From 6d76d13e543bb9f5644737ca479baed1624abe43 Mon Sep 17 00:00:00 2001 From: Hugo Landau Date: Thu, 9 Nov 2023 10:27:14 +0000 Subject: [PATCH] QUIC DEMUX: Remove obsolete SRT handling code Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/22674) --- include/internal/quic_demux.h | 21 ------------------ ssl/quic/quic_demux.c | 42 +++-------------------------------- ssl/quic/quic_port.c | 8 ------- 3 files changed, 3 insertions(+), 68 deletions(-) diff --git a/include/internal/quic_demux.h b/include/internal/quic_demux.h index bca483a9a9..40a1bc412f 100644 --- a/include/internal/quic_demux.h +++ b/include/internal/quic_demux.h @@ -181,14 +181,6 @@ typedef struct quic_demux_st QUIC_DEMUX; typedef void (ossl_quic_demux_cb_fn)(QUIC_URXE *e, void *arg, const QUIC_CONN_ID *dcid); -/* - * Called when a datagram is received. - * Returns 1 if the datagram ends with a stateless reset token and - * 0 if not. - */ -typedef int (ossl_quic_stateless_reset_cb_fn)(const unsigned char *data, - size_t data_len, void *arg); - /* * Creates a new demuxer. The given BIO is used to receive datagrams from the * network using BIO_recvmmsg. short_conn_id_len is the length of destination @@ -237,18 +229,6 @@ void ossl_quic_demux_set_default_handler(QUIC_DEMUX *demux, ossl_quic_demux_cb_fn *cb, void *cb_arg); -/* - * Sets a callback for stateless reset processing. - * - * If set, this callback is called for datagrams for which we cannot identify - * a CID. This function should return 1 if there is a stateless reset token - * present and 0 if not. If there is a token present, the connection should - * also be reset. - */ -void ossl_quic_demux_set_stateless_reset_handler( - QUIC_DEMUX *demux, - ossl_quic_stateless_reset_cb_fn *cb, void *cb_arg); - /* * Releases a URXE back to the demuxer. No reference must be made to the URXE or * its buffer after calling this function. The URXE must not be in any queue; @@ -294,7 +274,6 @@ void ossl_quic_demux_reinject_urxe(QUIC_DEMUX *demux, #define QUIC_DEMUX_PUMP_RES_OK 1 #define QUIC_DEMUX_PUMP_RES_TRANSIENT_FAIL (-1) #define QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL (-2) -#define QUIC_DEMUX_PUMP_RES_STATELESS_RESET (-3) int ossl_quic_demux_pump(QUIC_DEMUX *demux); diff --git a/ssl/quic/quic_demux.c b/ssl/quic/quic_demux.c index 34d53b9f5c..b3e03a0bca 100644 --- a/ssl/quic/quic_demux.c +++ b/ssl/quic/quic_demux.c @@ -46,10 +46,6 @@ struct quic_demux_st { ossl_quic_demux_cb_fn *default_cb; void *default_cb_arg; - /* The stateless reset token checker handler, if any. */ - ossl_quic_stateless_reset_cb_fn *reset_token_cb; - void *reset_token_cb_arg; - /* * List of URXEs which are not currently in use (i.e., not filled with * unconsumed data). These are moved to the pending list as they are filled. @@ -153,14 +149,6 @@ void ossl_quic_demux_set_default_handler(QUIC_DEMUX *demux, demux->default_cb_arg = cb_arg; } -void ossl_quic_demux_set_stateless_reset_handler( - QUIC_DEMUX *demux, - ossl_quic_stateless_reset_cb_fn *cb, void *cb_arg) -{ - demux->reset_token_cb = cb; - demux->reset_token_cb_arg = cb_arg; -} - static QUIC_URXE *demux_alloc_urxe(size_t alloc_len) { QUIC_URXE *e; @@ -334,12 +322,12 @@ static int demux_identify_conn_id(QUIC_DEMUX *demux, /* * Process a single pending URXE. - * Returning 1 on success, 0 on failure and -1 on stateless reset. + * Returning 1 on success, 0 on failure. */ static int demux_process_pending_urxe(QUIC_DEMUX *demux, QUIC_URXE *e) { QUIC_CONN_ID dst_conn_id; - int r, dst_conn_id_ok = 0; + int dst_conn_id_ok = 0; /* The next URXE we process should be at the head of the pending list. */ if (!ossl_assert(e == ossl_list_urxe_head(&demux->urx_pending))) @@ -347,29 +335,6 @@ static int demux_process_pending_urxe(QUIC_DEMUX *demux, QUIC_URXE *e) assert(e->demux_state == URXE_DEMUX_STATE_PENDING); - /* - * Check if the packet ends with a stateless reset token and if it does - * skip it after dropping the connection. - * - * RFC 9000 s. 10.3.1 Detecting a Stateless Reset - * If the last 16 bytes of the datagram are identical in value to - * a stateless reset token, the endpoint MUST enter the draining - * period and not send any further packets on this connection. - * - * Returning a failure here causes the connection to enter the terminating - * state which achieves the desired outcome. - * - * TODO(QUIC FUTURE): only try to match unparsable packets - */ - if (demux->reset_token_cb != NULL) { - r = demux->reset_token_cb(ossl_quic_urxe_data(e), e->data_len, - demux->reset_token_cb_arg); - if (r > 0) /* Received a stateless reset */ - return -1; - if (r < 0) /* Error during stateless reset detection */ - return 0; - } - /* Determine the DCID of the first packet in the datagram. */ dst_conn_id_ok = demux_identify_conn_id(demux, e, &dst_conn_id); @@ -428,8 +393,7 @@ int ossl_quic_demux_pump(QUIC_DEMUX *demux) } if ((ret = demux_process_pending_urxl(demux)) <= 0) - return ret == 0 ? QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL - : QUIC_DEMUX_PUMP_RES_STATELESS_RESET; + return QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL; return QUIC_DEMUX_PUMP_RES_OK; } diff --git a/ssl/quic/quic_port.c b/ssl/quic/quic_port.c index 036c30f1f3..482f696e11 100644 --- a/ssl/quic/quic_port.c +++ b/ssl/quic/quic_port.c @@ -75,12 +75,6 @@ static int port_init(QUIC_PORT *port) get_time, port)) == NULL) goto err; - /* - * If we are a server, setup our handler for packets not corresponding to - * any known DCID on our end. This is for handling clients establishing new - * connections. - */ - // if (is_server) ossl_quic_demux_set_default_handler(port->demux, port_default_packet_handler, port); @@ -357,8 +351,6 @@ static void port_rx_pre(QUIC_PORT *port) * to the appropriate QRX instances. */ ret = ossl_quic_demux_pump(port->demux); - // TODO: handle ret, stateless reset - if (ret == QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL) /* * We don't care about transient failure, but permanent failure means we