gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
5,634 Commits 1 Branch 126 Tags
08af9fc2c1f499c2ea2535bac44f822d57c21c53
Commit Graph

399 Commits

Author SHA1 Message Date
Marten Seemann
f51cc93770 drop support for QUIC draft version 32 and 34 2021-07-06 09:50:10 -07:00
Marten Seemann
22112b7b66 use HkdfExtract from x/crypto 
This means we don't have to expose it in qtls any more.
 2021-05-30 20:26:55 -07:00
Marten Seemann
540c6ec074 Merge pull request #3174 from lucas-clemente/use-tls-cipher-suite-name 
use tls.CipherSuiteName, instead of wrapping it in the qtls package
 2021-05-29 11:45:39 -07:00
Marten Seemann
599d181316 use tls.CipherSuiteName, instead of wrapping it in the qtls package 2021-05-10 20:41:21 -07:00
Marten Seemann
05af55b0c9 use a pre-generated test vectors to test hkdfExpandLabel 
The only reason we were using qtls.HkdfExpandLabel was to test our own
implementation of HKDF-Expand-Label. By using a pre-generated test
vector, we won't have to expose this function from qtls any more.
 2021-05-10 20:41:05 -07:00
Marten Seemann
6b771df453 add support for QUIC v1 2021-05-01 10:05:29 +07:00
Marten Seemann
592fb9cad9 introduce a dedicated qerr.TransportError and qerr.ApplicationError 2021-05-01 09:38:48 +07:00
Marten Seemann
31ac5ca60d allow 0-RTT when the server's connection receive limit is increased 2021-03-17 18:53:54 +08:00
Marten Seemann
3588cddd43 allow 0-RTT resumption if the server's stream limit was increased 2021-03-11 21:37:40 +08:00
Marten Seemann
bd172b2a5a fix retry key and nonce for draft-34 2021-03-03 23:01:42 +08:00
Marten Seemann
ac16ee565b Merge pull request #3049 from lucas-clemente/mockgen-source-mode 
update gomock to v1.5.0, use mockgen source mode
 2021-03-02 21:27:48 +08:00
Marten Seemann
110f949441 trace dropping of 0-RTT keys 2021-03-01 10:37:31 +08:00
Marten Seemann
efe6d02bef use mockgen source mode 2021-02-20 09:59:44 +08:00
Marten Seemann
383f1a6e89 update gomock to v1.5.0 2021-02-20 09:33:43 +08:00
Marten Seemann
9dba8141ba use the updated TLS extension code point for draft-34 2021-02-11 09:46:00 +08:00
Marten Seemann
f01a2c6b96 use the updated salt for draft-34 2021-02-11 09:46:00 +08:00
Marten Seemann
f9226887b4 rename ReadVarint / WriteVarInt / VarIntLen to Read / Write / Len 2021-01-02 00:15:07 +08:00
Marten Seemann
11c5045065 move varint encoding / decoding to a separate package 
... which is not internal.
 2021-01-01 11:46:45 +08:00
Marten Seemann
95334202c5 fix decoding of packet numbers in different packet number spaces 
When QUIC abandoned the "stream 0" design, it introduced separate
packet number spaces for packets with different encryption levels.
Packet number compression now also works per packet number space.
The current code doesn't lead to any problems if the peer starts sending
with packet number 0, as we only exchange a few packets in the Initial
and the Handshake packet number space and there's nothing to compress.
It might lead to problems if the peer starts with a large packet number
in one space (which is allowed by the spec), and then starts with a
small packet number in another packet number space.
 2020-12-03 23:35:27 +07:00
Marten Seemann
c968b18a21 select the H3 ALPN based on the QUIC version in use (for the H3 server) 2020-10-29 13:44:23 +07:00
Marten Seemann
8752576f26 run gofumpt, enable the gofumpt linter 2020-10-26 09:33:35 +07:00
Marten Seemann
471e82f883 Merge pull request #2807 from lucas-clemente/fix-post-handshake-message-error-handling 
fix error handling when receiving post handshake messages
 2020-10-06 20:23:53 +07:00
Marten Seemann
145e7b10d0 Merge pull request #2811 from lucas-clemente/fix-first-key-update 
allow the first key update immediately after handshake confirmation
 2020-10-06 20:23:19 +07:00
Marten Seemann
55a07c34ee add the exhaustive linter 2020-10-05 13:47:57 +07:00
Marten Seemann
1c38acd8c9 allow the first key update immediately after handshake confirmation 2020-09-30 14:12:07 +07:00
Marten Seemann
b9090d71ae rename cryptoSetup.DropHandshakeKeys() to SetHandshakeConfirmed() 2020-09-30 12:14:16 +07:00
Marten Seemann
6ad29e721e fix error handling when receiving post handshake messages 2020-09-28 14:02:46 +07:00
Marten Seemann
ebe051b2cc Merge pull request #2805 from lucas-clemente/improve-crypto-error-string 
include the error code in the string for CRYPTO_ERRORs
 2020-09-26 17:54:17 +07:00
Marten Seemann
c92b0379cf Merge pull request #2804 from lucas-clemente/check-quic-transport-parameter-extension 
fail the handshake if the quic_transport_parameter extension is missing
 2020-09-26 17:53:51 +07:00
Marten Seemann
77f7476bf7 include the error code in the string for CRYPTO_ERRORs 2020-09-25 20:23:05 +07:00
Marten Seemann
98c437e98e fail the handshake if the quic_transport_parameter extension is missing 2020-09-25 17:11:22 +07:00
Marten Seemann
9ce5426da0 fix deadlock in crypto setup when it is closed while handling a message 2020-09-25 14:06:32 +07:00
Marten Seemann
a063500d73 use a package-level variable to set the key update frequency 2020-09-22 19:55:52 +07:00
Marten Seemann
e94db952b7 correctly handle key updates within the 3 PTO period 
We need to:
* stop the timer to drop the previous generation
* correctly log that the N-1 keys are dropped immediately when keys are
updated to N+1
 2020-09-22 19:28:46 +07:00
Marten Seemann
9d4b4f6bf0 check that the peer updated its keys when acknowledging a key update 2020-09-15 13:37:48 +07:00
Marten Seemann
45246dad22 count number of failed decryptions, error when lifetime-limit is reached 2020-09-14 14:07:56 +07:00
Marten Seemann
ba9f98d83a Merge pull request #2770 from lucas-clemente/key-update-error 
use the KEY_UPDATE_ERROR
 2020-09-14 14:01:43 +07:00
Marten Seemann
891c129024 Merge pull request #2769 from lucas-clemente/fix-dropping-of-key-phase-0 
fix dropping of key phase 0
 2020-09-14 14:00:37 +07:00
Marten Seemann
c9bfde9ac0 fix handling of multiple handshake messages in the case of errors 
When receiving a handshake message after another handshake messages that
doesn't cause any action from the TLS stack (i.e. Certificate and
CertificateVerify), the handshake would run into a deadlock if the first
of these handshake messages caused an error in the TLS stack.

We need to make sure that we wait until a message has been fully
processed before proceeding with the handshake.
 2020-09-13 20:13:57 +07:00
Marten Seemann
8cb0570cb1 use the KEY_UPDATE_ERROR code when the peer updates keys too frequently 2020-09-10 18:14:33 +07:00
Marten Seemann
1dc629ad69 don't set a timer to drop keys for key phase 0 2020-09-10 15:18:05 +07:00
Marten Seemann
a87fdf1a7d fix debug log messages for key updates 2020-09-10 14:58:22 +07:00
Marten Seemann
854940cecc don't drop keys for key phase N before receiving a N+1-protected packet 2020-09-10 11:11:59 +07:00
Marten Seemann
67decc5df9 Merge pull request #2765 from lucas-clemente/log-key-retirements 
log when an old 1-RTT key is retired
 2020-09-10 10:23:02 +07:00
Marten Seemann
ca0f0a8ac2 Merge pull request #2757 from lucas-clemente/key-phase-error-on-successful-decryption 
only return an invalid first key phase error for decryptable packets
 2020-09-09 23:58:59 +07:00
Marten Seemann
074f5a202e log when old 1-RTT keys are dropped 2020-09-09 23:53:47 +07:00
Marten Seemann
ade2882ef4 fix logging of locally initiated key updates 2020-09-09 23:22:10 +07:00
Marten Seemann
34c325919c only return an invalid first key phase error for decryptable packets 2020-09-07 21:12:54 +07:00
Marten Seemann
556bf18dbf inject a random source into the token protector 2020-08-23 17:06:17 +07:00
Marten Seemann
977dbc828c move all dependencies on qtls to a separate package 2020-08-18 14:26:23 +07:00