Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 7fd59789f2fb45bc4b59fd67a00b51241140d712 / . / src / h3.c
blob: 550f932b8c7ba83d3f246f348d618229bed5837f [file] [log] [blame]
Frédéric Lécailleccac11f2021-03-03 16:09:02 +0100[diff] [blame]1/*
2 * HTTP/3 protocol processing
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation, version 2.1
7 * exclusively.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19#include <haproxy/buf.h>
20#include <haproxy/dynbuf.h>
21#include <haproxy/h3.h>
22#include <haproxy/istbuf.h>
23#include <haproxy/mux_quic.h>
24#include <haproxy/pool.h>
25#include <haproxy/qpack-dec.h>
26#include <haproxy/tools.h>
27#include <haproxy/xprt_quic.h>
28
29#define DEBUG_H3
30
31#if defined(DEBUG_H3)
32#define h3_debug_printf fprintf
33#define h3_debug_hexdump debug_hexdump
34#else
35#define h3_debug_printf(...) do { } while (0)
36#define h3_debug_hexdump(...) do { } while (0)
37#endif
38
39#define H3_CF_SETTINGS_SENT 0x00000001
40
41/* Default settings */
42static uint64_t h3_settings_qpack_max_table_capacity = 4096;
43static uint64_t h3_settings_qpack_blocked_streams = 100;
44static uint64_t h3_settings_max_field_section_size; /* Unlimited */
45
46struct h3 {
47 struct qcc *qcc;
48 enum h3_err err;
49 uint32_t flags;
50 /* Locally initiated uni-streams */
51 struct h3_uqs lqpack_enc;
52 struct h3_uqs lqpack_dec;
53 struct h3_uqs lctrl;
54 /* Remotely initiated uni-streams */
55 struct h3_uqs rqpack_enc;
56 struct h3_uqs rqpack_dec;
57 struct h3_uqs rctrl;
58 /* Settings */
59 uint64_t qpack_max_table_capacity;
60 uint64_t qpack_blocked_streams;
61 uint64_t max_field_section_size;
62 struct buffer_wait buf_wait; /* wait list for buffer allocations */
63};
64
65DECLARE_STATIC_POOL(pool_head_h3, "h3", sizeof(struct h3));
66
67/* Simple function to duplicate a buffer */
68static inline struct buffer h3_b_dup(struct buffer *b)
69{
70 return b_make(b->area, b->size, b->head, b->data);
71}
72
73static int qcs_buf_available(void *target)
74{
75 struct h3_uqs *h3_uqs = target;
76 struct qcs *qcs = h3_uqs->qcs;
77
78 if ((qcs->flags & OUQS_SF_TXBUF_MALLOC) && b_alloc(&qcs->tx.buf)) {
79 qcs->flags &= ~OUQS_SF_TXBUF_MALLOC;
80 tasklet_wakeup(h3_uqs->wait_event.tasklet);
81 return 1;
82 }
83
84 return 0;
85}
86
87static struct buffer *h3_uqs_get_buf(struct h3_uqs *h3_uqs)
88{
89 struct buffer *buf = NULL;
90 struct h3 *h3 = h3_uqs->qcs->qcc->ctx;
91
92 if (likely(!LIST_INLIST(&h3->buf_wait.list)) &&
93 unlikely((buf = b_alloc(&h3_uqs->qcs->tx.buf)) == NULL)) {
94 h3->buf_wait.target = h3_uqs;
95 h3->buf_wait.wakeup_cb = qcs_buf_available;
96 LIST_APPEND(&ti->buffer_wq, &h3->buf_wait.list);
97 }
98
99 return buf;
100}
101
102/* Decode a h3 frame header made of two QUIC varints from <b> buffer.
103 * Returns the number of bytes consumed if there was enough data in <b>, 0 if not.
104 * Note that this function update <b> buffer to reflect the number of bytes consumed
105 * to decode the h3 frame header.
106 */
107static inline size_t h3_decode_frm_header(uint64_t *ftype, uint64_t *flen,
108 struct buffer *b)
109{
110 size_t hlen;
111
112 hlen = 0;
113 if (!b_quic_dec_int(ftype, b, &hlen) || !b_quic_dec_int(flen, b, &hlen))
114 return 0;
115
116 return hlen;
117}
118
119/* Decode <qcs> remotely initiated bidi-stream */
120static int h3_decode_qcs(struct qcs *qcs, void *ctx)
121{
122 struct buffer *rxbuf = &qcs->rx.buf;
123 struct h3 *h3 = ctx;
124
125 h3_debug_printf(stderr, "%s: STREAM ID: %llu\n", __func__, qcs->by_id.key);
126 if (!b_data(rxbuf))
127 return 0;
128
129 while (b_data(rxbuf)) {
130 size_t hlen;
131 uint64_t ftype, flen;
132 struct buffer b;
133
134 /* Work on a copy of <rxbuf> */
135 b = h3_b_dup(rxbuf);
136 hlen = h3_decode_frm_header(&ftype, &flen, &b);
137 if (!hlen)
138 break;
139
140 h3_debug_printf(stderr, "%s: ftype: %llu, flen: %llu\n", __func__,
141 (unsigned long long)ftype, (unsigned long long)flen);
142 if (flen > b_data(&b))
143 break;
144
145 b_del(rxbuf, hlen);
146 switch (ftype) {
147 case H3_FT_DATA:
148 break;
149 case H3_FT_HEADERS:
150 {
151 const unsigned char *buf = (const unsigned char *)b_head(rxbuf);
152 size_t len = b_data(rxbuf);
153 struct buffer *tmp = get_trash_chunk();
154
155 if (qpack_decode_fs(buf, len, tmp) < 0) {
156 h3->err = QPACK_DECOMPRESSION_FAILED;
157 return -1;
158 }
159 break;
160 }
161 case H3_FT_PUSH_PROMISE:
162 /* Not supported */
163 break;
164 default:
165 /* Error */
166 h3->err = H3_FRAME_UNEXPECTED;
167 return -1;
168 }
169 b_del(rxbuf, flen);
170 }
171
172 return 1;
173}
174
175/* Parse a SETTINGS frame which must not be truncated with <flen> as length from
176 * <rxbuf> buffer. This function does not update this buffer.
177 * Returns 0 if something wrong happened, 1 if not.
178 */
179static int h3_parse_settings_frm(struct h3 *h3, const struct buffer *rxbuf, size_t flen)
180{
181 uint64_t id, value;
182 const unsigned char *buf, *end;
183
184 buf = (const unsigned char *)b_head(rxbuf);
185 end = buf + flen;
186
187 while (buf <= end) {
188 if (!quic_dec_int(&id, &buf, end) || !quic_dec_int(&value, &buf, end))
189 return 0;
190
191 h3_debug_printf(stderr, "%s id: %llu value: %llu\n",
192 __func__, (unsigned long long)id, (unsigned long long)value);
193 switch (id) {
194 case H3_SETTINGS_QPACK_MAX_TABLE_CAPACITY:
195 h3->qpack_max_table_capacity = value;
196 break;
197 case H3_SETTINGS_MAX_FIELD_SECTION_SIZE:
198 h3->max_field_section_size = value;
199 break;
200 case H3_SETTINGS_QPACK_BLOCKED_STREAMS:
201 h3->qpack_blocked_streams = value;
202 break;
203 case H3_SETTINGS_RESERVED_2 ... H3_SETTINGS_RESERVED_5:
204 h3->err = H3_SETTINGS_ERROR;
205 return 0;
206 default:
207 /* MUST be ignored */
208 break;
209 }
210 }
211
212 return 1;
213}
214
215/* Decode <qcs> remotely initiated uni-stream. We stop parsing a frame as soon as
216 * there is not enough received data.
217 * Returns 0 if something wrong happened, 1 if not.
218 */
219static int h3_control_recv(struct h3_uqs *h3_uqs, void *ctx)
220{
221 struct buffer *rxbuf = &h3_uqs->qcs->rx.buf;
222 struct h3 *h3 = ctx;
223
224 h3_debug_printf(stderr, "%s STREAM ID: %llu\n", __func__, h3_uqs->qcs->by_id.key);
225 if (!b_data(rxbuf))
226 return 1;
227
228 while (b_data(rxbuf)) {
229 size_t hlen;
230 uint64_t ftype, flen;
231 struct buffer b;
232
233 /* Work on a copy of <rxbuf> */
234 b = h3_b_dup(rxbuf);
235 hlen = h3_decode_frm_header(&ftype, &flen, &b);
236 if (!hlen)
237 break;
238
239 h3_debug_printf(stderr, "%s: ftype: %llu, flen: %llu\n", __func__,
240 (unsigned long long)ftype, (unsigned long long)flen);
241 if (flen > b_data(&b))
242 break;
243
244 b_del(rxbuf, hlen);
245 /* From here, a frame must not be truncated */
246 switch (ftype) {
247 case H3_FT_CANCEL_PUSH:
248 break;
249 case H3_FT_SETTINGS:
250 if (!h3_parse_settings_frm(h3, rxbuf, flen))
251 return 0;
252 break;
253 case H3_FT_GOAWAY:
254 break;
255 case H3_FT_MAX_PUSH_ID:
256 break;
257 default:
258 /* Error */
259 h3->err = H3_FRAME_UNEXPECTED;
260 return 0;
261 }
262 b_del(rxbuf, flen);
263 }
264
265 if (b_data(rxbuf))
266 h3->qcc->conn->mux->ruqs_subscribe(h3_uqs->qcs, SUB_RETRY_RECV, &h3->rctrl.wait_event);
267
268 return 1;
269}
270
271int h3_txbuf_cpy(struct h3_uqs *h3_uqs, unsigned char *buf, size_t len)
272{
273 struct buffer *res = &h3_uqs->qcs->tx.buf;
274 struct qcc *qcc = h3_uqs->qcs->qcc;
275 int ret;
276
277 ret = 0;
278 if (!h3_uqs_get_buf(h3_uqs)) {
279 qcc->flags |= OUQS_SF_TXBUF_MALLOC;
280 goto out;
281 }
282
283 ret = b_istput(res, ist2((char *)buf, len));
284 if (unlikely(!ret))
285 qcc->flags |= OUQS_SF_TXBUF_FULL;
286
287 out:
288 return ret;
289}
290
291/* Function used to emit stream data from <h3_uqs> control uni-stream */
292static int h3_control_send(struct h3_uqs *h3_uqs, void *ctx)
293{
294 int ret;
295 struct h3 *h3 = ctx;
296 unsigned char data[(2 + 3) * 2 * QUIC_VARINT_MAX_SIZE]; /* enough for 3 settings */
297 unsigned char *pos, *end;
298
299 ret = 0;
300 pos = data;
301 end = pos + sizeof data;
302 if (!(h3->flags & H3_CF_SETTINGS_SENT)) {
303 struct qcs *qcs = h3_uqs->qcs;
304 struct buffer *txbuf = &qcs->tx.buf;
305 size_t frm_len;
306
307 frm_len = quic_int_getsize(H3_SETTINGS_QPACK_MAX_TABLE_CAPACITY) +
308 quic_int_getsize(h3_settings_qpack_max_table_capacity) +
309 quic_int_getsize(H3_SETTINGS_QPACK_BLOCKED_STREAMS) +
310 quic_int_getsize(h3_settings_qpack_blocked_streams);
311 if (h3_settings_max_field_section_size) {
312 frm_len += quic_int_getsize(H3_SETTINGS_MAX_FIELD_SECTION_SIZE) +
313 quic_int_getsize(h3_settings_max_field_section_size);
314 }
315
316 quic_enc_int(&pos, end, H3_UNI_STRM_TP_CONTROL_STREAM);
317 /* Build a SETTINGS frame */
318 quic_enc_int(&pos, end, H3_FT_SETTINGS);
319 quic_enc_int(&pos, end, frm_len);
320 quic_enc_int(&pos, end, H3_SETTINGS_QPACK_MAX_TABLE_CAPACITY);
321 quic_enc_int(&pos, end, h3_settings_qpack_max_table_capacity);
322 quic_enc_int(&pos, end, H3_SETTINGS_QPACK_BLOCKED_STREAMS);
323 quic_enc_int(&pos, end, h3_settings_qpack_blocked_streams);
324 if (h3_settings_max_field_section_size) {
325 quic_enc_int(&pos, end, H3_SETTINGS_MAX_FIELD_SECTION_SIZE);
326 quic_enc_int(&pos, end, h3_settings_max_field_section_size);
327 }
328 ret = h3_txbuf_cpy(h3_uqs, data, pos - data);
329 if (ret < 0) {
330 qc_error(qcs->qcc, H3_INTERNAL_ERROR);
331 return ret;
332 }
333
334 if (ret > 0) {
335 h3->flags |= H3_CF_SETTINGS_SENT;
336 luqs_snd_buf(h3_uqs->qcs, txbuf, b_data(&qcs->tx.buf), 0);
337 }
338 if (b_data(&qcs->tx.buf))
339 qcs->qcc->conn->mux->luqs_subscribe(qcs, SUB_RETRY_SEND, &h3->lctrl.wait_event);
340 }
341
342 return ret;
343}
344
345/* Finalize the initialization of remotely initiated uni-stream <qcs>.
346 * Return 1 if succeeded, 0 if not. In this latter case, set the ->err h3 error
347 * to inform the QUIC mux layer of the encountered error.
348 */
349static int h3_attach_ruqs(struct qcs *qcs, void *ctx)
350{
351 uint64_t strm_type;
352 struct h3 *h3 = ctx;
353 struct buffer *rxbuf = &qcs->rx.buf;
354
355 /* First octets: the uni-stream type */
356 if (!b_quic_dec_int(&strm_type, rxbuf, NULL) || strm_type > H3_UNI_STRM_TP_MAX)
357 return 0;
358
359 /* Note that for all the uni-streams below, this is an error to receive two times the
360 * same type of uni-stream (even for Push stream which is not supported at this time.
361 */
362 switch (strm_type) {
363 case H3_UNI_STRM_TP_CONTROL_STREAM:
364 if (h3->rctrl.qcs) {
365 h3->err = H3_STREAM_CREATION_ERROR;
366 return 0;
367 }
368
369 h3->rctrl.qcs = qcs;
370 h3->rctrl.cb = h3_control_recv;
371 h3->qcc->conn->mux->ruqs_subscribe(qcs, SUB_RETRY_RECV, &h3->rctrl.wait_event);
372 break;
373 case H3_UNI_STRM_TP_PUSH_STREAM:
374 /* NOT SUPPORTED */
375 break;
376 case H3_UNI_STRM_TP_QPACK_ENCODER:
377 if (h3->rqpack_enc.qcs) {
378 h3->err = H3_STREAM_CREATION_ERROR;
379 return 0;
380 }
381
382 h3->rqpack_enc.qcs = qcs;
383 h3->rqpack_enc.cb = qpack_decode_enc;
384 h3->qcc->conn->mux->ruqs_subscribe(qcs, SUB_RETRY_RECV, &h3->rqpack_enc.wait_event);
385 break;
386 case H3_UNI_STRM_TP_QPACK_DECODER:
387 if (h3->rqpack_dec.qcs) {
388 h3->err = H3_STREAM_CREATION_ERROR;
389 return 0;
390 }
391
392 h3->rqpack_dec.qcs = qcs;
393 h3->rqpack_dec.cb = qpack_decode_dec;
394 h3->qcc->conn->mux->ruqs_subscribe(qcs, SUB_RETRY_RECV, &h3->rqpack_dec.wait_event);
395 break;
396 default:
397 /* Error */
398 h3->err = H3_STREAM_CREATION_ERROR;
399 return 0;
400 }
401
402 return 1;
403}
404
405static int h3_finalize(void *ctx)
406{
407 struct h3 *h3 = ctx;
408
409 h3->lctrl.qcs = luqs_new(h3->qcc);
410 if (!h3->lctrl.qcs)
411 return 0;
412
413 /* Wakeup ->lctrl uni-stream */
414 tasklet_wakeup(h3->lctrl.wait_event.tasklet);
415
416 return 1;
417}
418
419/* Tasklet dedicated to h3 incoming uni-streams */
420static struct task *h3_uqs_task(struct task *t, void *ctx, unsigned int state)
421{
422 struct h3_uqs *h3_uqs = ctx;
423 struct h3 *h3 = h3_uqs->qcs->qcc->ctx;
424
425 h3_uqs->cb(h3_uqs, h3);
426 return NULL;
427}
428
429#if 0
430/* Initialiaze <h3_uqs> uni-stream with <t> as tasklet */
431static int h3_uqs_init(struct h3_uqs *h3_uqs,
432 struct task *(*t)(struct task *, void *, unsigned int))
433{
434 h3_uqs->qcs = NULL;
435 h3_uqs->cb = NULL;
436 h3_uqs->wait_event.tasklet = tasklet_new();
437 if (!h3_uqs->wait_event.tasklet)
438 return 0;
439
440 h3_uqs->wait_event.tasklet->process = t;
441 h3_uqs->wait_event.tasklet->context = h3_uqs;
442 return 1;
443}
444#endif
445
446/* Release all the tasklet attached to <h3_uqs> uni-stream */
447static inline void h3_uqs_tasklet_release(struct h3_uqs *h3_uqs)
448{
449 struct tasklet *t = h3_uqs->wait_event.tasklet;
450
451 if (t)
452 tasklet_free(t);
453}
454
455/* Release all the tasklet attached to <h3> uni-streams */
456static void h3_uqs_tasklets_release(struct h3 *h3)
457{
458 h3_uqs_tasklet_release(&h3->rqpack_enc);
459 h3_uqs_tasklet_release(&h3->rqpack_dec);
460 h3_uqs_tasklet_release(&h3->rctrl);
461}
462
463/* Tasklet dedicated to h3 outgoing uni-streams */
464__maybe_unused
465static struct task *h3_uqs_send_task(struct task *t, void *ctx, unsigned int state)
466{
467 struct h3_uqs *h3_uqs = ctx;
468 struct h3 *h3 = h3_uqs->qcs->qcc->ctx;
469
470 h3_uqs->cb(h3_uqs, h3);
471 return NULL;
472}
473
474/* Initialiaze <h3_uqs> uni-stream with <t> as tasklet */
475static int h3_uqs_init(struct h3_uqs *h3_uqs, struct h3 *h3,
476 int (*cb)(struct h3_uqs *h3_uqs, void *ctx),
477 struct task *(*t)(struct task *, void *, unsigned int))
478{
479 h3_uqs->qcs = NULL;
480 h3_uqs->cb = cb;
481 h3_uqs->wait_event.tasklet = tasklet_new();
482 if (!h3_uqs->wait_event.tasklet)
483 return 0;
484
485 h3_uqs->wait_event.tasklet->process = t;
486 h3_uqs->wait_event.tasklet->context = h3_uqs;
487 return 1;
488
489 err:
490 tasklet_free(h3_uqs->wait_event.tasklet);
491 return 0;
492}
493
494static inline void h3_uqs_release(struct h3_uqs *h3_uqs)
495{
496 if (h3_uqs->qcs)
497 qcs_release(h3_uqs->qcs);
498}
499
500static inline void h3_uqs_release_all(struct h3 *h3)
501{
502 h3_uqs_tasklet_release(&h3->lctrl);
503 h3_uqs_release(&h3->lctrl);
504 h3_uqs_tasklet_release(&h3->lqpack_enc);
505 h3_uqs_release(&h3->lqpack_enc);
506 h3_uqs_tasklet_release(&h3->lqpack_dec);
507 h3_uqs_release(&h3->lqpack_dec);
508}
509
510/* Initialize the HTTP/3 context for <qcc> mux.
511 * Return 1 if succeeded, 0 if not.
512 */
513static int h3_init(struct qcc *qcc)
514{
515 struct h3 *h3;
516
517 h3 = pool_alloc(pool_head_h3);
518 if (!h3)
519 goto fail_no_h3;
520
521 h3->qcc = qcc;
522 h3->err = H3_NO_ERROR;
523 h3->flags = 0;
524
525 if (!h3_uqs_init(&h3->rqpack_enc, h3, NULL, h3_uqs_task) ||
526 !h3_uqs_init(&h3->rqpack_dec, h3, NULL, h3_uqs_task) ||
527 !h3_uqs_init(&h3->rctrl, h3, h3_control_recv, h3_uqs_task))
528 goto fail_no_h3_ruqs;
529
530 if (!h3_uqs_init(&h3->lctrl, h3, h3_control_send, h3_uqs_task) ||
531 !h3_uqs_init(&h3->lqpack_enc, h3, NULL, h3_uqs_task) ||
532 !h3_uqs_init(&h3->lqpack_dec, h3, NULL, h3_uqs_task))
533 goto fail_no_h3_luqs;
534
535 qcc->ctx = h3;
536 LIST_INIT(&h3->buf_wait.list);
537
538 return 1;
539
540 fail_no_h3_ruqs:
541 h3_uqs_release_all(h3);
542 fail_no_h3_luqs:
543 h3_uqs_tasklets_release(h3);
544 pool_free(pool_head_h3, h3);
545 fail_no_h3:
546 return 0;
547}
548
549/* HTTP/3 application layer operations */
550const struct qcc_app_ops h3_ops = {
551 .init = h3_init,
552 .attach_ruqs = h3_attach_ruqs,
553 .decode_qcs = h3_decode_qcs,
554 .finalize = h3_finalize,
555};