gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
2,975 Commits 1 Branch 126 Tags
1227dc8a24fb1606d77269de3a0bbabf8b4651ea
Commit Graph

435 Commits

Author SHA1 Message Date
Marten Seemann
1227dc8a24 remove the handshakeCompleteChan from the TLS crypto setup 
In TLS, we know that the handshake completed when RunHandshake() returns.
 2018-10-29 17:33:06 +07:00
Marten Seemann
06f96f4b6e wait until the Handshake() go routine returned before returning Close() 2018-10-29 15:05:58 +07:00
Marten Seemann
4a326ad00a implement closing of the TLS crypto setup 
When the crypto setup is closed, the go rounine running the
qtls.Handshake() needs to return.
 2018-10-29 15:05:58 +07:00
Marten Seemann
b63c81f0bf try decrypting undecryptable packets when the encryption level changes 
There's no need to do this asynchronously any more when using TLS.
 2018-10-26 17:10:00 +07:00
Marten Seemann
387c28d707 when the encryption level changes, reject data on that crypto stream 
There are two checks that need to be performed:
1. the crypto stream must not have any more data queued for reading
2. when receiving CRYPTO frames for that crypto stream afterwards, they
must not exceed the highest offset received on that stream
 2018-10-26 17:09:52 +07:00
Marten Seemann
19e5feef57 move TLS message header parsing logic to the crypto stream 2018-10-26 16:40:29 +07:00
Marten Seemann
2dbc29a5bd fix error handling in the TLS crypto setup 
There are two ways that an error can occur during the handshake:
1. as a return value from qtls.Handshake()
2. when new data is passed to the crypto setup via HandleData()
We need to make sure that the RunHandshake() as well as HandleData()
both return if an error occurs at any step during the handshake.
 2018-10-26 16:18:53 +07:00
Marten Seemann
82508f1562 use tls-tris instead of mint 2018-10-26 16:18:49 +07:00
Marten Seemann
5102294991 use separate chans to signal handshake events and handshake completion 2018-10-26 16:11:25 +07:00
Marten Seemann
3516780264 change the label and the context of HKDF-Expand-Label 
This now uses the draft-14 test vectors from the QUIC WG wiki.
 2018-10-26 16:11:25 +07:00
Marten Seemann
99c5d0df25 rename qhkdfExpand to hkdfExpandLabel, add hash parameter 2018-10-26 16:11:25 +07:00
Marten Seemann
454a01b2a0 introduce the IETF QUIC encryption levels 2018-10-26 16:11:25 +07:00
Marten Seemann
d2a52a1433 implement parsing, writing and logging of CRYPTO frames 2018-10-26 16:11:25 +07:00
Marten Seemann
a97536913b Merge pull request #1553 from lucas-clemente/unique-transport-parameters 
check that every transport parameter is sent at most once
 2018-10-25 10:15:44 +07:00
Marten Seemann
a7f94d89b6 only allow a single retry 2018-10-24 23:48:33 +07:00
Marten Seemann
74952a4331 check that every transport parameter is sent at most once 2018-10-24 23:33:37 +07:00
Marten Seemann
fbc3041e4d add logging for skipped packet numbers 2018-10-14 21:39:18 +01:00
Marten Seemann
225106b58c Merge pull request #1540 from lucas-clemente/packet-packer-tests 
improve the packet packer tests
 2018-10-09 10:30:24 +02:00
Lucas Clemente
05abe81c50 Merge pull request #1538 from ludweeg/ludweeg/assignOp 
simplify `x = x <op> ...` to `x <op>= ...`
 2018-10-09 09:59:06 +02:00
Marten Seemann
b000c32796 use a mock sealing manager in the packet packer tests 2018-10-06 06:49:37 +02:00
ludweeg
8ff3bf8ca6 simplify x = x <op> ... to x <op>= ... 2018-10-06 01:59:45 +03:00
Marten Seemann
c1f55ba910 use tls.Config.ServerName for the passing the hostname around 2018-10-02 14:47:18 -07:00
Marten Seemann
41808516c8 merge ACK and ACK_ECN into a single frame 2018-09-27 12:11:52 -06:00
Marten Seemann
1f9b59693c Merge pull request #1522 from lucas-clemente/hkdf 
remove dependency on mint for HKDF
 2018-09-20 14:13:51 -04:00
Marten Seemann
a1bea2c3af implement HKDF expansion 2018-09-20 13:54:16 -04:00
Marten Seemann
3eea16ce93 implement HKDF extraction 2018-09-19 21:54:20 -04:00
Marten Seemann
d0bc89fb74 make the idle_timeout transport parameter optional 2018-09-19 13:28:10 -04:00
Marten Seemann
91d65baf1b add gQUIC 44 to the supported versions 2018-08-28 08:49:29 +07:00
Marten Seemann
73a1a0e509 implement writing of the gQUIC 44 header 2018-08-28 08:49:29 +07:00
Marten Seemann
a98fd88a1b implement parsing of the gQUIC 44 header 2018-08-28 08:49:29 +07:00
Marten Seemann
88505b79a7 disable sending and receiving of STOP_WAITING frames in QUIC 44 2018-08-28 08:49:13 +07:00
Marten Seemann
afbd2e1962 drop support for gQUIC 42 2018-08-27 19:13:06 +07:00
Marten Seemann
46f8c07daa improve the version negotiation integration test 2018-08-27 09:29:26 +07:00
Marten Seemann
e0e831f1fc implement (un)marshalling of the transport parameters 2018-08-20 15:34:37 +07:00
Marten Seemann
00e1884a88 move reading of stateless reset tokens to the transport parameter struct 2018-08-20 15:34:37 +07:00
Marten Seemann
2c75b795ae move adding of stateless reset tokens to the transport parameter struct 2018-08-20 15:34:37 +07:00
Marten Seemann
1bb9a7e1ac don't require the flow control values in the transport parameters 2018-08-19 10:36:47 +07:00
Marten Seemann
3ff262dd7f Merge pull request #1489 from lucas-clemente/go-1.11 
update CIs to Go 1.11
 2018-08-16 12:27:13 +07:00
Marten Seemann
e23c08eef9 update CIs to Go 1.11 2018-08-16 11:51:23 +07:00
Marten Seemann
623fcd85b0 move the mint cookie protector to the handshake package 
It's duplicate code now, but it reduces the dependency on mint.
 2018-08-16 11:50:43 +07:00
Marten Seemann
7bf5cb6e2a Merge pull request #1487 from lucas-clemente/version-negotiate-ietf-and-gquic 
allow version negotiation between IETF QUIC and gQUIC, and vice versa
 2018-08-15 19:47:35 +07:00
Marten Seemann
c840bd4177 allow version negotiation between IETF QUIC and gQUIC, and vice versa 2018-08-15 17:10:05 +07:00
Marten Seemann
9608e8563f only accept 3 retries 
While the server is allowed to perform multiple Retries, the client
should impose a limit in order to avoid being caught in an endless loop.
 2018-08-14 18:35:25 +07:00
Marten Seemann
872e1747f4 always use connection IDs longer than 8 bytes when sending a Retry 
A server is allowed to perform multiple Retries. There's little to gain
from doing so, but it's something our API allows. If a server performs
multiple Retries, it must use a connection ID that's at least 8 bytes
long. Only if it doesn't perform any further Retries it is allowed to
use shorter IDs. Therefore, we're on the safe side by always using a
long connection ID.
This shouldn't have a performance impact, since the server changes the
connection ID to a short value with the first Handshake packet it sends.
 2018-08-14 17:34:21 +07:00
Marten Seemann
77f5d30338 buffer writes to the crypto stream 
mint performs a Write for every state change. This results in a lot of
small packets getting sent when using an unbuffered connection. By
buffering, we make sure that packets are filled up properly.
 2018-08-13 08:47:29 +07:00
Marten Seemann
f88b7bb175 implement the new Retry mechanism 2018-08-13 08:47:29 +07:00
Marten Seemann
d8aa49d0f9 implement writing and parsing of the new Retry packet 2018-08-13 08:47:29 +07:00
Marten Seemann
e39251c8b5 implement writing and parsing of Initial packets containing a Token 2018-08-13 08:47:29 +07:00
Marten Seemann
f9c1de5779 make it possible to generate mocks of private internal interfaces 2018-08-11 14:49:49 +07:00
Marten Seemann
defafec71e use retransmissions as TLP packets 2018-08-09 22:28:28 +07:00