) + 2)) // all frames, plus 2 STOP_WAITING frames + Expect(packets[0].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) + Expect(packets[1].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) + Expect(packets[0].frames[1:]).To(Equal(frames[:len(packets[0].frames)-1])) + Expect(packets[1].frames[1:]).To(Equal(frames[len(packets[0].frames)-1:])) + // check that the first packet was filled up as far as possible: + // if the first frame (after the STOP_WAITING) was packed into the first packet, it would have overflown the MaxPacketSize + Expect(len(packets[0].raw) + int(packets[1].frames[1].Length(packer.version))).To(BeNumerically(">", maxPacketSize-protocol.MinStreamFrameSize)) + }) + + It("correctly sets the DataLenPresent on STREAM frames", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + swf := &wire.StopWaitingFrame{} + ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) + frames := []wire.Frame{ + &wire.StreamFrame{StreamID: 4, Data: []byte("foobar"), DataLenPresent: true}, + &wire.StreamFrame{StreamID: 5, Data: []byte("barfoo")}, + } + packets, err := packer.PackRetransmission(&ackhandler.Packet{ + EncryptionLevel: protocol.EncryptionForwardSecure, + Frames: frames, + }) + Expect(err).ToNot(HaveOccurred()) + Expect(packets).To(HaveLen(1)) + p := packets[0] + Expect(p.frames).To(HaveLen(3)) + Expect(p.frames[1]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) + Expect(p.frames[2]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) + sf1 := p.frames[1].(*wire.StreamFrame) + sf2 := p.frames[2].(*wire.StreamFrame) + Expect(sf1.StreamID).To(Equal(protocol.StreamID(4))) + Expect(sf1.DataLenPresent).To(BeTrue()) + Expect(sf2.StreamID).To(Equal(protocol.StreamID(5))) + Expect(sf2.DataLenPresent).To(BeFalse()) + }) + }) + + Context("packing ACK packets", func() { + It("doesn't pack a packet if there's no ACK to send", func() { + ackFramer.EXPECT().GetAckFrame() + p, err := packer.MaybePackAckPacket() + Expect(err).ToNot(HaveOccurred()) + Expect(p).To(BeNil()) + }) + + It("packs ACK packets", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 10}}} + swf := &wire.StopWaitingFrame{} + ackFramer.EXPECT().GetAckFrame().Return(ack) + ackFramer.EXPECT().GetStopWaitingFrame(false).Return(swf) + p, err := packer.MaybePackAckPacket() + Expect(err).NotTo(HaveOccurred()) + Expect(p.frames).To(Equal([]wire.Frame{ack, swf})) + }) + + It("doesn't add a STOP_WAITING frame, for gQUIC 44", func() { + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + packer.version = protocol.Version44 + ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 10}}} + ackFramer.EXPECT().GetAckFrame().Return(ack) + p, err := packer.MaybePackAckPacket() + Expect(err).NotTo(HaveOccurred()) + Expect(p.frames).To(Equal([]wire.Frame{ack})) + }) + }) +}) diff --git a/packet_packer_test.go b/packet_packer_test.go index 1312a617..ed015bae 100644 --- a/packet_packer_test.go +++ b/packet_packer_test.go @@ -24,7 +24,6 @@ var _ = Describe("Packet packer", func() { cryptoStream *MockCryptoStream sealingManager *MockSealingManager sealer *mocks.MockSealer - divNonce []byte token []byte ) @@ -55,7 +54,7 @@ var _ = Describe("Packet packer", func() { BeforeEach(func() { rand.Seed(GinkgoRandomSeed()) - version := versionGQUICFrames + version := versionIETFFrames mockSender := NewMockStreamSender(mockCtrl) mockSender.EXPECT().onHasStreamData(gomock.Any()).AnyTimes() cryptoStream = NewMockCryptoStream(mockCtrl) @@ -68,7 +67,6 @@ var _ = Describe("Packet packer", func() { return append(src, bytes.Repeat([]byte{0}, 7)...) }).AnyTimes() - divNonce = bytes.Repeat([]byte{'e'}, 32) token = []byte("initial token") packer = newPacketPacker( @@ -78,7 +76,6 @@ var _ = Describe("Packet packer", func() { func(protocol.PacketNumber) protocol.PacketNumberLen { return protocol.PacketNumberLen2 }, &net.TCPAddr{}, token, // token - divNonce, cryptoStream, sealingManager, framer, @@ -153,168 +150,45 @@ var _ = Describe("Packet packer", func() { }) Context("generating a packet header", func() { - const ( - versionPublicHeader = protocol.Version39 // a QUIC version that uses the Public Header format - versionIETFHeader = protocol.VersionTLS // a QUIC version that uses the IETF Header format - ) - - Context("Public Header (for gQUIC)", func() { - BeforeEach(func() { - packer.version = versionPublicHeader - }) - - It("doesn't set the source connection ID", func() { - ph := packer.getHeader(protocol.EncryptionForwardSecure) - Expect(ph.SrcConnectionID).To(BeEmpty()) - }) - - It("it omits the connection ID for forward-secure packets", func() { - packer.version = protocol.Version43 - ph := packer.getHeader(protocol.EncryptionForwardSecure) - Expect(ph.DestConnectionID.Len()).ToNot(BeZero()) - packer.HandleTransportParameters(&handshake.TransportParameters{ - OmitConnectionID: true, - }) - ph = packer.getHeader(protocol.EncryptionForwardSecure) - Expect(ph.DestConnectionID.Len()).To(BeZero()) - }) - - It("doesn't omit the connection ID for non-forward-secure packets", func() { - packer.HandleTransportParameters(&handshake.TransportParameters{ - OmitConnectionID: true, - }) - ph := packer.getHeader(protocol.EncryptionSecure) - Expect(ph.DestConnectionID.Len()).ToNot(BeZero()) - }) - - It("adds the Version Flag to the Public Header before the crypto handshake is finished", func() { - packer.perspective = protocol.PerspectiveClient - ph := packer.getHeader(protocol.EncryptionSecure) - Expect(ph.VersionFlag).To(BeTrue()) - }) - - It("doesn't add the Version Flag to the Public Header for forward-secure packets", func() { - packer.perspective = protocol.PerspectiveClient - ph := packer.getHeader(protocol.EncryptionForwardSecure) - Expect(ph.VersionFlag).To(BeFalse()) - }) - - Context("diversificaton nonces", func() { - It("doesn't include a div nonce, when sending a packet with initial encryption", func() { - ph := packer.getHeader(protocol.EncryptionUnencrypted) - Expect(ph.DiversificationNonce).To(BeEmpty()) - }) - - It("includes a div nonce, when sending a packet with secure encryption", func() { - ph := packer.getHeader(protocol.EncryptionSecure) - Expect(ph.DiversificationNonce).To(Equal(divNonce)) - }) - - It("doesn't include a div nonce, when sending a packet with forward-secure encryption", func() { - ph := packer.getHeader(protocol.EncryptionForwardSecure) - Expect(ph.DiversificationNonce).To(BeEmpty()) - }) - - It("doesn't send a div nonce as a client", func() { - packer.perspective = protocol.PerspectiveClient - ph := packer.getHeader(protocol.EncryptionSecure) - Expect(ph.DiversificationNonce).To(BeEmpty()) - }) - }) + It("uses the Long Header format for non-forward-secure packets", func() { + h := packer.getHeader(protocol.EncryptionSecure) + Expect(h.IsLongHeader).To(BeTrue()) + Expect(h.Version).To(Equal(packer.version)) }) - Context("Header (for gQUIC 44)", func() { - BeforeEach(func() { - packer.version = protocol.Version44 - }) - - It("sends an Initial packet as the first packets, for the client", func() { - packer.perspective = protocol.PerspectiveClient - packer.hasSentPacket = false - h := packer.getHeader(protocol.EncryptionUnencrypted) - Expect(h.IsLongHeader).To(BeTrue()) - Expect(h.Type).To(Equal(protocol.PacketTypeInitial)) - Expect(h.Version).To(Equal(protocol.Version44)) - Expect(h.DestConnectionID).To(Equal(packer.destConnID)) - Expect(h.SrcConnectionID).To(Equal(packer.srcConnID)) - Expect(h.PacketNumberLen).To(Equal(protocol.PacketNumberLen4)) - }) - - It("sends a Handshake for non-forward-secure packets, for the server", func() { - packer.perspective = protocol.PerspectiveServer - h := packer.getHeader(protocol.EncryptionUnencrypted) - Expect(h.IsLongHeader).To(BeTrue()) - Expect(h.Type).To(Equal(protocol.PacketTypeHandshake)) - Expect(h.Version).To(Equal(protocol.Version44)) - Expect(h.DestConnectionID).To(Equal(packer.destConnID)) - Expect(h.SrcConnectionID).To(Equal(packer.srcConnID)) - Expect(h.PacketNumberLen).To(Equal(protocol.PacketNumberLen4)) - }) - - It("sets the Diversification Nonce for secure packets", func() { - packer.perspective = protocol.PerspectiveServer - Expect(divNonce).ToNot(BeEmpty()) - h := packer.getHeader(protocol.EncryptionSecure) - Expect(h.IsLongHeader).To(BeTrue()) - Expect(h.Version).To(Equal(protocol.Version44)) - Expect(h.Type).To(Equal(protocol.PacketType0RTT)) - Expect(h.DiversificationNonce).To(Equal(divNonce)) - }) - - It("uses the Short Header for forward-secure packets", func() { - h := packer.getHeader(protocol.EncryptionForwardSecure) - Expect(h.IsLongHeader).To(BeFalse()) - Expect(h.IsPublicHeader).To(BeFalse()) - Expect(h.DestConnectionID).To(Equal(packer.destConnID)) - }) + It("sets source and destination connection ID", func() { + srcConnID := protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8} + destConnID := protocol.ConnectionID{8, 7, 6, 5, 4, 3, 2, 1} + packer.srcConnID = srcConnID + packer.destConnID = destConnID + h := packer.getHeader(protocol.EncryptionSecure) + Expect(h.SrcConnectionID).To(Equal(srcConnID)) + Expect(h.DestConnectionID).To(Equal(destConnID)) }) - Context("Header (for IETF draft QUIC)", func() { - BeforeEach(func() { - packer.version = versionIETFHeader - }) + It("changes the destination connection ID", func() { + srcConnID := protocol.ConnectionID{1, 1, 1, 1, 1, 1, 1, 1} + packer.srcConnID = srcConnID + dest1 := protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8} + dest2 := protocol.ConnectionID{8, 7, 6, 5, 4, 3, 2, 1} + packer.ChangeDestConnectionID(dest1) + h := packer.getHeader(protocol.EncryptionUnencrypted) + Expect(h.SrcConnectionID).To(Equal(srcConnID)) + Expect(h.DestConnectionID).To(Equal(dest1)) + packer.ChangeDestConnectionID(dest2) + h = packer.getHeader(protocol.EncryptionUnencrypted) + Expect(h.SrcConnectionID).To(Equal(srcConnID)) + Expect(h.DestConnectionID).To(Equal(dest2)) + }) - It("uses the Long Header format for non-forward-secure packets", func() { - h := packer.getHeader(protocol.EncryptionSecure) - Expect(h.IsLongHeader).To(BeTrue()) - Expect(h.Version).To(Equal(versionIETFHeader)) - }) - - It("sets source and destination connection ID", func() { - srcConnID := protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8} - destConnID := protocol.ConnectionID{8, 7, 6, 5, 4, 3, 2, 1} - packer.srcConnID = srcConnID - packer.destConnID = destConnID - h := packer.getHeader(protocol.EncryptionSecure) - Expect(h.SrcConnectionID).To(Equal(srcConnID)) - Expect(h.DestConnectionID).To(Equal(destConnID)) - }) - - It("changes the destination connection ID", func() { - srcConnID := protocol.ConnectionID{1, 1, 1, 1, 1, 1, 1, 1} - packer.srcConnID = srcConnID - dest1 := protocol.ConnectionID{1, 2, 3, 4, 5, 6, 7, 8} - dest2 := protocol.ConnectionID{8, 7, 6, 5, 4, 3, 2, 1} - packer.ChangeDestConnectionID(dest1) - h := packer.getHeader(protocol.EncryptionUnencrypted) - Expect(h.SrcConnectionID).To(Equal(srcConnID)) - Expect(h.DestConnectionID).To(Equal(dest1)) - packer.ChangeDestConnectionID(dest2) - h = packer.getHeader(protocol.EncryptionUnencrypted) - Expect(h.SrcConnectionID).To(Equal(srcConnID)) - Expect(h.DestConnectionID).To(Equal(dest2)) - }) - - It("uses the Short Header format for forward-secure packets", func() { - h := packer.getHeader(protocol.EncryptionForwardSecure) - Expect(h.IsLongHeader).To(BeFalse()) - Expect(h.PacketNumberLen).To(BeNumerically(">", 0)) - }) + It("uses the Short Header format for forward-secure packets", func() { + h := packer.getHeader(protocol.EncryptionForwardSecure) + Expect(h.IsLongHeader).To(BeFalse()) + Expect(h.PacketNumberLen).To(BeNumerically(">", 0)) }) }) It("sets the payload length for packets containing crypto data", func() { - packer.version = versionIETFFrames f := &wire.StreamFrame{ StreamID: packer.version.CryptoStreamID(), Offset: 0x1337, @@ -383,39 +257,6 @@ var _ = Describe("Packet packer", func() { Expect(p2.header.PacketNumber).To(BeNumerically(">", p1.header.PacketNumber)) }) - It("packs ACKs and STOP_WAITING frames first, then control frames, then STREAM frames", func() { - cryptoStream.EXPECT().hasData() - ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 100}}} - swf := &wire.StopWaitingFrame{LeastUnacked: 10} - mdf := &wire.MaxDataFrame{ByteOffset: 0x1234} - sf := &wire.StreamFrame{Data: []byte("foobar")} - sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) - ackFramer.EXPECT().GetAckFrame().Return(ack) - ackFramer.EXPECT().GetStopWaitingFrame(false).Return(swf) - expectAppendControlFrames(mdf) - expectAppendStreamFrames(sf) - packer.packetNumberGenerator.next = 15 - p, err := packer.PackPacket() - Expect(err).ToNot(HaveOccurred()) - Expect(p).ToNot(BeNil()) - Expect(p.frames).To(Equal([]wire.Frame{ack, swf, mdf, sf})) - }) - - It("sets the LeastUnackedDelta length of a STOP_WAITING frame", func() { - sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) - cryptoStream.EXPECT().hasData() - swf := &wire.StopWaitingFrame{LeastUnacked: 0x1337 - 0x100} - ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 100}}}) - ackFramer.EXPECT().GetStopWaitingFrame(false).Return(swf) - expectAppendControlFrames() - expectAppendStreamFrames() - packer.packetNumberGenerator.next = 0x1337 - p, err := packer.PackPacket() - Expect(err).ToNot(HaveOccurred()) - Expect(p.frames).To(HaveLen(2)) - Expect(p.frames[1].(*wire.StopWaitingFrame).PacketNumberLen).To(Equal(protocol.PacketNumberLen2)) - }) - It("refuses to send a packet that doesn't contain crypto stream data, if it has never sent a packet before", func() { cryptoStream.EXPECT().hasData() packer.hasSentPacket = false @@ -435,7 +276,7 @@ var _ = Describe("Packet packer", func() { return fs, 444 }), framer.EXPECT().AppendStreamFrames(gomock.Any(), gomock.Any()).Do(func(_ []wire.Frame, maxLen protocol.ByteCount) []wire.Frame { - Expect(maxLen).To(Equal(maxSize - 444 + 2 /* data length of the STREAM frame */)) + Expect(maxLen).To(Equal(maxSize - 444 + 1 /* data length of the STREAM frame */)) return nil }), ) @@ -469,7 +310,6 @@ var _ = Describe("Packet packer", func() { for i := 0; i < protocol.MaxNonRetransmittableAcks; i++ { sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 1}}}) - ackFramer.EXPECT().GetStopWaitingFrame(false) expectAppendControlFrames() expectAppendStreamFrames() p, err := packer.PackPacket() @@ -484,7 +324,6 @@ var _ = Describe("Packet packer", func() { sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) cryptoStream.EXPECT().hasData() ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 1}}}) - ackFramer.EXPECT().GetStopWaitingFrame(false) expectAppendControlFrames() expectAppendStreamFrames() p, err := packer.PackPacket() @@ -495,7 +334,6 @@ var _ = Describe("Packet packer", func() { sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) cryptoStream.EXPECT().hasData() ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 1}}}) - ackFramer.EXPECT().GetStopWaitingFrame(false) expectAppendControlFrames() expectAppendStreamFrames() p, err = packer.PackPacket() @@ -521,7 +359,6 @@ var _ = Describe("Packet packer", func() { cryptoStream.EXPECT().hasData() sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) ackFramer.EXPECT().GetAckFrame().Return(&wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 1}}}) - ackFramer.EXPECT().GetStopWaitingFrame(false) p, err = packer.PackPacket() Expect(err).ToNot(HaveOccurred()) Expect(p.frames).To(HaveLen(2)) @@ -543,30 +380,7 @@ var _ = Describe("Packet packer", func() { }) Context("STREAM frame handling", func() { - It("does not split a STREAM frame with maximum size, for gQUIC frames", func() { - cryptoStream.EXPECT().hasData() - sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) - ackFramer.EXPECT().GetAckFrame() - expectAppendControlFrames() - sf := &wire.StreamFrame{ - Offset: 1, - StreamID: 5, - DataLenPresent: true, - } - framer.EXPECT().AppendStreamFrames(gomock.Any(), gomock.Any()).DoAndReturn(func(_ []wire.Frame, maxSize protocol.ByteCount) ([]wire.Frame, protocol.ByteCount) { - sf.Data = bytes.Repeat([]byte{'f'}, int(maxSize-sf.Length(packer.version))) - return []wire.Frame{sf}, sf.Length(packer.version) - }) - p, err := packer.PackPacket() - Expect(err).ToNot(HaveOccurred()) - Expect(p.frames).To(HaveLen(1)) - Expect(p.raw).To(HaveLen(int(maxPacketSize))) - Expect(p.frames[0].(*wire.StreamFrame).Data).To(HaveLen(len(sf.Data))) - Expect(p.frames[0].(*wire.StreamFrame).DataLenPresent).To(BeFalse()) - }) - - It("does not split a STREAM frame with maximum size, for IETF draft style frame", func() { - packer.version = versionIETFFrames + It("does not split a STREAM frame with maximum size", func() { ackFramer.EXPECT().GetAckFrame() cryptoStream.EXPECT().hasData() sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) @@ -715,27 +529,25 @@ var _ = Describe("Packet packer", func() { sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionUnencrypted, sealer) ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 10, Smallest: 1}}} ackFramer.EXPECT().GetAckFrame().Return(ack) - ackFramer.EXPECT().GetStopWaitingFrame(false) expectAppendControlFrames() // don't expect a call to framer.PopStreamFrames p, err := packer.PackPacket() Expect(err).ToNot(HaveOccurred()) Expect(p.frames).To(Equal([]wire.Frame{ack})) }) + }) - It("packs a single ACK", func() { - ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 42, Smallest: 1}}} - sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) - cryptoStream.EXPECT().hasData() - ackFramer.EXPECT().GetAckFrame().Return(ack) - ackFramer.EXPECT().GetStopWaitingFrame(false) - expectAppendControlFrames() - expectAppendStreamFrames() - p, err := packer.PackPacket() - Expect(err).NotTo(HaveOccurred()) - Expect(p).ToNot(BeNil()) - Expect(p.frames[0]).To(Equal(ack)) - }) + It("packs a single ACK", func() { + cryptoStream.EXPECT().hasData() + ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Largest: 42, Smallest: 1}}} + ackFramer.EXPECT().GetAckFrame().Return(ack) + sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) + expectAppendControlFrames() + expectAppendStreamFrames() + p, err := packer.PackPacket() + Expect(err).NotTo(HaveOccurred()) + Expect(p).ToNot(BeNil()) + Expect(p.frames[0]).To(Equal(ack)) }) Context("retransmitting of handshake packets", func() { @@ -745,9 +557,7 @@ var _ = Describe("Packet packer", func() { } It("packs a retransmission with the right encryption level", func() { - swf := &wire.StopWaitingFrame{LeastUnacked: 1} sealingManager.EXPECT().GetSealerWithEncryptionLevel(protocol.EncryptionUnencrypted).Return(sealer, nil) - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) packet := &ackhandler.Packet{ PacketType: protocol.PacketTypeHandshake, EncryptionLevel: protocol.EncryptionUnencrypted, @@ -757,54 +567,19 @@ var _ = Describe("Packet packer", func() { Expect(err).ToNot(HaveOccurred()) Expect(p).To(HaveLen(1)) Expect(p[0].header.Type).To(Equal(protocol.PacketTypeHandshake)) - Expect(p[0].frames).To(Equal([]wire.Frame{swf, sf})) - Expect(p[0].encryptionLevel).To(Equal(protocol.EncryptionUnencrypted)) - }) - - It("doesn't add a STOP_WAITING frame for IETF QUIC", func() { - sealingManager.EXPECT().GetSealerWithEncryptionLevel(protocol.EncryptionUnencrypted).Return(sealer, nil) - packer.version = versionIETFFrames - packet := &ackhandler.Packet{ - EncryptionLevel: protocol.EncryptionUnencrypted, - Frames: []wire.Frame{sf}, - } - p, err := packer.PackRetransmission(packet) - Expect(err).ToNot(HaveOccurred()) - Expect(p).To(HaveLen(1)) Expect(p[0].frames).To(Equal([]wire.Frame{sf})) Expect(p[0].encryptionLevel).To(Equal(protocol.EncryptionUnencrypted)) }) - It("packs a retransmission for a packet sent with secure encryption", func() { - sealingManager.EXPECT().GetSealerWithEncryptionLevel(protocol.EncryptionSecure).Return(sealer, nil) - swf := &wire.StopWaitingFrame{LeastUnacked: 1} - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) - packet := &ackhandler.Packet{ - EncryptionLevel: protocol.EncryptionSecure, - Frames: []wire.Frame{sf}, - } - p, err := packer.PackRetransmission(packet) - Expect(err).ToNot(HaveOccurred()) - Expect(p).To(HaveLen(1)) - Expect(p[0].frames).To(Equal([]wire.Frame{swf, sf})) - Expect(p[0].encryptionLevel).To(Equal(protocol.EncryptionSecure)) - // a packet sent by the server with secure encryption contains the SHLO - // it needs to have a diversification nonce - Expect(p[0].raw).To(ContainSubstring(string(divNonce))) - }) - // this should never happen, since non forward-secure packets are limited to a size smaller than MaxPacketSize, such that it is always possible to retransmit them without splitting the StreamFrame - // (note that the retransmitted packet needs to have enough space for the StopWaitingFrame) It("refuses to send a packet larger than MaxPacketSize", func() { sealingManager.EXPECT().GetSealerWithEncryptionLevel(gomock.Any()).Return(sealer, nil) - swf := &wire.StopWaitingFrame{LeastUnacked: 1} - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) packet := &ackhandler.Packet{ EncryptionLevel: protocol.EncryptionSecure, Frames: []wire.Frame{ &wire.StreamFrame{ StreamID: 1, - Data: bytes.Repeat([]byte{'f'}, int(maxPacketSize-5)), + Data: bytes.Repeat([]byte{'f'}, int(maxPacketSize)), }, }, } @@ -841,7 +616,6 @@ var _ = Describe("Packet packer", func() { StreamID: packer.version.CryptoStreamID(), Data: []byte("foobar"), }, false) - packer.version = protocol.VersionTLS packer.hasSentPacket = false packer.perspective = protocol.PerspectiveClient packet, err := packer.PackPacket() @@ -870,9 +644,7 @@ var _ = Describe("Packet packer", func() { Context("retransmission of forward-secure packets", func() { It("retransmits a small packet", func() { - swf := &wire.StopWaitingFrame{LeastUnacked: 7} packer.packetNumberGenerator.next = 10 - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) frames := []wire.Frame{ &wire.MaxDataFrame{ByteOffset: 0x1234}, @@ -886,12 +658,7 @@ var _ = Describe("Packet packer", func() { Expect(packets).To(HaveLen(1)) p := packets[0] Expect(p.encryptionLevel).To(Equal(protocol.EncryptionForwardSecure)) - Expect(p.frames).To(HaveLen(3)) - Expect(p.frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) - Expect(p.frames[0].(*wire.StopWaitingFrame).LeastUnacked).To(Equal(protocol.PacketNumber(7))) - Expect(p.frames[0].(*wire.StopWaitingFrame).PacketNumber).To(Equal(p.header.PacketNumber)) - Expect(p.frames[0].(*wire.StopWaitingFrame).PacketNumberLen).To(Equal(p.header.PacketNumberLen)) - Expect(p.frames[1:]).To(Equal(frames)) + Expect(p.frames).To(Equal(frames)) }) It("packs two packets for retransmission if the original packet contained many control frames", func() { @@ -900,32 +667,28 @@ var _ = Describe("Packet packer", func() { var totalLen protocol.ByteCount // pack a bunch of control frames, such that the packet is way bigger than a single packet for i := 0; totalLen < maxPacketSize*3/2; i++ { - f := &wire.MaxStreamDataFrame{StreamID: protocol.StreamID(i), ByteOffset: protocol.ByteCount(i)} + f := &wire.MaxStreamDataFrame{ + StreamID: protocol.StreamID(i), + ByteOffset: protocol.ByteCount(i), + } frames = append(frames, f) totalLen += f.Length(packer.version) } packer.packetNumberGenerator.next = 10 - swf := &wire.StopWaitingFrame{LeastUnacked: 7} - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) packets, err := packer.PackRetransmission(&ackhandler.Packet{ EncryptionLevel: protocol.EncryptionForwardSecure, Frames: frames, }) Expect(err).ToNot(HaveOccurred()) Expect(packets).To(HaveLen(2)) - Expect(len(packets[0].frames) + len(packets[1].frames)).To(Equal(len(frames) + 2)) // all frames, plus 2 STOP_WAITING frames - Expect(packets[0].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) - Expect(packets[1].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) - Expect(packets[0].frames[1:]).To(Equal(frames[:len(packets[0].frames)-1])) - Expect(packets[1].frames[1:]).To(Equal(frames[len(packets[0].frames)-1:])) + Expect(len(packets[0].frames) + len(packets[1].frames)).To(Equal(len(frames))) + Expect(packets[1].frames).To(Equal(frames[len(packets[0].frames):])) // check that the first packet was filled up as far as possible: // if the first frame (after the STOP_WAITING) was packed into the first packet, it would have overflown the MaxPacketSize Expect(len(packets[0].raw) + int(packets[1].frames[1].Length(packer.version))).To(BeNumerically(">", maxPacketSize)) }) It("splits a STREAM frame that doesn't fit", func() { - swf := &wire.StopWaitingFrame{} - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) packets, err := packer.PackRetransmission(&ackhandler.Packet{ EncryptionLevel: protocol.EncryptionForwardSecure, @@ -937,12 +700,10 @@ var _ = Describe("Packet packer", func() { }) Expect(err).ToNot(HaveOccurred()) Expect(packets).To(HaveLen(2)) - Expect(packets[0].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) - Expect(packets[1].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) - Expect(packets[0].frames[1]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) - Expect(packets[1].frames[1]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) - sf1 := packets[0].frames[1].(*wire.StreamFrame) - sf2 := packets[1].frames[1].(*wire.StreamFrame) + Expect(packets[0].frames[0]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) + Expect(packets[1].frames[0]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) + sf1 := packets[0].frames[0].(*wire.StreamFrame) + sf2 := packets[1].frames[0].(*wire.StreamFrame) Expect(sf1.StreamID).To(Equal(protocol.StreamID(42))) Expect(sf1.Offset).To(Equal(protocol.ByteCount(1337))) Expect(sf1.DataLenPresent).To(BeFalse()) @@ -956,8 +717,6 @@ var _ = Describe("Packet packer", func() { It("splits STREAM frames, if necessary", func() { for i := 0; i < 100; i++ { sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer).MaxTimes(2) - swf := &wire.StopWaitingFrame{} - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) sf1 := &wire.StreamFrame{ StreamID: 42, Offset: 1337, @@ -983,9 +742,7 @@ var _ = Describe("Packet packer", func() { var dataLen protocol.ByteCount for _, p := range packets { for _, f := range p.frames { - if sf, ok := f.(*wire.StreamFrame); ok { - dataLen += sf.DataLen() - } + dataLen += f.(*wire.StreamFrame).DataLen() } } Expect(dataLen).To(Equal(expectedDataLen)) @@ -993,8 +750,6 @@ var _ = Describe("Packet packer", func() { }) It("packs two packets for retransmission if the original packet contained many STREAM frames", func() { - swf := &wire.StopWaitingFrame{} - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) var frames []wire.Frame var totalLen protocol.ByteCount @@ -1014,20 +769,15 @@ var _ = Describe("Packet packer", func() { }) Expect(err).ToNot(HaveOccurred()) Expect(packets).To(HaveLen(2)) - Expect(len(packets[0].frames) + len(packets[1].frames)).To(Equal(len(frames) + 2)) // all frames, plus 2 STOP_WAITING frames - Expect(packets[0].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) - Expect(packets[1].frames[0]).To(BeAssignableToTypeOf(&wire.StopWaitingFrame{})) - Expect(packets[0].frames[1:]).To(Equal(frames[:len(packets[0].frames)-1])) - Expect(packets[1].frames[1:]).To(Equal(frames[len(packets[0].frames)-1:])) + Expect(len(packets[0].frames) + len(packets[1].frames)).To(Equal(len(frames))) // all frames + Expect(packets[1].frames).To(Equal(frames[len(packets[0].frames):])) // check that the first packet was filled up as far as possible: - // if the first frame (after the STOP_WAITING) was packed into the first packet, it would have overflown the MaxPacketSize + // if the first frame was packed into the first packet, it would have overflown the MaxPacketSize Expect(len(packets[0].raw) + int(packets[1].frames[1].Length(packer.version))).To(BeNumerically(">", maxPacketSize-protocol.MinStreamFrameSize)) }) It("correctly sets the DataLenPresent on STREAM frames", func() { sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) - swf := &wire.StopWaitingFrame{} - ackFramer.EXPECT().GetStopWaitingFrame(true).Return(swf) frames := []wire.Frame{ &wire.StreamFrame{StreamID: 4, Data: []byte("foobar"), DataLenPresent: true}, &wire.StreamFrame{StreamID: 5, Data: []byte("barfoo")}, @@ -1039,11 +789,11 @@ var _ = Describe("Packet packer", func() { Expect(err).ToNot(HaveOccurred()) Expect(packets).To(HaveLen(1)) p := packets[0] - Expect(p.frames).To(HaveLen(3)) + Expect(p.frames).To(HaveLen(2)) + Expect(p.frames[0]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) Expect(p.frames[1]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) - Expect(p.frames[2]).To(BeAssignableToTypeOf(&wire.StreamFrame{})) - sf1 := p.frames[1].(*wire.StreamFrame) - sf2 := p.frames[2].(*wire.StreamFrame) + sf1 := p.frames[0].(*wire.StreamFrame) + sf2 := p.frames[1].(*wire.StreamFrame) Expect(sf1.StreamID).To(Equal(protocol.StreamID(4))) Expect(sf1.DataLenPresent).To(BeTrue()) Expect(sf2.StreamID).To(Equal(protocol.StreamID(5))) @@ -1062,18 +812,6 @@ var _ = Describe("Packet packer", func() { It("packs ACK packets", func() { sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 10}}} - swf := &wire.StopWaitingFrame{} - ackFramer.EXPECT().GetAckFrame().Return(ack) - ackFramer.EXPECT().GetStopWaitingFrame(false).Return(swf) - p, err := packer.MaybePackAckPacket() - Expect(err).NotTo(HaveOccurred()) - Expect(p.frames).To(Equal([]wire.Frame{ack, swf})) - }) - - It("doesn't add a STOP_WAITING frame for IETF QUIC", func() { - sealingManager.EXPECT().GetSealer().Return(protocol.EncryptionForwardSecure, sealer) - packer.version = versionIETFFrames - ack := &wire.AckFrame{AckRanges: []wire.AckRange{{Smallest: 1, Largest: 10}}} ackFramer.EXPECT().GetAckFrame().Return(ack) p, err := packer.MaybePackAckPacket() Expect(err).NotTo(HaveOccurred()) diff --git a/session.go b/session.go index cded206b..0c33d2a0 100644 --- a/session.go +++ b/session.go @@ -206,13 +206,11 @@ func newSession( s.unpacker = newPacketUnpackerGQUIC(cs, s.version) s.streamsMap = newStreamsMapLegacy(s.newStream, s.config.MaxIncomingStreams, s.perspective) s.framer = newFramer(s.cryptoStream, s.streamsMap, s.version) - s.packer = newPacketPacker( + s.packer = newPacketPackerLegacy( destConnID, srcConnID, - 1, s.sentPacketHandler.GetPacketNumberLen, s.RemoteAddr(), - nil, // no token divNonce, s.cryptoStream, cs, @@ -279,13 +277,11 @@ var newClientSession = func( s.unpacker = newPacketUnpackerGQUIC(cs, s.version) s.streamsMap = newStreamsMapLegacy(s.newStream, s.config.MaxIncomingStreams, s.perspective) s.framer = newFramer(s.cryptoStream, s.streamsMap, s.version) - s.packer = newPacketPacker( + s.packer = newPacketPackerLegacy( destConnID, srcConnID, - 1, s.sentPacketHandler.GetPacketNumberLen, s.RemoteAddr(), - nil, // no token nil, // no diversification nonce s.cryptoStream, cs, @@ -343,7 +339,6 @@ func newTLSServerSession( s.sentPacketHandler.GetPacketNumberLen, s.RemoteAddr(), nil, // no token - nil, // no diversification nonce s.cryptoStream, cs, s.framer, @@ -409,7 +404,6 @@ var newTLSClientSession = func( s.sentPacketHandler.GetPacketNumberLen, s.RemoteAddr(), token, - nil, // no diversification nonce s.cryptoStream, cs, s.framer,