lib/mvfst
1
0
Fork 0
mirror of https://github.com/facebookincubator/mvfst.git synced 2025-11-25 15:43:13 +03:00
Code Activity

Issue NewTokenFrame To Clients

Browse Source 
Summary:
- Issuing NewTokenFrames to clients, allowing them to verify their address in subsequent connections by including the token.
- add NewTokenFrame struct in the union type QuicSimpleFrame.
- Issued only once when the crypto handshake is complete.
- Testing includes validating token serialization & deserialization and asserting that the NewTokenFrame is only issued once on handshake completeness.

Reviewed By: mjoras

Differential Revision: D31673160

fbshipit-source-id: 9401ab1a4b878d8b4380d55afa531ec768f5f4cd
This commit is contained in:
Hani Damlaj
2021-12-10 20:34:35 -08:00
committed by Facebook GitHub Bot
parent 6c12cf403e
commit 7233c55d29
26 changed files with 600 additions and 345 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
quic/codec/Decode.cpp
View File

@@ -670,50 +670,20 @@ HandshakeDoneFrame decodeHandshakeDoneFrame(folly::io::Cursor& /*cursor*/) {
return HandshakeDoneFrame();
}
folly::Expected<RetryToken, TransportErrorCode> parsePlaintextRetryToken(
/**
* Both retry and new tokens have the same plaintext encoding: timestamp. We
* differentiate tokens based on the success of decrypting with differing aead
* associated data.
*/
folly::Expected<uint64_t, TransportErrorCode> parsePlaintextRetryOrNewToken(
folly::io::Cursor& cursor) {
// Read in the length of the odcid.
if (!cursor.canAdvance(sizeof(uint8_t))) {
return folly::makeUnexpected(TransportErrorCode::INVALID_TOKEN);
}
auto odcidLen = cursor.readBE<uint8_t>();
// Read in the odcid.
if (!cursor.canAdvance(odcidLen)) {
return folly::makeUnexpected(TransportErrorCode::INVALID_TOKEN);
}
ConnectionId connId(cursor, odcidLen);
// Read in the port.
if (!cursor.canAdvance(sizeof(uint16_t))) {
return folly::makeUnexpected(TransportErrorCode::INVALID_TOKEN);
}
auto clientPort = cursor.readBE<uint16_t>();
// Read in the length of the client ip address.
if (!cursor.canAdvance(sizeof(uint8_t))) {
return folly::makeUnexpected(TransportErrorCode::INVALID_TOKEN);
}
uint16_t ipAddrLen = cursor.readBE<uint8_t>();
if (!cursor.canAdvance(ipAddrLen)) {
return folly::makeUnexpected(TransportErrorCode::INVALID_TOKEN);
}
// Read in the ip address.
std::string ipAddressStr = cursor.readFixedString(ipAddrLen);
auto ipAddress = folly::IPAddress::tryFromString(ipAddressStr);
if (!ipAddress.hasValue()) {
return folly::makeUnexpected(TransportErrorCode::INVALID_TOKEN);
}
// Read in the timestamp
if (!cursor.canAdvance(sizeof(uint64_t))) {
return folly::makeUnexpected(TransportErrorCode::INVALID_TOKEN);
}
auto timestampInMs = cursor.readBE<uint64_t>();
return RetryToken(connId, *ipAddress, clientPort, timestampInMs);
return timestampInMs;
}
DatagramFrame decodeDatagramFrame(BufQueue& queue, bool hasLen) {