From 77f1b3728433e6405f389d662ef25ba619055384 Mon Sep 17 00:00:00 2001 From: Tatsuhiro Tsujikawa Date: Wed, 6 Nov 2019 22:49:22 +0900 Subject: [PATCH] quic draft-24 --- README.rst | 6 +++--- docker/Dockerfile | 4 ++-- src/h2load.h | 3 +++ src/h2load_http3_session.cc | 2 +- src/h2load_quic.cc | 37 +++++++++++++++++++++++++++++++++++-- 5 files changed, 44 insertions(+), 8 deletions(-) diff --git a/README.rst b/README.rst index d46a65b5..bfd2d419 100644 --- a/README.rst +++ b/README.rst @@ -24,12 +24,12 @@ ngtcp2, nghttp3 and my patched OpenSSL. https://github.com/ngtcp2/ngtcp2/tree/draft-22#build-from-git describes how to build these three software. -To run h2load against HTTP/3 server, specify h3-23 ALPN with +To run h2load against HTTP/3 server, specify h3-24 ALPN with ``--npn-list`` option like so: .. code-block:: text - $ h2load --npn-list h3-23 https://127.0.0.1:4433 + $ h2load --npn-list h3-24 https://127.0.0.1:4433 You can use Dockerfile to skip the tedious build steps to manually pull and build dependencies. In order to build Docker image, do this: @@ -43,7 +43,7 @@ Run h2load: .. code-block:: text - $ docker run --rm -it --network=host nghttp2-quic /usr/local/bin/h2load --npn-list h3-23 https://127.0.0.1:4433 + $ docker run --rm -it --network=host nghttp2-quic /usr/local/bin/h2load --npn-list h3-24 https://127.0.0.1:4433 Development Status ------------------ diff --git a/docker/Dockerfile b/docker/Dockerfile index 60a444f3..d08dc5e0 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -5,13 +5,13 @@ RUN /usr/local/bin/clean-install git g++ make binutils autoconf automake autotoo zlib1g libev4 libjemalloc1 libc-ares2 \ ca-certificates psmisc \ python && \ - git clone --depth 1 -b openssl-quic-draft-23 https://github.com/tatsuhiro-t/openssl && \ + git clone --depth 1 -b openssl-quic-draft-24 https://github.com/tatsuhiro-t/openssl && \ cd openssl && ./config enable-tls1_3 --openssldir=/etc/ssl && make -j$(nproc) && make install_sw && cd .. && rm -rf openssl && \ git clone --depth 1 https://github.com/ngtcp2/nghttp3 && \ cd nghttp3 && autoreconf -i && \ ./configure --enable-lib-only && \ make -j$(nproc) && make install-strip && cd .. && rm -rf nghttp3 && \ - git clone --depth 1 -b master https://github.com/ngtcp2/ngtcp2 && \ + git clone --depth 1 https://github.com/ngtcp2/ngtcp2 && \ cd ngtcp2 && autoreconf -i && \ ./configure && \ make -j$(nproc) && make install-strip && cd .. && rm -rf ngtcp2 && \ diff --git a/src/h2load.h b/src/h2load.h index d6629744..17515a18 100644 --- a/src/h2load.h +++ b/src/h2load.h @@ -329,6 +329,8 @@ struct Client { std::array crypto; size_t max_pktlen; bool close_requested; + std::vector rx_secret; + std::vector tx_secret; } quic; ev_timer request_timeout_watcher; addrinfo *next_addr; @@ -448,6 +450,7 @@ struct Client { int quic_stream_close(int64_t stream_id, uint64_t app_error_code); int quic_stream_reset(int64_t stream_id, uint64_t app_error_code); int quic_extend_max_local_streams(); + int quic_update_key(); int quic_on_key(ngtcp2_crypto_level level, const uint8_t *rx_secret, const uint8_t *tx_secret, size_t secretlen); diff --git a/src/h2load_http3_session.cc b/src/h2load_http3_session.cc index f15168c0..6a3378bf 100644 --- a/src/h2load_http3_session.cc +++ b/src/h2load_http3_session.cc @@ -113,7 +113,7 @@ int stream_close(nghttp3_conn *conn, int64_t stream_id, uint64_t app_error_code, } // namespace int Http3Session::stream_close(int64_t stream_id, uint64_t app_error_code) { - client_->on_stream_close(stream_id, app_error_code == NGHTTP3_HTTP_NO_ERROR); + client_->on_stream_close(stream_id, app_error_code == NGHTTP3_H3_NO_ERROR); return 0; } diff --git a/src/h2load_quic.cc b/src/h2load_quic.cc index 52f17f21..2cbb0178 100644 --- a/src/h2load_quic.cc +++ b/src/h2load_quic.cc @@ -159,7 +159,7 @@ int stream_close(ngtcp2_conn *conn, int64_t stream_id, uint64_t app_error_code, int Client::quic_stream_close(int64_t stream_id, uint64_t app_error_code) { auto s = static_cast(session.get()); - if (s->close_stream(stream_id, app_error_code == 0 ? NGHTTP3_HTTP_NO_ERROR + if (s->close_stream(stream_id, app_error_code == 0 ? NGHTTP3_H3_NO_ERROR : app_error_code) != 0) { return -1; } @@ -222,6 +222,36 @@ int get_new_connection_id(ngtcp2_conn *conn, ngtcp2_cid *cid, uint8_t *token, } } // namespace +namespace { +int update_key(ngtcp2_conn *conn, void *user_data) { + auto c = static_cast(user_data); + + if (c->quic_update_key() != 0) { + return NGTCP2_ERR_CALLBACK_FAILURE; + } + + return 0; +} +} // namespace + +int Client::quic_update_key() { + std::array rx_secret, tx_secret; + + if (ngtcp2_crypto_update_and_install_key( + quic.conn, rx_secret.data(), tx_secret.data(), nullptr, nullptr, + nullptr, nullptr, quic.rx_secret.data(), quic.tx_secret.data(), + quic.rx_secret.size()) != 0) { + return -1; + } + + quic.rx_secret.assign(std::begin(rx_secret), + std::begin(rx_secret) + quic.rx_secret.size()); + quic.tx_secret.assign(std::begin(tx_secret), + std::begin(tx_secret) + quic.tx_secret.size()); + + return 0; +} + namespace { void debug_log_printf(void *user_data, const char *fmt, ...) { va_list ap; @@ -362,7 +392,7 @@ int Client::quic_init(const sockaddr *local_addr, socklen_t local_addrlen, nullptr, // rand get_new_connection_id, nullptr, // remove_connection_id - nullptr, // update_key + update_key, nullptr, // path_validation select_preferred_addr, h2load::stream_reset, @@ -497,6 +527,9 @@ int Client::quic_on_key(ngtcp2_crypto_level level, const uint8_t *rx_secret, return -1; } session = std::move(s); + + quic.rx_secret.assign(rx_secret, rx_secret + secretlen); + quic.tx_secret.assign(tx_secret, tx_secret + secretlen); } return 0;