Summary:
(1) Receiving a valid retry packet is a HappyEyeballs signal. We should
use that to update the happy eyeballs state.
(2) HappyEyeballs state should also be preserved when we undo client connection
state for retry.
Reviewed By: mjoras
Differential Revision: D25728713
fbshipit-source-id: 4ff06879f5a05e6fb4faeb1e9f330e251d3dbcb6
Summary:
When I tested against picoquic, I found that an exception was thrown here: https://fburl.com/diffusion/qsnzingx.
The reason is that we modify `conn.initialDestinationConnectionId` in the event of a retry, so it's no longer the original destination connection id. By separately keeping track of the original destination connection id, we can solve this issue.
Reviewed By: mjoras
Differential Revision: D23722127
fbshipit-source-id: 94be08812e675feaf46f5af86e7304af84c1910c
Summary: This is a temporary hack until we properly implement 0-rtt transport parameter updating. Now after 0-rtt we will use the packet size from the peer as the max packet size, if the can ignore setting is set.
Reviewed By: xttjsn
Differential Revision: D23690019
fbshipit-source-id: b4dbf5702e81e52ccd437e0fa68f4d156c7123be
Summary: This was in the right spirit, but doesn't work because we don't actually update the transport parameters if 0-rtt was accepted, so this ends up being the packet size in perpetuity.
Reviewed By: lnicco, xttjsn
Differential Revision: D23689185
fbshipit-source-id: c45eca1e388534f07eeafbb2c075e133bac071f8
Summary:
This is a bug, for 0rtt, even if the can ignore flag is set, we shouldn't trust the old max packet size. If it has changed then the peer will fail to decrypt anything.
There are open questions here around the PMTU we use for the handshake/0rtt, but let's just punt on those for now.
Reviewed By: udippant, xttjsn
Differential Revision: D23641082
fbshipit-source-id: aba93713091805e9498ab2c14b24bccf18192c02
Summary:
First step towards d6d. Semantically we need to separate the old `udpSendPacketLen` into `peerMaxPacketSize` as well as `currPMTU`. The former is directly tied to the peer's max_packet_size transport parameter whereas the second is controlled by d6d. To get the actual udp mss, call `conn_->getUdpSendPacketLen()`, which will use the minimum of the two if d6d is enabled, otherwise it will fallback to use `peerMaxPacketSize` only.
During processClientInitialParams and processServerInitialParams, we no longer need to check whether `canIgnorePathMTU` is set because that logic is moved to `setUdpSendPacketLen`. If d6d is enabled, we set both `peerMaxPacketSize` and `currPMTU` to `packetSize` because receiving an initial packet of size x indicates both that the peer accepts x-sized packet and that the PMTU is at least x.
Many call sites and tests are changed.
Faebook:
For now, d6d is considered enabled if `canIgnorePathMTU==false` and `turnoffPMTUD==true`. Down the road, from semantic & practical POV at least one of them should be renamed to something like `enableD6D`, since enabling d6d implies turning off PMTUD and that we should not ignore PMTU. We can keep one for the sake of testing.
Reviewed By: mjoras
Differential Revision: D22049806
fbshipit-source-id: 7a9b30b7e2519c132101509be56a9e63b803dc93
Summary:
This implements the connection ID validation via transport parameters. Note we don't do anything with the retry transport parameter yet.
This will probably require further surgery to tests when we want the MVFST version to do this, but for now I'm punting on that test plumbing.
This retains support for h3-27.
Reviewed By: yangchi
Differential Revision: D22045631
fbshipit-source-id: e93841e734c0683655c751d808fd90b3b391eb3e
Summary: The spec suggests doing this, and it is a better semantic than only considering the local one.
Reviewed By: yangchi
Differential Revision: D21433433
fbshipit-source-id: c38abc04810eb8807597991ce8801d81f9edc462
Summary: This will limit us to standard Ethernet MTU (1500) for now, but I think that is fine. This will allow us to experiment with packet size from the client more easily.
Reviewed By: yangchi
Differential Revision: D20709146
fbshipit-source-id: 608463de53d4520a257052491683263e14fc9682
Summary:
This ensures they are available to the whole stack rather than the transport only. The validator needs it in the server case, and will soon need it in the client case, so that seems appropriate to make it available.
Pull Request resolved: https://github.com/facebookincubator/mvfst/pull/117
Reviewed By: yangchi
Differential Revision: D20536366
Pulled By: mjoras
fbshipit-source-id: a76d369c0a82b9be1f985aed1f33f7a6b338a2ae
Summary:
All the state already moved there anyways, and this is closely related to the Psk cache management, which is also moving away from QuicClientTransport.
Pull Request resolved: https://github.com/facebookincubator/mvfst/pull/109
Reviewed By: mjoras
Differential Revision: D20463300
Pulled By: yangchi
fbshipit-source-id: e9f0dc6285ccc6fd8cdc98d0e3579e6af8b00306
Summary: This has a mandatory minimum of 2. This diff doesn't fix the unit tests which use a lower value, but currently other clients will fail our connection as this is a MUST.
Reviewed By: lnicco
Differential Revision: D20299054
fbshipit-source-id: 769337ccc5bdf75b7b85518bf88e393979b63f3f
Summary: This is a somewhat arbitrary limit, but is useful for keepin a client from making the server build an enormous packet.
Reviewed By: yangchi
Differential Revision: D19438682
fbshipit-source-id: 2ec3b8c8ba630804e954f606ada2cc00682b3657
Summary:
QuicCachedPsk depends on fizz, CachedServerTransportParameters doesn't, so this is one step further toward separating fizz specific part of the code from the rest.
Pull Request resolved: https://github.com/facebookincubator/mvfst/pull/84
Reviewed By: sharma95
Differential Revision: D19386613
Pulled By: udippant
fbshipit-source-id: 06bc21108aa7880e1f1820cb8a4c6dbee392c9c4
Summary:
Client will set their active_connection_id_limit to the server as 7 (so it will
have 8 conn ids in total).
Reviewed By: JunqiWang
Differential Revision: D18532441
fbshipit-source-id: b0be65cec9f7c483469b0b4a2810bc370a6945c3
Summary: The state machine logic is quite abstruse, this modifies it to make it more readable.
Reviewed By: siyengar
Differential Revision: D18488301
fbshipit-source-id: c6fd52973880931e34904713e8b147f56d0c4629
Summary:
This will allow to be able to create different kind of handshake going forward.
Pull Request resolved: https://github.com/facebookincubator/mvfst/pull/59
Reviewed By: siyengar
Differential Revision: D18088574
Pulled By: mjoras
fbshipit-source-id: 0732bb63a9e243fef77cdaf4f76e711fcb09ecdc
Summary:
^
This parameter was added in d-21. Default value is 0 meaning no provided
connection id apart from the initial ones. This limits the amount of connection
ids the peer provides via `NEW_CONNECTION_ID` frame.
Diff to set this value will be added in later, along with `NEW_CONNECTION_ID`.
Reviewed By: JunqiWang
Differential Revision: D17532007
fbshipit-source-id: 5b86f69a8d3372fbcb7e0882508ea2661a9d4864
Summary:
Fixes include
1. Added packet_sent qlog event where it should be.
2. Reinitialize the qLogger after retry.
3. Fix issue where retry fails because packetNum can't be found.
Reviewed By: mjoras
Differential Revision: D16403221
fbshipit-source-id: 9288c1b24e98dc11e3b83575f58ca05445261ae3
Summary: These were changed to varints. To support this we need to do some extra horrible version plumbing. I don't want to keep this long term but it works for now.
Reviewed By: yangchi
Differential Revision: D16293568
fbshipit-source-id: a9ea9083be160aa3e6b338a7d70d7f00e44ec5ab
Summary:
Fixed QuicClientTransportIntegrationTest:
SetUp() shouldn't set maxStreams manually. Instead, client should read serverTransportParams after 1 rtt.
The tests used to call createBidiStream right after client->start(), changed that to only sending data after onTransportReady.
Reviewed By: mjoras
Differential Revision: D15293209
fbshipit-source-id: 88e739d72f1fad76666af003d446d068e6d5fac7
Summary:
Draft-19 onwards effectively punted version negotiation to QUICv2. Now receiving version negotiation on clients is treated as an immediate termination of the connection.
The transport parameter format has also changed to no longer include any reference to the QUIC version. To avoid us (Facebook) having to turn off QUIC traffic in production, our server needs to be able to parse these transport parameters from our older clients. To achieve this when parsing the transport parameters we will, as a temporary measure, check for the Facebook QUIC version to determine which transport parameter format we are parsing. Luckily for us the version we chose maps nicely to an implausible length for the transport parameters (0xface).
Note that this diff still has the client send the old transport parameter format, so that the rollout can be staged.
Reviewed By: yangchi
Differential Revision: D15203481
fbshipit-source-id: dfaaddc3acc76434461b04430b82a0902138c060
Summary: This changed in to be in milliseconds d19 forward.
Reviewed By: yangchi
Differential Revision: D15183837
fbshipit-source-id: 561218321dcb51ec41093cafbdb967db2d4b3660
Summary:
This diff implements the handling of retry packets. As per the spec:
1. A client MUST accept and process at most one Retry packet for each connection attempt. After the client has received and processed an Initial or Retry packet from the server, it MUST discard any subsequent Retry packets that it receives.
2. Clients MUST discard Retry packets that contain an Original Destination Connection ID field that does not match the Destination Connection ID from its Initial packet. This prevents an off-path attacker from injecting a Retry packet.
3. The client responds to a Retry packet with an Initial packet that includes the provided Retry Token to continue connection establishment.
4. A client sets the Destination Connection ID field of this Initial packet to the value from the Source Connection ID in the Retry packet. Changing Destination Connection ID also results in a change to the keys used to protect the Initial packet. It also sets the Token field to the token provided in the Retry.
Reviewed By: mjoras
Differential Revision: D14464508
fbshipit-source-id: 212539a588378fb0d795caaec150959680172781
