implement stateless handling of Initial packets for the TLS server

2025-04-06 13:47:35 +03:00 · 2017-11-11 08:38:27 +08:00 · 2017-11-11 08:38:27 +08:00 · 25a6dc9654
commit 25a6dc9654
parent 57c6f3ceb5
36 changed files with 1617 additions and 724 deletions
--- a/client_test.go
+++ b/client_test.go
@ -8,6 +8,7 @@ import (
 	"sync/atomic"
 	"time"

+	"github.com/lucas-clemente/quic-go/internal/handshake"
 	"github.com/lucas-clemente/quic-go/internal/protocol"
 	"github.com/lucas-clemente/quic-go/internal/wire"
 	"github.com/lucas-clemente/quic-go/qerr"
@ -45,10 +46,9 @@ var _ = Describe("Client", func() {
 		msess, _ := newMockSession(nil, 0, 0, nil, nil, nil)
 		sess = msess.(*mockSession)
 		addr = &net.UDPAddr{IP: net.IPv4(192, 168, 100, 200), Port: 1337}
-		packetConn = &mockPacketConn{
-			addr:         &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 1234},
-			dataReadFrom: addr,
-		}
+		packetConn = newMockPacketConn()
+		packetConn.addr = &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 1234}
+		packetConn.dataReadFrom = addr
 		config = &Config{
 			Versions: []protocol.VersionNumber{protocol.SupportedVersions[0], 77, 78},
 		}
@ -87,7 +87,7 @@ var _ = Describe("Client", func() {
 				_ protocol.VersionNumber,
 				_ []protocol.VersionNumber,
 			) (packetHandler, error) {
-				Expect(conn.Write([]byte("fake CHLO"))).To(Succeed())
+				Expect(conn.Write([]byte("0 fake CHLO"))).To(Succeed())
 				return sess, nil
 			}
 			origGenerateConnectionID = generateConnectionID
@ -101,7 +101,7 @@ var _ = Describe("Client", func() {
 		})

 		It("dials non-forward-secure", func() {
-			packetConn.dataToRead = acceptClientVersionPacket(cl.connectionID)
+			packetConn.dataToRead <- acceptClientVersionPacket(cl.connectionID)
 			dialed := make(chan struct{})
 			go func() {
 				defer GinkgoRecover()
@ -151,7 +151,7 @@ var _ = Describe("Client", func() {
 		})

 		It("Dial only returns after the handshake is complete", func() {
-			packetConn.dataToRead = acceptClientVersionPacket(cl.connectionID)
+			packetConn.dataToRead <- acceptClientVersionPacket(cl.connectionID)
 			dialed := make(chan struct{})
 			go func() {
 				defer GinkgoRecover()
@ -237,7 +237,7 @@ var _ = Describe("Client", func() {

 		It("returns an error that occurs while waiting for the connection to become secure", func() {
 			testErr := errors.New("early handshake error")
-			packetConn.dataToRead = acceptClientVersionPacket(cl.connectionID)
+			packetConn.dataToRead <- acceptClientVersionPacket(cl.connectionID)
 			done := make(chan struct{})
 			go func() {
 				defer GinkgoRecover()
@ -251,7 +251,7 @@ var _ = Describe("Client", func() {

 		It("returns an error that occurs while waiting for the handshake to complete", func() {
 			testErr := errors.New("late handshake error")
-			packetConn.dataToRead = acceptClientVersionPacket(cl.connectionID)
+			packetConn.dataToRead <- acceptClientVersionPacket(cl.connectionID)
 			done := make(chan struct{})
 			go func() {
 				defer GinkgoRecover()
@ -330,10 +330,6 @@ var _ = Describe("Client", func() {
 				newVersion := protocol.VersionNumber(77)
 				Expect(newVersion).ToNot(Equal(cl.version))
 				Expect(config.Versions).To(ContainElement(newVersion))
-				packetConn.dataToRead = wire.ComposeGQUICVersionNegotiation(
-					cl.connectionID,
-					[]protocol.VersionNumber{newVersion},
-				)
 				sessionChan := make(chan *mockSession)
 				handshakeChan := make(chan handshakeEvent)
 				newClientSession = func(
@ -348,10 +344,7 @@ var _ = Describe("Client", func() {
 				) (packetHandler, error) {
 					initialVersion = initialVersionP
 					negotiatedVersions = negotiatedVersionsP
-					// make the server accept the new version
-					if len(negotiatedVersionsP) > 0 {
-						packetConn.dataToRead = acceptClientVersionPacket(connectionID)
-					}
+
 					sess := &mockSession{
 						connectionID:  connectionID,
 						stopRunLoop:   make(chan struct{}),
@ -364,18 +357,26 @@ var _ = Describe("Client", func() {
 				established := make(chan struct{})
 				go func() {
 					defer GinkgoRecover()
-					err := cl.establishSecureConnection()
+					err := cl.dial()
 					Expect(err).ToNot(HaveOccurred())
 					close(established)
 				}()
+				go cl.listen()
+
 				actualInitialVersion := cl.version
 				var firstSession, secondSession *mockSession
 				Eventually(sessionChan).Should(Receive(&firstSession))
-				Eventually(sessionChan).Should(Receive(&secondSession))
+				packetConn.dataToRead <- wire.ComposeGQUICVersionNegotiation(
+					cl.connectionID,
+					[]protocol.VersionNumber{newVersion},
+				)
 				// it didn't pass the version negoation packet to the old session (since it has no payload)
-				Expect(firstSession.packetCount).To(BeZero())
 				Eventually(func() bool { return firstSession.closed }).Should(BeTrue())
 				Expect(firstSession.closeReason).To(Equal(errCloseSessionForNewVersion))
+				Expect(firstSession.packetCount).To(BeZero())
+				Eventually(sessionChan).Should(Receive(&secondSession))
+				// make the server accept the new version
+				packetConn.dataToRead <- acceptClientVersionPacket(secondSession.connectionID)
 				Consistently(func() bool { return secondSession.closed }).Should(BeFalse())
 				Expect(cl.connectionID).ToNot(BeEquivalentTo(0x1337))
 				Expect(negotiatedVersions).To(ContainElement(newVersion))
@ -398,20 +399,23 @@ var _ = Describe("Client", func() {
 					_ []protocol.VersionNumber,
 				) (packetHandler, error) {
 					atomic.AddUint32(&sessionCounter, 1)
-					return sess, nil
+					return &mockSession{
+						connectionID: connectionID,
+						stopRunLoop:  make(chan struct{}),
+					}, nil
 				}
-				go cl.establishSecureConnection()
+				go cl.dial()
 				Eventually(func() uint32 { return atomic.LoadUint32(&sessionCounter) }).Should(BeEquivalentTo(1))
 				newVersion := protocol.VersionNumber(77)
 				Expect(newVersion).ToNot(Equal(cl.version))
 				Expect(config.Versions).To(ContainElement(newVersion))
 				cl.handlePacket(nil, wire.ComposeGQUICVersionNegotiation(0x1337, []protocol.VersionNumber{newVersion}))
-				Expect(atomic.LoadUint32(&sessionCounter)).To(BeEquivalentTo(2))
+				Eventually(func() uint32 { return atomic.LoadUint32(&sessionCounter) }).Should(BeEquivalentTo(2))
 				newVersion = protocol.VersionNumber(78)
 				Expect(newVersion).ToNot(Equal(cl.version))
 				Expect(config.Versions).To(ContainElement(newVersion))
 				cl.handlePacket(nil, wire.ComposeGQUICVersionNegotiation(0x1337, []protocol.VersionNumber{newVersion}))
-				Expect(atomic.LoadUint32(&sessionCounter)).To(BeEquivalentTo(2))
+				Consistently(func() uint32 { return atomic.LoadUint32(&sessionCounter) }).Should(BeEquivalentTo(2))
 			})

 			It("errors if no matching version is found", func() {
@ -482,7 +486,7 @@ var _ = Describe("Client", func() {
 		Expect(sess.closed).To(BeFalse())
 	})

-	It("creates new sessions with the right parameters", func() {
+	It("creates new GQUIC sessions with the right parameters", func() {
 		closeErr := errors.New("peer doesn't reply")
 		c := make(chan struct{})
 		var cconn connection
@ -516,12 +520,84 @@ var _ = Describe("Client", func() {
 		Eventually(c).Should(BeClosed())
 		Expect(cconn.(*conn).pconn).To(Equal(packetConn))
 		Expect(hostname).To(Equal("quic.clemente.io"))
-		Expect(version).To(Equal(cl.version))
+		Expect(version).To(Equal(config.Versions[0]))
 		Expect(conf.Versions).To(Equal(config.Versions))
 		sess.Close(closeErr)
 		Eventually(dialed).Should(BeClosed())
 	})

+	It("creates new TLS sessions with the right parameters", func() {
+		config.Versions = []protocol.VersionNumber{protocol.VersionTLS}
+		c := make(chan struct{})
+		var cconn connection
+		var hostname string
+		var version protocol.VersionNumber
+		var conf *Config
+		newTLSClientSession = func(
+			connP connection,
+			hostnameP string,
+			versionP protocol.VersionNumber,
+			_ protocol.ConnectionID,
+			configP *Config,
+			tls handshake.MintTLS,
+			paramsChan <-chan handshake.TransportParameters,
+			_ protocol.PacketNumber,
+		) (packetHandler, error) {
+			cconn = connP
+			hostname = hostnameP
+			version = versionP
+			conf = configP
+			close(c)
+			return sess, nil
+		}
+		dialed := make(chan struct{})
+		go func() {
+			defer GinkgoRecover()
+			Dial(packetConn, addr, "quic.clemente.io:1337", nil, config)
+			close(dialed)
+		}()
+		Eventually(c).Should(BeClosed())
+		Expect(cconn.(*conn).pconn).To(Equal(packetConn))
+		Expect(hostname).To(Equal("quic.clemente.io"))
+		Expect(version).To(Equal(config.Versions[0]))
+		Expect(conf.Versions).To(Equal(config.Versions))
+		sess.Close(errors.New("peer doesn't reply"))
+		Eventually(dialed).Should(BeClosed())
+	})
+
+	It("creates a new session when the server performs a retry", func() {
+		config.Versions = []protocol.VersionNumber{protocol.VersionTLS}
+		sessionChan := make(chan *mockSession)
+		newTLSClientSession = func(
+			connP connection,
+			hostnameP string,
+			versionP protocol.VersionNumber,
+			_ protocol.ConnectionID,
+			configP *Config,
+			tls handshake.MintTLS,
+			paramsChan <-chan handshake.TransportParameters,
+			_ protocol.PacketNumber,
+		) (packetHandler, error) {
+			sess := &mockSession{
+				stopRunLoop: make(chan struct{}),
+			}
+			sessionChan <- sess
+			return sess, nil
+		}
+		dialed := make(chan struct{})
+		go func() {
+			defer GinkgoRecover()
+			Dial(packetConn, addr, "quic.clemente.io:1337", nil, config)
+			close(dialed)
+		}()
+		var firstSession, secondSession *mockSession
+		Eventually(sessionChan).Should(Receive(&firstSession))
+		firstSession.Close(handshake.ErrCloseSessionForRetry)
+		Eventually(sessionChan).Should(Receive(&secondSession))
+		secondSession.Close(errors.New("stop test"))
+		Eventually(dialed).Should(BeClosed())
+	})
+
 	Context("handling packets", func() {
 		It("handles packets", func() {
 			ph := wire.Header{
@ -532,7 +608,7 @@ var _ = Describe("Client", func() {
 			b := &bytes.Buffer{}
 			err := ph.Write(b, protocol.PerspectiveServer, cl.version)
 			Expect(err).ToNot(HaveOccurred())
-			packetConn.dataToRead = b.Bytes()
+			packetConn.dataToRead <- b.Bytes()

 			Expect(sess.packetCount).To(BeZero())
 			stoppedListening := make(chan struct{})