gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
1,545 Commits 1 Branch 126 Tags
f558bdebed0bc55f12500670953a0aeb832fa5e4
Commit Graph

203 Commits

Author SHA1 Message Date
Jan Rüth
f558bdebed Added parsing of PUBS tag and filtering according to KEXS 
This now allows quic-go to contact servers announcing multiple KEXS methods, e.g. like Akamai.
 2017-05-11 19:54:49 +02:00
Marten Seemann
adc4ef464a simplify the CryptoSetup.SetDiversificationNonce interface 
Pass the diversification nonce via a channel instead of setting it
directly. That way there is no need to protect the diversificationNonce
member by a mutex. Also prevents a possible deadlock that occurred when
SetDiversificationNonce was called before maybeUpgradeCrypto returned.
 2017-05-11 21:56:41 +08:00
Marten Seemann
8c4fe4ff80 fix race when setting the diversification nonce in clientCryptoSetup 2017-05-11 21:56:35 +08:00
Marten Seemann
df5ce0f6ae print handshake messages in sorted order 
The sorting is not alphabetical, but by tag value. While this is not
perfect, it makes comparing two messages easier, since the values don’t
appear in random order.
 2017-05-11 21:31:33 +08:00
Marten Seemann
acbd14f940 implement a HandshakeMessage struct 
This makes passing handshake messages around easier, since it’s now one
struct instead of one message tag and one data map.
 2017-05-11 21:31:31 +08:00
Marten Seemann
77c4d6aa4e remove unused TeeReader in cryptoSetupClient 2017-05-10 18:58:48 +08:00
Marten Seemann
3a357369b0 use a directed aeadChanged chan in the crypto setups 2017-05-09 18:41:40 +08:00
Marten Seemann
0a6a9551f8 close the aeadChanged chan when the handshake completes 
This allows us to remove HandshakeComplete() from the CryptoSetup
interface. It also provides a signal to the session when the handshake
completes.
 2017-05-09 18:40:23 +08:00
Marten Seemann
2e0f5473a0 Merge pull request #577 from lucas-clemente/fix-565 
add a quic.Config option for QUIC versions
 2017-05-09 18:30:04 +08:00
Marten Seemann
2014ced934 fix data race in client crypto setup 2017-05-06 23:44:15 +08:00
Marten Seemann
b3419633a6 fix data race in server crypto setup 2017-05-06 23:43:43 +08:00
Marten Seemann
b305cd674f make it possible to configure the QUIC versions for the server 2017-05-05 18:05:57 +08:00
Marten Seemann
0a2c37d42a add QUIC 37 to supported versions 
fixes #375
Chrome tests are disabled for QUIC 37, since the Chrome version in the
docker image doesn’t support this version yet.
 2017-04-29 16:59:32 +07:00
Marten Seemann
3c223b22a2 include peer perspective in nullAEAD 
ref #375
 2017-04-27 18:05:24 +07:00
Lucas Clemente
130620d18c Merge pull request #511 from lucas-clemente/simplify 
Simplify code in a few places
 2017-04-13 17:06:41 +02:00
Lucas Clemente
013d7fdb30 Simplify code in a few places 
Found by running `gosimple ./...`
 2017-04-13 16:43:58 +02:00
Lucas Clemente
dd89967035 Fix wrong scfg expiry test in some timezones 
Fixes #533.
 2017-04-13 16:30:34 +02:00
Lucas Clemente
e2a0d9f77c Remove several unused fields and symbols 
Detected with `unused -exports=true ./...`
 2017-04-05 21:46:33 +01:00
Marten Seemann
584fc021bf add tests for incorrect nullAEAD signatures in both cryptoSetups 2017-03-22 19:32:54 +07:00
Marten Seemann
19aad731ed improve logging and tests of cryptoSetupServer 2017-03-22 19:23:48 +07:00
Marten Seemann
2903f9b238 return a lambda to for sealing a packet in the CryptoSetup 2017-03-22 16:52:00 +07:00
Marten Seemann
a0bb98207b Merge pull request #489 from lucas-clemente/fix-411 
send a Public Reset when receiving a CHLO with the FHL2 tag
 2017-03-20 16:07:08 +07:00
Marten Seemann
6d5c9776e9 send a Public Reset when receiving a CHLO with the FHL2 tag 
Fixes #411.

Chrome sends the FHL2 when it wants to perform a head-of-line blocking
experiment, introduced in QUIC version 36 (see
https://codereview.chromium.org/2115033002). We don’t support this
experiment. By sending a Public Reset when receiving this tag we force
Chrome to use the TCP fallback.
 2017-03-20 12:35:34 +07:00
Marten Seemann
28c115fee1 drop support for QUIC 34 
fixes #368
 2017-03-19 20:57:28 +07:00
Marten Seemann
8c5e7818a0 retransmit the diversification nonce in the packet carrying the SHLO 
The packet containing the SHLO is the only packet that is sent with
initial encryption. If it is lost, we need to make sure that the
diversification nonce is included in the PublicHeader, otherwise the
client will not be able to derive the keys for the forward-secure
encryption.
 2017-03-01 15:11:01 +07:00
Marten Seemann
b5c8c11c0c switch to forward-secure encryption after sending the SHLO 2017-03-01 14:11:25 +07:00
Marten Seemann
9e147714ac pack smaller packets as long as the encryption is not forward secure 2017-03-01 14:01:52 +07:00
Marten Seemann
599926e3cb add a method to force the encryption level when sealing a packet 2017-03-01 14:01:51 +07:00
Marten Seemann
6cb19e42a5 explicitly pass encryption level in the aeadChanges channel 2017-02-25 21:38:08 +07:00
Marten Seemann
0c20f5e9b3 return the encryption level used for Sealing 2017-02-25 08:27:14 +07:00
Marten Seemann
a972c7a21e return the encryption level of a packet when decrypting it 2017-02-25 08:27:08 +07:00
Marten Seemann
eb7a7f79f7 add tests for clientCryptoSetup Open and Seal methods 2017-02-24 11:42:41 +07:00
Marten Seemann
cd465ae0b5 move utils.Stream to quic.Stream 2017-02-22 23:03:09 +07:00
Marten Seemann
7fe2a37c76 use byte-slice instead of net.IP for generating source address tokens 2017-02-22 23:03:07 +07:00
Marten Seemann
268841f0cc add a TLSClientConfig to the QUIC RoundTripper 
fixes #407
 2017-02-04 10:28:00 +07:00
Marten Seemann
713df41c8b verify certificates using a client TLS config, if given 
ref #407
 2017-02-03 15:46:38 +07:00
Marten Seemann
90983470e8 fix logging of REJs and SHLOs 2017-02-02 14:16:46 +07:00
Marten Seemann
c71e8cfb25 log sent CHLOs 2017-01-14 19:00:24 +07:00
Marten Seemann
82f2298658 fix race condition in client crypto setup 2017-01-14 19:00:23 +07:00
Marten Seemann
db09de621c detect version downgrade attacks in the client crypto setup 2017-01-14 18:58:47 +07:00
Marten Seemann
53706049c7 read connection parameters when receiving a SHLO 2017-01-14 18:58:46 +07:00
Marten Seemann
a587af079d improve the connection parameters manager for the client 2017-01-14 18:58:46 +07:00
Marten Seemann
64c4bede3e remove unnecessary loop from connection parameters manager 2017-01-14 18:58:45 +07:00
Marten Seemann
a0bdf79b5b create an aeadChanged channel in the client crypto setup 2017-01-14 18:52:25 +07:00
Marten Seemann
9fc9522539 implement a HandshakeComplete method in the client crypto setup 2017-01-14 18:52:24 +07:00
Marten Seemann
f72fbc57a9 send connection parameters in CHLO 2017-01-14 18:52:24 +07:00
Marten Seemann
dde5ce465c enforce presence of version list in SHLO 2017-01-14 18:52:23 +07:00
Marten Seemann
2589a6eff9 reject unencrypted SHLOs 2017-01-14 18:52:23 +07:00
Marten Seemann
e19416a43b use server nonce in key derivation for initial encryption, if available 2017-01-14 18:52:23 +07:00
Marten Seemann
b8e11d6e67 improve tests for key derivation 2017-01-14 18:52:23 +07:00