diff options
Diffstat (limited to 'ssl/quic')
-rw-r--r-- | ssl/quic/quic_impl.c | 5 | ||||
-rw-r--r-- | ssl/quic/quic_rx_depack.c | 27 | ||||
-rw-r--r-- | ssl/quic/quic_stream_map.c | 21 |
3 files changed, 50 insertions, 3 deletions
diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index 98f96a7703..e3402e5c65 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -2231,6 +2231,7 @@ SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags) QUIC_STREAM_MAP *qsm; QUIC_STREAM *qs; QUIC_XSO *xso; + OSSL_RTT_INFO rtt_info; if (!expect_quic_conn_only(s, &ctx)) return NULL; @@ -2270,7 +2271,9 @@ SSL *ossl_quic_accept_stream(SSL *s, uint64_t flags) if (xso == NULL) goto out; - ossl_quic_stream_map_remove_from_accept_queue(qsm, qs); + ossl_statm_get_rtt_info(ossl_quic_channel_get_statm(ctx.qc->ch), &rtt_info); + ossl_quic_stream_map_remove_from_accept_queue(qsm, qs, + rtt_info.smoothed_rtt); new_s = &xso->ssl; /* Calling this function inhibits default XSO autocreation. */ diff --git a/ssl/quic/quic_rx_depack.c b/ssl/quic/quic_rx_depack.c index c49a13fe89..a81f47d6d9 100644 --- a/ssl/quic/quic_rx_depack.c +++ b/ssl/quic/quic_rx_depack.c @@ -256,6 +256,7 @@ static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch, if (stream == NULL) { uint64_t peer_role, stream_ordinal; uint64_t *p_next_ordinal_local, *p_next_ordinal_remote; + QUIC_RXFC *max_streams_fc; int is_uni; /* @@ -299,6 +300,32 @@ static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch, ? &ch->next_remote_stream_ordinal_uni : &ch->next_remote_stream_ordinal_bidi; + /* Check this isn't violating stream count flow control. */ + max_streams_fc = is_uni + ? &ch->max_streams_uni_rxfc + : &ch->max_streams_bidi_rxfc; + + if (!ossl_quic_rxfc_on_rx_stream_frame(max_streams_fc, + stream_ordinal + 1, + /*is_fin=*/0)) { + ossl_quic_channel_raise_protocol_error(ch, + QUIC_ERR_INTERNAL_ERROR, + frame_type, + "internal error (stream count RXFC)"); + return 0; + } + + if (ossl_quic_rxfc_get_error(max_streams_fc, 0) != QUIC_ERR_NO_ERROR) { + ossl_quic_channel_raise_protocol_error(ch, QUIC_ERR_STREAM_LIMIT_ERROR, + frame_type, + "exceeded maximum allowed streams"); + return 0; + } + + /* + * Create the named stream and any streams coming before it yet to + * be created. + */ while (*p_next_ordinal_remote <= stream_ordinal) { uint64_t stream_id = (*p_next_ordinal_remote << 2) | (frame_data.stream_id diff --git a/ssl/quic/quic_stream_map.c b/ssl/quic/quic_stream_map.c index 06bf1cfa34..a9c616ea9f 100644 --- a/ssl/quic/quic_stream_map.c +++ b/ssl/quic/quic_stream_map.c @@ -102,7 +102,9 @@ static int cmp_stream(const QUIC_STREAM *a, const QUIC_STREAM *b) int ossl_quic_stream_map_init(QUIC_STREAM_MAP *qsm, uint64_t (*get_stream_limit_cb)(int uni, void *arg), - void *get_stream_limit_cb_arg) + void *get_stream_limit_cb_arg, + QUIC_RXFC *max_streams_bidi_rxfc, + QUIC_RXFC *max_streams_uni_rxfc) { qsm->map = lh_QUIC_STREAM_new(hash_stream, cmp_stream); qsm->active_list.prev = qsm->active_list.next = &qsm->active_list; @@ -114,6 +116,8 @@ int ossl_quic_stream_map_init(QUIC_STREAM_MAP *qsm, qsm->get_stream_limit_cb = get_stream_limit_cb; qsm->get_stream_limit_cb_arg = get_stream_limit_cb_arg; + qsm->max_streams_bidi_rxfc = max_streams_bidi_rxfc; + qsm->max_streams_uni_rxfc = max_streams_uni_rxfc; return 1; } @@ -294,11 +298,24 @@ void ossl_quic_stream_map_push_accept_queue(QUIC_STREAM_MAP *qsm, ++qsm->num_accept; } +static QUIC_RXFC *qsm_get_max_streams_rxfc(QUIC_STREAM_MAP *qsm, QUIC_STREAM *s) +{ + return ossl_quic_stream_is_bidi(s) + ? qsm->max_streams_bidi_rxfc + : qsm->max_streams_uni_rxfc; +} + void ossl_quic_stream_map_remove_from_accept_queue(QUIC_STREAM_MAP *qsm, - QUIC_STREAM *s) + QUIC_STREAM *s, + OSSL_TIME rtt) { + QUIC_RXFC *max_streams_rxfc; + list_remove(&qsm->accept_list, &s->accept_node); --qsm->num_accept; + + if ((max_streams_rxfc = qsm_get_max_streams_rxfc(qsm, s)) != NULL) + ossl_quic_rxfc_on_retire(max_streams_rxfc, 1, rtt); } size_t ossl_quic_stream_map_get_accept_queue_len(QUIC_STREAM_MAP *qsm) |