From e81fed9a5427cea129afba8249db2ad31733e31c Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Wed, 22 Dec 2021 11:06:34 +0100 Subject: [PATCH] MINOR: quic: replace usage of ssl_sock_ctx by quic_conn Big refactoring on xprt-quic. A lot of functions were using the ssl_sock_ctx as argument to only access the related quic_conn. All these arguments are replaced by a quic_conn parameter. As a convention, the quic_conn instance is always the first parameter of these functions. This commit is part of the rearchitecture of xprt-quic layers and the separation between xprt and connection instances. --- src/xprt_quic.c | 179 +++++++++++++++++++++++------------------------- 1 file changed, 85 insertions(+), 94 deletions(-) diff --git a/src/xprt_quic.c b/src/xprt_quic.c index 91e06eef4..05f87a546 100644 --- a/src/xprt_quic.c +++ b/src/xprt_quic.c @@ -581,12 +581,10 @@ static void quic_trace(enum trace_level level, uint64_t mask, const struct trace } /* Returns 1 if the peer has validated QUIC connection address, 0 if not. */ -static inline int quic_peer_validated_addr(struct ssl_sock_ctx *ctx) +static inline int quic_peer_validated_addr(struct quic_conn *qc) { - struct quic_conn *qc; struct quic_pktns *hdshk_pktns, *app_pktns; - qc = ctx->conn->qc; if (objt_server(qc->conn->target)) return 1; @@ -603,16 +601,14 @@ static inline int quic_peer_validated_addr(struct ssl_sock_ctx *ctx) /* Set the timer attached to the QUIC connection with as I/O handler and used for * both loss detection and PTO and schedule the task assiated to this timer if needed. */ -static inline void qc_set_timer(struct ssl_sock_ctx *ctx) +static inline void qc_set_timer(struct quic_conn *qc) { - struct quic_conn *qc; struct quic_pktns *pktns; unsigned int pto; int handshake_complete; - qc = ctx->qc; TRACE_ENTER(QUIC_EV_CONN_STIMER, qc, - NULL, NULL, &ctx->conn->qc->path->ifae_pkts); + NULL, NULL, &qc->path->ifae_pkts); pktns = quic_loss_pktns(qc); if (tick_isset(pktns->tx.loss_time)) { @@ -629,7 +625,7 @@ static inline void qc_set_timer(struct ssl_sock_ctx *ctx) goto out; } - if (!qc->path->ifae_pkts && quic_peer_validated_addr(ctx)) { + if (!qc->path->ifae_pkts && quic_peer_validated_addr(qc)) { TRACE_PROTO("timer cancellation", QUIC_EV_CONN_STIMER, qc); /* Timer cancellation. */ qc->timer = TICK_ETERNITY; @@ -1225,10 +1221,10 @@ static uint64_t decode_packet_number(uint64_t largest_pn, * points to one byte past the end of this packet. * Returns 1 if succeeded, 0 if not. */ -static int qc_do_rm_hp(struct quic_rx_packet *pkt, struct quic_tls_ctx *tls_ctx, +static int qc_do_rm_hp(struct quic_conn *qc, + struct quic_rx_packet *pkt, struct quic_tls_ctx *tls_ctx, int64_t largest_pn, unsigned char *pn, - unsigned char *byte0, const unsigned char *end, - struct ssl_sock_ctx *ctx) + unsigned char *byte0, const unsigned char *end) { int ret, outlen, i, pnlen; uint64_t packet_number; @@ -1240,13 +1236,13 @@ static int qc_do_rm_hp(struct quic_rx_packet *pkt, struct quic_tls_ctx *tls_ctx, /* Check there is enough data in this packet. */ if (end - pn < QUIC_PACKET_PN_MAXLEN + sizeof mask) { - TRACE_DEVEL("too short packet", QUIC_EV_CONN_RMHP, ctx->qc, pkt); + TRACE_DEVEL("too short packet", QUIC_EV_CONN_RMHP, qc, pkt); return 0; } cctx = EVP_CIPHER_CTX_new(); if (!cctx) { - TRACE_DEVEL("memory allocation failed", QUIC_EV_CONN_RMHP, ctx->qc, pkt); + TRACE_DEVEL("memory allocation failed", QUIC_EV_CONN_RMHP, qc, pkt); return 0; } @@ -1257,7 +1253,7 @@ static int qc_do_rm_hp(struct quic_rx_packet *pkt, struct quic_tls_ctx *tls_ctx, if (!EVP_DecryptInit_ex(cctx, tls_ctx->rx.hp, NULL, hp_key, sample) || !EVP_DecryptUpdate(cctx, mask, &outlen, mask, sizeof mask) || !EVP_DecryptFinal_ex(cctx, mask, &outlen)) { - TRACE_DEVEL("decryption failed", QUIC_EV_CONN_RMHP, ctx->qc, pkt); + TRACE_DEVEL("decryption failed", QUIC_EV_CONN_RMHP, qc, pkt); goto out; } @@ -1408,11 +1404,10 @@ static int qcs_try_to_consume(struct qcs *qcs) } /* Treat frame whose packet it is attached to has just been acknowledged. */ -static inline void qc_treat_acked_tx_frm(struct quic_frame *frm, - struct ssl_sock_ctx *ctx) +static inline void qc_treat_acked_tx_frm(struct quic_conn *qc, + struct quic_frame *frm) { int stream_acked; - struct quic_conn *qc = ctx->qc; TRACE_PROTO("Removing frame", QUIC_EV_CONN_PRSAFRM, qc, frm); stream_acked = 0; @@ -1457,11 +1452,12 @@ static inline void qc_treat_acked_tx_frm(struct quic_frame *frm, * Returns the last node reached to be used for the next range. * May be NULL if node could not be found. */ -static inline struct eb64_node *qc_ackrng_pkts(struct eb_root *pkts, unsigned int *pkt_flags, +static inline struct eb64_node *qc_ackrng_pkts(struct quic_conn *qc, + struct eb_root *pkts, + unsigned int *pkt_flags, struct list *newly_acked_pkts, struct eb64_node *largest_node, - uint64_t largest, uint64_t smallest, - struct ssl_sock_ctx *ctx) + uint64_t largest, uint64_t smallest) { struct eb64_node *node; struct quic_tx_packet *pkt; @@ -1481,9 +1477,9 @@ static inline struct eb64_node *qc_ackrng_pkts(struct eb_root *pkts, unsigned in pkt = eb64_entry(&node->node, struct quic_tx_packet, pn_node); *pkt_flags |= pkt->flags; LIST_INSERT(newly_acked_pkts, &pkt->list); - TRACE_PROTO("Removing packet #", QUIC_EV_CONN_PRSAFRM, ctx->qc, NULL, &pkt->pn_node.key); + TRACE_PROTO("Removing packet #", QUIC_EV_CONN_PRSAFRM, qc, NULL, &pkt->pn_node.key); list_for_each_entry_safe(frm, frmbak, &pkt->frms, list) - qc_treat_acked_tx_frm(frm, ctx); + qc_treat_acked_tx_frm(qc, frm); node = eb64_prev(node); eb64_delete(&pkt->pn_node); } @@ -1494,11 +1490,11 @@ static inline struct eb64_node *qc_ackrng_pkts(struct eb_root *pkts, unsigned in /* Treat frame whose packet it is attached to has just been detected as non * acknowledged. */ -static inline void qc_treat_nacked_tx_frm(struct quic_frame *frm, - struct quic_pktns *pktns, - struct ssl_sock_ctx *ctx) +static inline void qc_treat_nacked_tx_frm(struct quic_conn *qc, + struct quic_frame *frm, + struct quic_pktns *pktns) { - TRACE_PROTO("to resend frame", QUIC_EV_CONN_PRSAFRM, ctx->qc, frm); + TRACE_PROTO("to resend frame", QUIC_EV_CONN_PRSAFRM, qc, frm); LIST_DELETE(&frm->list); MT_LIST_INSERT(&pktns->tx.frms, &frm->mt_list); } @@ -1544,10 +1540,9 @@ static inline void qc_cc_loss_event(struct quic_conn *qc, * list and free them. * Always succeeds. */ -static inline void qc_treat_newly_acked_pkts(struct ssl_sock_ctx *ctx, +static inline void qc_treat_newly_acked_pkts(struct quic_conn *qc, struct list *newly_acked_pkts) { - struct quic_conn *qc = ctx->conn->qc; struct quic_tx_packet *pkt, *tmp; struct quic_cc_event ev = { .type = QUIC_CC_EVT_ACK, }; @@ -1573,12 +1568,11 @@ static inline void qc_treat_newly_acked_pkts(struct ssl_sock_ctx *ctx, * Also frees the packet in list. * Never fails. */ -static inline void qc_release_lost_pkts(struct quic_pktns *pktns, - struct ssl_sock_ctx *ctx, +static inline void qc_release_lost_pkts(struct quic_conn *qc, + struct quic_pktns *pktns, struct list *pkts, uint64_t now_us) { - struct quic_conn *qc = ctx->conn->qc; struct quic_tx_packet *pkt, *tmp, *oldest_lost, *newest_lost; struct quic_frame *frm, *frmbak; uint64_t lost_bytes; @@ -1593,7 +1587,7 @@ static inline void qc_release_lost_pkts(struct quic_pktns *pktns, qc->path->ifae_pkts--; /* Treat the frames of this lost packet. */ list_for_each_entry_safe(frm, frmbak, &pkt->frms, list) - qc_treat_nacked_tx_frm(frm, pktns, ctx); + qc_treat_nacked_tx_frm(qc, frm, pktns); LIST_DELETE(&pkt->list); if (!oldest_lost) { oldest_lost = newest_lost = pkt; @@ -1607,7 +1601,7 @@ static inline void qc_release_lost_pkts(struct quic_pktns *pktns, if (lost_bytes) { /* Sent a packet loss event to the congestion controller. */ - qc_cc_loss_event(ctx->conn->qc, lost_bytes, newest_lost->time_sent, + qc_cc_loss_event(qc, lost_bytes, newest_lost->time_sent, newest_lost->time_sent - oldest_lost->time_sent, now_us); quic_tx_packet_refdec(oldest_lost); if (newest_lost != oldest_lost) @@ -1677,7 +1671,8 @@ static void qc_packet_loss_lookup(struct quic_pktns *pktns, * acked ack-eliciting packet. * Return 1, if succeeded, 0 if not. */ -static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx *ctx, +static inline int qc_parse_ack_frm(struct quic_conn *qc, + struct quic_frame *frm, struct quic_enc_level *qel, unsigned int *rtt_sample, const unsigned char **pos, const unsigned char *end) @@ -1692,13 +1687,13 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * if (ack->largest_ack > qel->pktns->tx.next_pn) { TRACE_DEVEL("ACK for not sent packet", QUIC_EV_CONN_PRSAFRM, - ctx->qc, NULL, &ack->largest_ack); + qc, NULL, &ack->largest_ack); goto err; } if (ack->first_ack_range > ack->largest_ack) { TRACE_DEVEL("too big first ACK range", QUIC_EV_CONN_PRSAFRM, - ctx->qc, NULL, &ack->first_ack_range); + qc, NULL, &ack->first_ack_range); goto err; } @@ -1713,7 +1708,7 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * largest_node = eb64_lookup(pkts, largest); if (!largest_node) { TRACE_DEVEL("Largest acked packet not found", - QUIC_EV_CONN_PRSAFRM, ctx->qc); + QUIC_EV_CONN_PRSAFRM, qc); } else { time_sent = eb64_entry(&largest_node->node, @@ -1722,12 +1717,12 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * } TRACE_PROTO("ack range", QUIC_EV_CONN_PRSAFRM, - ctx->qc, NULL, &largest, &smallest); + qc, NULL, &largest, &smallest); do { uint64_t gap, ack_range; - qc_ackrng_pkts(pkts, &pkt_flags, &newly_acked_pkts, - largest_node, largest, smallest, ctx); + qc_ackrng_pkts(qc, pkts, &pkt_flags, &newly_acked_pkts, + largest_node, largest, smallest); if (!ack->ack_range_num--) break; @@ -1736,7 +1731,7 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * if (smallest < gap + 2) { TRACE_DEVEL("wrong gap value", QUIC_EV_CONN_PRSAFRM, - ctx->qc, NULL, &gap, &smallest); + qc, NULL, &gap, &smallest); goto err; } @@ -1746,7 +1741,7 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * if (largest < ack_range) { TRACE_DEVEL("wrong ack range value", QUIC_EV_CONN_PRSAFRM, - ctx->qc, NULL, &largest, &ack_range); + qc, NULL, &largest, &ack_range); goto err; } @@ -1756,7 +1751,7 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * smallest = largest - ack_range; TRACE_PROTO("ack range", QUIC_EV_CONN_PRSAFRM, - ctx->qc, NULL, &largest, &smallest); + qc, NULL, &largest, &smallest); } while (1); /* Flag this packet number space as having received an ACK. */ @@ -1769,14 +1764,14 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * if (!LIST_ISEMPTY(&newly_acked_pkts)) { if (!eb_is_empty(&qel->pktns->tx.pkts)) { - qc_packet_loss_lookup(qel->pktns, ctx->conn->qc, &lost_pkts); + qc_packet_loss_lookup(qel->pktns, qc, &lost_pkts); if (!LIST_ISEMPTY(&lost_pkts)) - qc_release_lost_pkts(qel->pktns, ctx, &lost_pkts, now_ms); + qc_release_lost_pkts(qc, qel->pktns, &lost_pkts, now_ms); } - qc_treat_newly_acked_pkts(ctx, &newly_acked_pkts); - if (quic_peer_validated_addr(ctx)) - ctx->conn->qc->path->loss.pto_count = 0; - qc_set_timer(ctx); + qc_treat_newly_acked_pkts(qc, &newly_acked_pkts); + if (quic_peer_validated_addr(qc)) + qc->path->loss.pto_count = 0; + qc_set_timer(qc); } @@ -1784,7 +1779,7 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * err: free_quic_tx_pkts(&newly_acked_pkts); - TRACE_DEVEL("leaving in error", QUIC_EV_CONN_PRSAFRM, ctx->qc); + TRACE_DEVEL("leaving in error", QUIC_EV_CONN_PRSAFRM, qc); return 0; } @@ -2201,7 +2196,7 @@ static int qc_parse_pkt_frms(struct quic_rx_packet *pkt, struct ssl_sock_ctx *ct unsigned int rtt_sample; rtt_sample = 0; - if (!qc_parse_ack_frm(&frm, ctx, qel, &rtt_sample, &pos, end)) + if (!qc_parse_ack_frm(qc, &frm, qel, &rtt_sample, &pos, end)) goto err; if (rtt_sample) { @@ -2330,7 +2325,7 @@ static int qc_parse_pkt_frms(struct quic_rx_packet *pkt, struct ssl_sock_ctx *ct quic_tls_discard_keys(&qc->els[QUIC_TLS_ENC_LEVEL_INITIAL]); TRACE_PROTO("discarding Initial pktns", QUIC_EV_CONN_PRSHPKT, ctx->conn); quic_pktns_discard(qc->els[QUIC_TLS_ENC_LEVEL_INITIAL].pktns, qc); - qc_set_timer(ctx); + qc_set_timer(ctx->qc); if (state < QUIC_HS_ST_SERVER_HANDSHAKE) HA_ATOMIC_STORE(&qc->state, QUIC_HS_ST_SERVER_HANDSHAKE); } @@ -2365,9 +2360,8 @@ static inline void qc_set_dg(struct cbuf *cbuf, * packet in this datagram. * Returns 1 if succeeded, or 0 if something wrong happened. */ -static int qc_prep_pkts(struct qring *qr, struct ssl_sock_ctx *ctx) +static int qc_prep_pkts(struct quic_conn *qc, struct qring *qr) { - struct quic_conn *qc; enum quic_tls_enc_level tel, next_tel; struct quic_enc_level *qel; struct cbuf *cbuf; @@ -2382,8 +2376,6 @@ static int qc_prep_pkts(struct qring *qr, struct ssl_sock_ctx *ctx) */ size_t dg_headlen = sizeof dglen + sizeof first_pkt; - qc = ctx->qc; - TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc); if (!quic_get_tls_enc_levels(&tel, &next_tel, HA_ATOMIC_LOAD(&qc->state), 0)) { @@ -2443,7 +2435,7 @@ static int qc_prep_pkts(struct qring *qr, struct ssl_sock_ctx *ctx) if (!prv_pkt) { /* Leave room for the datagram header */ pos += dg_headlen; - if (!quic_peer_validated_addr(ctx) && objt_listener(ctx->conn->target)) { + if (!quic_peer_validated_addr(qc) && objt_listener(qc->conn->target)) { if (qc->tx.prep_bytes >= 3 * qc->rx.bytes) qc->flags |= QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED; end = pos + QUIC_MIN(qc->path->mtu, 3 * qc->rx.bytes - qc->tx.prep_bytes); @@ -2497,7 +2489,7 @@ static int qc_prep_pkts(struct qring *qr, struct ssl_sock_ctx *ctx) quic_tls_discard_keys(&qc->els[QUIC_TLS_ENC_LEVEL_INITIAL]); TRACE_PROTO("discarding Initial pktns", QUIC_EV_CONN_PHPKTS, qc); quic_pktns_discard(qc->els[QUIC_TLS_ENC_LEVEL_INITIAL].pktns, qc); - qc_set_timer(ctx); + qc_set_timer(qc); HA_ATOMIC_STORE(&qc->state, QUIC_HS_ST_CLIENT_HANDSHAKE); } /* If the data for the current encryption level have all been sent, @@ -2630,7 +2622,7 @@ int qc_send_ppkts(struct qring *qr, struct ssl_sock_ctx *ctx) qc->path->in_flight += pkt->in_flight_len; pkt->pktns->tx.in_flight += pkt->in_flight_len; if (pkt->in_flight_len) - qc_set_timer(ctx); + qc_set_timer(qc); TRACE_PROTO("sent pkt", QUIC_EV_CONN_SPPKTS, qc, pkt); next_pkt = pkt->next; eb64_insert(&pkt->pktns->tx.pkts, &pkt->pn_node); @@ -2889,28 +2881,28 @@ int quic_update_ack_ranges_list(struct quic_arngs *arngs, /* Remove the header protection of packets at encryption level. * Always succeeds. */ -static inline void qc_rm_hp_pkts(struct quic_enc_level *el, struct ssl_sock_ctx *ctx) +static inline void qc_rm_hp_pkts(struct quic_conn *qc, struct quic_enc_level *el) { struct quic_tls_ctx *tls_ctx; struct quic_rx_packet *pqpkt; struct mt_list *pkttmp1, pkttmp2; struct quic_enc_level *app_qel; - TRACE_ENTER(QUIC_EV_CONN_ELRMHP, ctx->qc); - app_qel = &ctx->conn->qc->els[QUIC_TLS_ENC_LEVEL_APP]; + TRACE_ENTER(QUIC_EV_CONN_ELRMHP, qc); + app_qel = &qc->els[QUIC_TLS_ENC_LEVEL_APP]; /* A server must not process incoming 1-RTT packets before the handshake is complete. */ - if (el == app_qel && objt_listener(ctx->conn->target) && - HA_ATOMIC_LOAD(&ctx->conn->qc->state) < QUIC_HS_ST_COMPLETE) { + if (el == app_qel && objt_listener(qc->conn->target) && + HA_ATOMIC_LOAD(&qc->state) < QUIC_HS_ST_COMPLETE) { TRACE_PROTO("hp not removed (handshake not completed)", - QUIC_EV_CONN_ELRMHP, ctx->qc); + QUIC_EV_CONN_ELRMHP, qc); goto out; } tls_ctx = &el->tls_ctx; mt_list_for_each_entry_safe(pqpkt, &el->rx.pqpkts, list, pkttmp1, pkttmp2) { - if (!qc_do_rm_hp(pqpkt, tls_ctx, el->pktns->rx.largest_pn, + if (!qc_do_rm_hp(qc, pqpkt, tls_ctx, el->pktns->rx.largest_pn, pqpkt->data + pqpkt->pn_offset, - pqpkt->data, pqpkt->data + pqpkt->len, ctx)) { - TRACE_PROTO("hp removing error", QUIC_EV_CONN_ELRMHP, ctx->qc); + pqpkt->data, pqpkt->data + pqpkt->len)) { + TRACE_PROTO("hp removing error", QUIC_EV_CONN_ELRMHP, qc); /* XXX TO DO XXX */ } else { @@ -2922,14 +2914,14 @@ static inline void qc_rm_hp_pkts(struct quic_enc_level *el, struct ssl_sock_ctx eb64_insert(&el->rx.pkts, &pqpkt->pn_node); quic_rx_packet_refinc(pqpkt); HA_RWLOCK_WRUNLOCK(QUIC_LOCK, &el->rx.pkts_rwlock); - TRACE_PROTO("hp removed", QUIC_EV_CONN_ELRMHP, ctx->qc, pqpkt); + TRACE_PROTO("hp removed", QUIC_EV_CONN_ELRMHP, qc, pqpkt); } MT_LIST_DELETE_SAFE(pkttmp1); quic_rx_packet_refdec(pqpkt); } out: - TRACE_LEAVE(QUIC_EV_CONN_ELRMHP, ctx->qc); + TRACE_LEAVE(QUIC_EV_CONN_ELRMHP, qc); } /* Process all the CRYPTO frame at encryption level. @@ -3078,7 +3070,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state) */ if (!MT_LIST_ISEMPTY(&qel->rx.pqpkts) && (tls_ctx->rx.flags & QUIC_FL_TLS_SECRETS_SET)) - qc_rm_hp_pkts(qel, ctx); + qc_rm_hp_pkts(qc, qel); prev_st = HA_ATOMIC_LOAD(&qc->state); force_ack = qel == &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL] || @@ -3100,7 +3092,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state) quic_tls_discard_keys(&qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE]); TRACE_PROTO("discarding Handshake pktns", QUIC_EV_CONN_PHPKTS, qc); quic_pktns_discard(qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE].pktns, qc); - qc_set_timer(ctx); + qc_set_timer(qc); if (!quic_build_post_handshake_frames(qc)) goto err; @@ -3111,7 +3103,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state) if (!qr) qr = MT_LIST_POP(qc->tx.qring_list, typeof(qr), mt_list); - ret = qc_prep_pkts(qr, ctx); + ret = qc_prep_pkts(qc, qr); if (ret == -1) goto err; else if (ret == 0) @@ -3253,8 +3245,8 @@ static struct task *process_timer(struct task *task, void *ctx, unsigned int sta qc_packet_loss_lookup(pktns, qc, &lost_pkts); if (!LIST_ISEMPTY(&lost_pkts)) - qc_release_lost_pkts(pktns, ctx, &lost_pkts, now_ms); - qc_set_timer(conn_ctx); + qc_release_lost_pkts(qc, pktns, &lost_pkts, now_ms); + qc_set_timer(qc); goto out; } @@ -3476,8 +3468,7 @@ static inline int quic_packet_read_long_header(unsigned char **buf, const unsign * encryption level matching with the packet type. <*qel> may be null if not found. * Note that may be null (for Initial packets). */ -static int qc_pkt_may_rm_hp(struct quic_rx_packet *pkt, - struct quic_conn *qc, struct ssl_sock_ctx *ctx, +static int qc_pkt_may_rm_hp(struct quic_conn *qc, struct quic_rx_packet *pkt, struct quic_enc_level **qel) { enum quic_tls_enc_level tel; @@ -3490,13 +3481,13 @@ static int qc_pkt_may_rm_hp(struct quic_rx_packet *pkt, *qel = &qc->els[tel]; if ((*qel)->tls_ctx.rx.flags & QUIC_FL_TLS_SECRETS_DCD) { - TRACE_DEVEL("Discarded keys", QUIC_EV_CONN_TRMHP, ctx->qc); + TRACE_DEVEL("Discarded keys", QUIC_EV_CONN_TRMHP, qc); return 0; } if (((*qel)->tls_ctx.rx.flags & QUIC_FL_TLS_SECRETS_SET) && (tel != QUIC_TLS_ENC_LEVEL_APP || - HA_ATOMIC_LOAD(&ctx->conn->qc->state) >= QUIC_HS_ST_COMPLETE)) + HA_ATOMIC_LOAD(&qc->state) >= QUIC_HS_ST_COMPLETE)) return 1; return 0; @@ -3519,11 +3510,11 @@ static void qc_pkt_insert(struct quic_rx_packet *pkt, struct quic_enc_level *qel * If succeeded, this function updates <*buf> to point to the next packet in the buffer. * Returns 1 if succeeded, 0 if not. */ -static inline int qc_try_rm_hp(struct quic_rx_packet *pkt, +static inline int qc_try_rm_hp(struct quic_conn *qc, + struct quic_rx_packet *pkt, unsigned char *buf, unsigned char *beg, const unsigned char *end, - struct quic_conn *qc, struct quic_enc_level **el, - struct ssl_sock_ctx *ctx) + struct quic_enc_level **el) { unsigned char *pn = NULL; /* Packet number field */ struct quic_enc_level *qel; @@ -3531,20 +3522,20 @@ static inline int qc_try_rm_hp(struct quic_rx_packet *pkt, struct quic_rx_packet *qpkt_trace; qpkt_trace = NULL; - TRACE_ENTER(QUIC_EV_CONN_TRMHP, ctx ? ctx->qc : NULL); + TRACE_ENTER(QUIC_EV_CONN_TRMHP, qc); /* The packet number is here. This is also the start minus * QUIC_PACKET_PN_MAXLEN of the sample used to add/remove the header * protection. */ pn = buf; - if (qc_pkt_may_rm_hp(pkt, qc, ctx, &qel)) { + if (qc_pkt_may_rm_hp(qc, pkt, &qel)) { /* Note that the following function enables us to unprotect the packet * number and its length subsequently used to decrypt the entire * packets. */ - if (!qc_do_rm_hp(pkt, &qel->tls_ctx, - qel->pktns->rx.largest_pn, pn, beg, end, ctx)) { - TRACE_PROTO("hp error", QUIC_EV_CONN_TRMHP, ctx ? ctx->qc : NULL); + if (!qc_do_rm_hp(qc, pkt, &qel->tls_ctx, + qel->pktns->rx.largest_pn, pn, beg, end)) { + TRACE_PROTO("hp error", QUIC_EV_CONN_TRMHP, qc); goto err; } @@ -3557,17 +3548,17 @@ static inline int qc_try_rm_hp(struct quic_rx_packet *pkt, /* If the packet number space has been discarded, this packet * will be not parsed. */ - TRACE_PROTO("Discarded pktns", QUIC_EV_CONN_TRMHP, ctx ? ctx->qc : NULL, pkt); + TRACE_PROTO("Discarded pktns", QUIC_EV_CONN_TRMHP, qc, pkt); goto out; } - TRACE_PROTO("hp not removed", QUIC_EV_CONN_TRMHP, ctx ? ctx->qc : NULL, pkt); + TRACE_PROTO("hp not removed", QUIC_EV_CONN_TRMHP, qc, pkt); pkt->pn_offset = pn - beg; MT_LIST_APPEND(&qel->rx.pqpkts, &pkt->list); quic_rx_packet_refinc(pkt); } else { - TRACE_PROTO("Unknown packet type", QUIC_EV_CONN_TRMHP, ctx ? ctx->qc : NULL); + TRACE_PROTO("Unknown packet type", QUIC_EV_CONN_TRMHP, qc); goto err; } @@ -3578,11 +3569,11 @@ static inline int qc_try_rm_hp(struct quic_rx_packet *pkt, pkt->data = (unsigned char *)b_tail(&qc->rx.buf); b_add(&qc->rx.buf, pkt->len); out: - TRACE_LEAVE(QUIC_EV_CONN_TRMHP, ctx ? ctx->qc : NULL, qpkt_trace); + TRACE_LEAVE(QUIC_EV_CONN_TRMHP, qc, qpkt_trace); return 1; err: - TRACE_DEVEL("leaving in error", QUIC_EV_CONN_TRMHP, ctx ? ctx->qc : NULL, qpkt_trace); + TRACE_DEVEL("leaving in error", QUIC_EV_CONN_TRMHP, qc, qpkt_trace); return 0; } @@ -3765,7 +3756,7 @@ static ssize_t qc_srv_pkt_rcv(unsigned char **buf, const unsigned char *end, } } - if (!qc_try_rm_hp(pkt, *buf, beg, end, qc, &qel, conn_ctx)) { + if (!qc_try_rm_hp(qc, pkt, *buf, beg, end, &qel)) { HA_RWLOCK_WRUNLOCK(QUIC_LOCK, &qc->rx.buf_rwlock); TRACE_PROTO("Packet dropped", QUIC_EV_CONN_SPKT, qc); goto err; @@ -4145,7 +4136,7 @@ static ssize_t qc_lstnr_pkt_rcv(unsigned char *buf, const unsigned char *end, } } - if (!qc_try_rm_hp(pkt, payload, beg, end, qc, &qel, conn_ctx)) { + if (!qc_try_rm_hp(qc, pkt, payload, beg, end, &qel)) { HA_RWLOCK_WRUNLOCK(QUIC_LOCK, &qc->rx.buf_rwlock); TRACE_PROTO("Packet dropped", QUIC_EV_CONN_LPKT, qc); goto err;