Commit Graph

22 Commits

Author SHA1 Message Date
Matt Caswell
da1c088f59 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-07 09:59:15 +01:00
Hugo Landau
69169cd9fa QUIC: Version negotiation testing
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21764)
2023-08-29 15:33:39 +02:00
Tomas Mraz
4cc16b0557 quic_record_test.c: For tests that require ChaCha require also Poly1305
as both algorithms are really needed.

Fixes #21625

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
2023-08-14 15:55:33 +02:00
Hugo Landau
869ab3e707 QUIC QRX: Test for 1-RTT processing restriction
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
2a6f1f2f6e QUIC QRX: Don't process 1-RTT packets until handshake is complete
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21547)
2023-08-08 14:33:42 +01:00
Hugo Landau
5b9452e037 QUIC WIRE: Allow encoding/decoding of reserved header bits
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
2023-07-17 08:17:57 +10:00
Tomas Mraz
69aef72264 ossl_quic_wire_encode_pkt_hdr(): Assign ptrs only on static buf wpkt
Pointers can be invalidated when the underlying BUF_MEM grows.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21411)
2023-07-14 11:51:48 +02:00
Hugo Landau
754d2282cd QUIC RX: Support reporting the key epoch a packet was received with
This is needed to support key update validation on the receive side.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21029)
2023-06-16 09:26:28 +10:00
Matt Caswell
e8528c95a0 Enable tracing of packets that have been sent
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20914)
2023-05-24 12:18:33 +01:00
Hugo Landau
d7668ff213 QUIC DEMUX: Allow MTU to vary over time and autodetect MTU
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
2023-01-13 13:20:17 +00:00
Hugo Landau
6a80019862 QUIC: Remove RX depacketiser tests from QRL test suite
These create significant coupling between the QRL tests and the RXDP.
Moreover, the RXDP has no state of its own and is implemented as part of
the QUIC_CHANNEL, ergo it doesn't make that much sense to test it in
isolation.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
2023-01-13 13:20:16 +00:00
Hugo Landau
0f7b5cc9f3 QUIC RX: Refactor unsafe DCID consistency checking
Previously, we enforced the requirement that the DCIDs be the same for
all packets in a datagram by keeping a pointer to the first RXE
generated from a datagram. This is unsafe and could lead to a UAF if the
first packet is malformed, meaning that no RXE ended up being generated
from it. Keep track of the DCID directly instead, as we should enforce
this correctly even if the first packet in a datagram is malformed (but
has an intelligible header with a DCID and length).

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
2023-01-13 13:20:13 +00:00
Hugo Landau
70d45893d0 QUIC Wire Encoding: Support Retry Integrity Tag Calculation
This adds support for calculating and verifying retry integrity tags. In
order to support this, an 'unused' field is added to the QUIC packet
header structure so we can ensure that the serialization of the header
is bit-for-bit identical to what was decoded.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
2023-01-13 13:20:10 +00:00
Hugo Landau
203b0d00e0 QUIC RX: Do not handle auto-discard of Initial EL inside the QRX
While the QUIC RFCs state that the Initial EL should be auto-discarded
when successfully processing a packet at a higher EL, doing this inside
the QRX was not a good idea as this should be handled by the CSM.
We remove this functionality and adapt tests accordingly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
2023-01-13 13:20:10 +00:00
Hugo Landau
6d5d5fc9a9 QUIC RX: Support refcounted packets and eliminate wrapper
Previously, the QRX filled in a OSSL_QRX_PKT structure provided by the
caller. This necessitated the caller managing reference counting itself
using a OSSL_QRX_PKT_WRAP structure. The need for this structure has
been eliminated by adding refcounting support to the QRX itself. The QRX
now outputs a pointer to an OSSL_QRX_PKT instead of filling in a
structure provided by the caller. The OSSL_QRX_PKT_WRAP structure has
been eliminated.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
2023-01-13 13:20:10 +00:00
Hugo Landau
a73078b79f QUIC TX Packetiser and Streams Mapper
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19346)
2022-11-24 08:15:20 +00:00
Pauli
681c461910 test: condition out code that relies on CHACHA.
Run checker does a no-chacha build and tests fail because it can't be fetched.

Fixes #19363

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19366)
2022-10-10 14:16:08 +01:00
Richard Levitte
ecc920b327 Modify test/quic_record_test.c to also depacketize
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18838)
2022-09-23 17:59:04 +02:00
Hugo Landau
0ff9813744 Add deferred datagram limit to QUIC Record Layer RX
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19251)
2022-09-22 10:01:35 +01:00
Hugo Landau
948c656c66 TX key update support, RX time and PN reporting, general refactoring
- Adds an RX time field to the OSSL_QRX_PKT structure.

- Adds a timekeeping argument to ossl_demux_new which is used to determine
  packet reception time.

- Adds a decoded PN field to the OSSL_QRX_PKT structure.
  This has to be decoded by the QRX anyway, and its omission was an oversight.

- Key update support for the TX side.

- Minor refactoring.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18949)
2022-09-02 10:03:55 +02:00
Hugo Landau
1957148384 QUIC Record Layer (Refactor and TX Side)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18949)
2022-09-02 10:03:55 +02:00
Hugo Landau
ec279ac211 QUIC Demuxer and Record Layer (RX Side)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18949)
2022-09-02 10:03:55 +02:00