quic draft-24

README.rst

@@ -24,12 +24,12 @@ ngtcp2, nghttp3 and my patched OpenSSL.
 https://github.com/ngtcp2/ngtcp2/tree/draft-22#build-from-git
 describes how to build these three software.
 
-To run h2load against HTTP/3 server, specify h3-23 ALPN with
+To run h2load against HTTP/3 server, specify h3-24 ALPN with
 ``--npn-list`` option like so:
 
 .. code-block:: text
 
-    $ h2load --npn-list h3-23 https://127.0.0.1:4433
+    $ h2load --npn-list h3-24 https://127.0.0.1:4433
 
 You can use Dockerfile to skip the tedious build steps to manually
 pull and build dependencies.  In order to build Docker image, do this:
@@ -43,7 +43,7 @@ Run h2load:
 
 .. code-block:: text
 
-    $ docker run --rm -it --network=host nghttp2-quic /usr/local/bin/h2load --npn-list h3-23 https://127.0.0.1:4433
+    $ docker run --rm -it --network=host nghttp2-quic /usr/local/bin/h2load --npn-list h3-24 https://127.0.0.1:4433
 
 Development Status
 ------------------

docker/Dockerfile

@@ -5,13 +5,13 @@ RUN /usr/local/bin/clean-install git g++ make binutils autoconf automake autotoo
         zlib1g libev4 libjemalloc1 libc-ares2 \
         ca-certificates psmisc \
         python && \
-    git clone --depth 1 -b openssl-quic-draft-23 https://github.com/tatsuhiro-t/openssl && \
+    git clone --depth 1 -b openssl-quic-draft-24 https://github.com/tatsuhiro-t/openssl && \
     cd openssl && ./config enable-tls1_3 --openssldir=/etc/ssl && make -j$(nproc) && make install_sw && cd .. && rm -rf openssl && \
     git clone --depth 1 https://github.com/ngtcp2/nghttp3 && \
     cd nghttp3 && autoreconf -i && \
     ./configure --enable-lib-only && \
     make -j$(nproc) && make install-strip && cd .. && rm -rf nghttp3 && \
-    git clone --depth 1 -b master https://github.com/ngtcp2/ngtcp2 && \
+    git clone --depth 1 https://github.com/ngtcp2/ngtcp2 && \
     cd ngtcp2 && autoreconf -i && \
     ./configure && \
     make -j$(nproc) && make install-strip && cd .. && rm -rf ngtcp2 && \

src/h2load.h

@@ -332,6 +332,8 @@ struct Client {
     std::array<Crypto, 2> crypto;
     size_t max_pktlen;
     bool close_requested;
+    std::vector<uint8_t> rx_secret;
+    std::vector<uint8_t> tx_secret;
   } quic;
   ev_timer request_timeout_watcher;
   addrinfo *next_addr;
@@ -465,6 +467,7 @@ struct Client {
   int quic_stream_close(int64_t stream_id, uint64_t app_error_code);
   int quic_stream_reset(int64_t stream_id, uint64_t app_error_code);
   int quic_extend_max_local_streams();
+  int quic_update_key();
 
   int quic_on_key(ngtcp2_crypto_level level, const uint8_t *rx_secret,
                   const uint8_t *tx_secret, size_t secretlen);

src/h2load_http3_session.cc

@@ -113,7 +113,7 @@ int stream_close(nghttp3_conn *conn, int64_t stream_id, uint64_t app_error_code,
 } // namespace
 
 int Http3Session::stream_close(int64_t stream_id, uint64_t app_error_code) {
-  client_->on_stream_close(stream_id, app_error_code == NGHTTP3_HTTP_NO_ERROR);
+  client_->on_stream_close(stream_id, app_error_code == NGHTTP3_H3_NO_ERROR);
   return 0;
 }
 

src/h2load_quic.cc

@@ -159,7 +159,7 @@ int stream_close(ngtcp2_conn *conn, int64_t stream_id, uint64_t app_error_code,
 
 int Client::quic_stream_close(int64_t stream_id, uint64_t app_error_code) {
   auto s = static_cast<Http3Session *>(session.get());
-  if (s->close_stream(stream_id, app_error_code == 0 ? NGHTTP3_HTTP_NO_ERROR
+  if (s->close_stream(stream_id, app_error_code == 0 ? NGHTTP3_H3_NO_ERROR
                                                      : app_error_code) != 0) {
     return -1;
   }
@@ -222,6 +222,36 @@ int get_new_connection_id(ngtcp2_conn *conn, ngtcp2_cid *cid, uint8_t *token,
 }
 } // namespace
 
+namespace {
+int update_key(ngtcp2_conn *conn, void *user_data) {
+  auto c = static_cast<Client *>(user_data);
+
+  if (c->quic_update_key() != 0) {
+    return NGTCP2_ERR_CALLBACK_FAILURE;
+  }
+
+  return 0;
+}
+} // namespace
+
+int Client::quic_update_key() {
+  std::array<uint8_t, 64> rx_secret, tx_secret;
+
+  if (ngtcp2_crypto_update_and_install_key(
+          quic.conn, rx_secret.data(), tx_secret.data(), nullptr, nullptr,
+          nullptr, nullptr, quic.rx_secret.data(), quic.tx_secret.data(),
+          quic.rx_secret.size()) != 0) {
+    return -1;
+  }
+
+  quic.rx_secret.assign(std::begin(rx_secret),
+                        std::begin(rx_secret) + quic.rx_secret.size());
+  quic.tx_secret.assign(std::begin(tx_secret),
+                        std::begin(tx_secret) + quic.tx_secret.size());
+
+  return 0;
+}
+
 namespace {
 void debug_log_printf(void *user_data, const char *fmt, ...) {
   va_list ap;
@@ -362,7 +392,7 @@ int Client::quic_init(const sockaddr *local_addr, socklen_t local_addrlen,
       nullptr, // rand
       get_new_connection_id,
       nullptr, // remove_connection_id
-      nullptr, // update_key
+      update_key,
       nullptr, // path_validation
       select_preferred_addr,
       h2load::stream_reset,
@@ -497,6 +527,9 @@ int Client::quic_on_key(ngtcp2_crypto_level level, const uint8_t *rx_secret,
       return -1;
     }
     session = std::move(s);
+
+    quic.rx_secret.assign(rx_secret, rx_secret + secretlen);
+    quic.tx_secret.assign(tx_secret, tx_secret + secretlen);
   }
 
   return 0;