gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
1,737 Commits 1 Branch 126 Tags
d72c0c80bca062208b265e3314ba364b8ee82a29
Commit Graph

227 Commits

Author SHA1 Message Date
Marten Seemann
d72c0c80bc fix check for STK generation time 2017-07-11 16:33:06 +07:00
Marten Seemann
73bd3772d5 fix flaky STK test 2017-06-27 18:01:19 +02:00
Marten Seemann
e1e076e375 Merge pull request #667 from lucas-clemente/goftm-imports 
run gofmt to fix ordering of imports
 2017-06-14 10:05:52 +02:00
Marten Seemann
987905149b run gofmt to fix ordering of imports 2017-06-13 18:07:22 +02:00
Thomas De Keulenaer
9a6cb5eb4d Default flow lvls should be tested at client/server.go lvl 2017-06-13 16:43:46 +02:00
Thomas De Keulenaer
4fa7b9e569 Let server and client fill the flow variables 2017-06-13 16:42:06 +02:00
Thomas De Keulenaer
89f96d1e89 Make max flow control windows configurable 2017-06-13 15:52:51 +02:00
Marten Seemann
9a55fe234f Merge pull request #648 from lucas-clemente/internalize-utils 
make utils an internal package
 2017-06-11 11:54:49 +02:00
Marten Seemann
c0b09c8646 make utils an internal package 2017-06-09 22:28:40 +02:00
Lucas Clemente
e43b91f633 Fix encryption of stream data 
This commit splits up handling of the crypto stream and the other streams in the framer, crypto setup, and the packer.

- Crypto stream data is handled separately and should never be sent unencrypted or FW-secure. Fixes #544.
- Non-crypto stream data is only sent with FW encryption on the server and only with non-FW or FW encryption on the client. Fixes #611.

The crypto stream is current excluded from flow control (#657), but that shouldn't be an issue in practice for now.
 2017-06-09 19:12:10 +02:00
Marten Seemann
6144ebed21 don’t panic if the STK doesn’t contain any data 2017-05-26 23:26:42 +08:00
Marten Seemann
ef4699adef use ASN1 to marshal source address tokens 2017-05-25 11:49:24 +08:00
Marten Seemann
afc9b11715 use a prefix to distinguish IPs and net.Addrs in source address tokens 2017-05-25 11:49:24 +08:00
Marten Seemann
87df63dd5f add a quic.Config option to verify source address tokes 2017-05-25 11:49:19 +08:00
Marten Seemann
eb72b494b2 generate valid tokens for remote addresses that are not UDP addresses 2017-05-20 23:27:40 +08:00
Marten Seemann
8e01921495 move comparison of the source address in the STK to the STKGenerator 2017-05-20 23:27:40 +08:00
Marten Seemann
9562df5838 move the STK generation from the ServerConfig to a separate struct 2017-05-20 23:27:40 +08:00
Marten Seemann
6cc6d49a10 save the STK expiry time as a time.Duration 2017-05-20 23:27:40 +08:00
Marten Seemann
81985f44bd move the STK expiration check to the cryptoSetup 2017-05-20 23:27:39 +08:00
Marten Seemann
e68e2d287a pass remote address to cryptoSetupServer 2017-05-20 23:27:38 +08:00
Marten Seemann
7a18b870e8 add a quic.Config option to ask the server to truncate the connection ID 2017-05-13 17:19:09 +08:00
Jan Rüth
4983119be5 added test to verify C255 KEXS's PUBs must not be the first thing in the public values 2017-05-12 15:02:38 +02:00
Jan Rüth
7465ee128d removed parenthesis and added more detailed error description 2017-05-12 14:14:27 +02:00
Jan Rüth
6a0b2d04d6 Added tests to check if PUBS is invalid and made sure a valid PUBS is requested by default 2017-05-11 21:15:52 +02:00
Jan Rüth
f558bdebed Added parsing of PUBS tag and filtering according to KEXS 
This now allows quic-go to contact servers announcing multiple KEXS methods, e.g. like Akamai.
 2017-05-11 19:54:49 +02:00
Marten Seemann
adc4ef464a simplify the CryptoSetup.SetDiversificationNonce interface 
Pass the diversification nonce via a channel instead of setting it
directly. That way there is no need to protect the diversificationNonce
member by a mutex. Also prevents a possible deadlock that occurred when
SetDiversificationNonce was called before maybeUpgradeCrypto returned.
 2017-05-11 21:56:41 +08:00
Marten Seemann
8c4fe4ff80 fix race when setting the diversification nonce in clientCryptoSetup 2017-05-11 21:56:35 +08:00
Marten Seemann
df5ce0f6ae print handshake messages in sorted order 
The sorting is not alphabetical, but by tag value. While this is not
perfect, it makes comparing two messages easier, since the values don’t
appear in random order.
 2017-05-11 21:31:33 +08:00
Marten Seemann
acbd14f940 implement a HandshakeMessage struct 
This makes passing handshake messages around easier, since it’s now one
struct instead of one message tag and one data map.
 2017-05-11 21:31:31 +08:00
Marten Seemann
77c4d6aa4e remove unused TeeReader in cryptoSetupClient 2017-05-10 18:58:48 +08:00
Marten Seemann
3a357369b0 use a directed aeadChanged chan in the crypto setups 2017-05-09 18:41:40 +08:00
Marten Seemann
0a6a9551f8 close the aeadChanged chan when the handshake completes 
This allows us to remove HandshakeComplete() from the CryptoSetup
interface. It also provides a signal to the session when the handshake
completes.
 2017-05-09 18:40:23 +08:00
Marten Seemann
2e0f5473a0 Merge pull request #577 from lucas-clemente/fix-565 
add a quic.Config option for QUIC versions
 2017-05-09 18:30:04 +08:00
Marten Seemann
2014ced934 fix data race in client crypto setup 2017-05-06 23:44:15 +08:00
Marten Seemann
b3419633a6 fix data race in server crypto setup 2017-05-06 23:43:43 +08:00
Marten Seemann
b305cd674f make it possible to configure the QUIC versions for the server 2017-05-05 18:05:57 +08:00
Marten Seemann
0a2c37d42a add QUIC 37 to supported versions 
fixes #375
Chrome tests are disabled for QUIC 37, since the Chrome version in the
docker image doesn’t support this version yet.
 2017-04-29 16:59:32 +07:00
Marten Seemann
3c223b22a2 include peer perspective in nullAEAD 
ref #375
 2017-04-27 18:05:24 +07:00
Lucas Clemente
130620d18c Merge pull request #511 from lucas-clemente/simplify 
Simplify code in a few places
 2017-04-13 17:06:41 +02:00
Lucas Clemente
013d7fdb30 Simplify code in a few places 
Found by running `gosimple ./...`
 2017-04-13 16:43:58 +02:00
Lucas Clemente
dd89967035 Fix wrong scfg expiry test in some timezones 
Fixes #533.
 2017-04-13 16:30:34 +02:00
Lucas Clemente
e2a0d9f77c Remove several unused fields and symbols 
Detected with `unused -exports=true ./...`
 2017-04-05 21:46:33 +01:00
Marten Seemann
584fc021bf add tests for incorrect nullAEAD signatures in both cryptoSetups 2017-03-22 19:32:54 +07:00
Marten Seemann
19aad731ed improve logging and tests of cryptoSetupServer 2017-03-22 19:23:48 +07:00
Marten Seemann
2903f9b238 return a lambda to for sealing a packet in the CryptoSetup 2017-03-22 16:52:00 +07:00
Marten Seemann
a0bb98207b Merge pull request #489 from lucas-clemente/fix-411 
send a Public Reset when receiving a CHLO with the FHL2 tag
 2017-03-20 16:07:08 +07:00
Marten Seemann
6d5c9776e9 send a Public Reset when receiving a CHLO with the FHL2 tag 
Fixes #411.

Chrome sends the FHL2 when it wants to perform a head-of-line blocking
experiment, introduced in QUIC version 36 (see
https://codereview.chromium.org/2115033002). We don’t support this
experiment. By sending a Public Reset when receiving this tag we force
Chrome to use the TCP fallback.
 2017-03-20 12:35:34 +07:00
Marten Seemann
28c115fee1 drop support for QUIC 34 
fixes #368
 2017-03-19 20:57:28 +07:00
Marten Seemann
8c5e7818a0 retransmit the diversification nonce in the packet carrying the SHLO 
The packet containing the SHLO is the only packet that is sent with
initial encryption. If it is lost, we need to make sure that the
diversification nonce is included in the PublicHeader, otherwise the
client will not be able to derive the keys for the forward-secure
encryption.
 2017-03-01 15:11:01 +07:00
Marten Seemann
b5c8c11c0c switch to forward-secure encryption after sending the SHLO 2017-03-01 14:11:25 +07:00