Commit Graph

17894 Commits

Author SHA1 Message Date
Frédéric Lécaille 01d515e013 BUG/MINOR: quic: Stop hardcoding Retry packet Version field
Use the same version as the one received. This is safe because the
version is treated before anything else sending a Version packet.

Must be backported to 2.6.
2022-06-16 14:56:24 +02:00
Amaury Denoyelle fa7fadca19 BUG/BUILD: h3: fix wrong label name
A pretty ugly mistake introduced recently with an invalid goto statement
which prevents QUIC compilation on haproxy.

This must be backported on 2.6 as a complement to
  60ef19f137
  BUG/MINOR: h3/qpack: deal with too many headers
2022-06-15 15:52:27 +02:00
Amaury Denoyelle c003f50122 MINOR: qpack: implement standalone decoder tool
Implement a standalone binary to be able to easily a hex-string QPACK
stream. The binary must be compiled via the Makefile. Hex-strings are
specified on stdin.
2022-06-15 15:42:10 +02:00
Amaury Denoyelle b666c6b26e MINOR: qpack: improve decoding function
Adjust decoding loop by using temporary ist for header name and value.
The header is inserted at the end of an iteration, which guarantee that
we do not insert name only in the list in case of an error on value
decoding. This also helps the function readability by centralizing the
LIST insert operation.

The return value of the decoding function is also changed. Now on
success the number of headers inserted in the input list is returned.
This change as no impact as success value is not used by the caller.
This is mainly done to have a behavior similar to hpack decoding
function.
2022-06-15 15:05:22 +02:00
Amaury Denoyelle 60ef19f137 BUG/MINOR: h3/qpack: deal with too many headers
ensures that we never insert too many entries in a headers input list.
On the decoding side, a new error QPACK_ERR_TOO_LARGE is reported in
this case.

This prevents crash if headers number on a H3 request or response is
superior to tune.http.maxhdr config value. Previously, a crash would
occur in QPACK decoding function.

Note that the process still crashes later with ABORT_NOW() because error
reporting on frame parsing is not implemented for now. It should be
treated with a RESET_STREAM frame in most cases.

This can be backported up to 2.6.
2022-06-15 15:05:08 +02:00
Amaury Denoyelle 28d3c2489f MINOR: qpack: add ABORT_NOW on unimplemented decoding
Post-base indices is not supported at the moment for decoding. This
should never be encountered as it is only used with a dynamic table.
However, haproxy deactivates support for the dynamic table via its
SETTINGS.

Use ABORT_NOW() if this situation happens anyway. This should help
debugging instead of silently failed without error reporting.
2022-06-15 14:56:05 +02:00
Amaury Denoyelle 4bcaf69dca BUG/MINOR: qpack: support header litteral name decoding
Complete QPACK decoding with full implementation of litteral field name
with litteral value representation. This change is mandatory to support
decoding of headers name not present in the QPACK static table.
Previously, these headers were silently ignored and not transferred on
the backend request.

QPACK decoding should now be sufficient to deal with all real
situations. Only post-base indices representation are not handled but
this should not cause a problem as they are only used for the dynamic
table whose size is null as announced by the haproxy implementation.

The direct impact of this change is that it should now be possible to
use complex webapp through a QUIC frontend.

This must be backported up to 2.6.
2022-06-15 14:54:51 +02:00
Amaury Denoyelle 53eef46b88 MINOR: qpack: reduce dependencies on other modules
Clean up QPACK decoder API by removing dependencies on ncbuf and
MUX-QUIC. This reduces includes statements. It will also help to
implement a standalone QPACK decoder.
2022-06-15 11:20:48 +02:00
Amaury Denoyelle c5d31ed8be MINOR: qpack: add comments and remove a useless trace
Add comments on the decoding function to facilitate code analysis.

Also remove the qpack_debug_hexdump() which prints the whole left buffer
on each header parsing. With large HEADERS frame payload, QPACK traces
are complicated to debug with this statement.
2022-06-15 11:20:42 +02:00
Willy Tarreau 0aa6f3e64b DOC: design: update the task vs thread affinity requirements
It looks like we'll need:
  - one share timers queue for the rare tasks that need to wake up
    anywhere
  - one private timers queue per thread
  - one global queue per group
  - one local queue per thread

And may be we can simply get rid of any global/shared run queue as
we don't seem to have any task bound to a subset of threads.
2022-06-14 16:16:22 +02:00
Willy Tarreau f5aef027ce OPTIM: task: do not consult shared WQ when we're already full
If we've stopped consulting the local wait queue due to too many tasks
(max_processed <= 0), there's no point starting to lock the shared WQ,
check the first task's expiration date, upgrading the lock just to
refrain from doing the work because of the limit. All this does is
increase contention on an already contended system.

Note that there is still a fairness issue in this WQ dequeuing code. If
each thread is busy with expired tasks, no thread will dequeue the global
ones. In practice it doesn't make much sense and should quickly resorb,
but it could be nice to have an alternating flag indicating where to
start from on next call to improve this.
2022-06-14 16:15:15 +02:00
Willy Tarreau 3ccb14d60d MINOR: thread: get rid of MAX_THREADS_MASK
This macro was used both for binding and for lookups. When binding tasks
or FDs, using all_threads_mask instead is better as it will later be per
group. For lookups, ~0UL always does the job. Thus in practice the macro
was already almost not used anymore since the rest of the code could run
fine with a constant of all ones there.
2022-06-14 11:18:40 +02:00
Willy Tarreau e35f03239d CLEANUP: hlua: check for at least 2 threads on a task
In 1.9-dev1, commit 5bc9972ed ("BUG/MINOR: lua/threads: Make lua's tasks
sticky to the current thread") to detect unconfigured Lua tasks that could
run on any thread, by comparing their thread mask with MAX_THREADS_MASK.
The proper way to do it is to check for at least 2 threads in their mask
in fact. This is more reliable and allows to get rid of MAX_THREADS_MASK
there.
2022-06-14 11:00:46 +02:00
Willy Tarreau 1a85a958dd MINOR: tinfo: remove the global thread ID bit (tid_bit)
Each thread has its own local thread id and its own global thread id,
in addition to the masks corresponding to each. Once the global thread
ID can go beyond 64 it will not be possible to have a global thread Id
bit anymore, so better start to remove it and use only the local one
from the struct thread_info.
2022-06-14 10:44:38 +02:00
Willy Tarreau 8716875ea4 CLEANUP: quic: use task_new_on() for single-threaded tasks
This simply replaces a call to task_new(1<<thr) with task_new_on(thr)
so that we can later isolate the changes required to add more thread
group stuff.
2022-06-14 10:38:03 +02:00
Willy Tarreau 680ed5f28b MINOR: task: move profiling bit to per-thread
Instead of having a global mask of all the profiled threads, let's have
one flag per thread in each thread's flags. They are never accessed more
than one at a time an are better located inside the threads' contexts for
both performance and scalability.
2022-06-14 10:38:03 +02:00
Amaury Denoyelle 040955fb39 BUG/MEDIUM: mux-quic: fix segfault on flow-control frame cleanup
LIST_ELEM macro was incorrectly used in the loop when purging
flow-control frames from qcc.lfctl.frms on MUX release. This caused a
segfault in qc_release() due to an invalid quic_frame pointer instance.

The occurence of this bug seems fairly rare. To happen, some
flow-control frames must have been allocated but not yet sent just as
the MUX release is triggered.

I did not find a reproducer scenario. Instead, I artificially triggered
it by inserting a quic_frame in qcc.lfctl.frms just before purging it in
qc_release() using the following snippet.

        struct quic_frame *frm;
        frm = pool_zalloc(pool_head_quic_frame);
        LIST_INIT(&frm->reflist);
        frm->type = QUIC_FT_MAX_DATA;
        frm->max_data.max_data = 0;
        LIST_APPEND(&qcc->lfctl.frms, &frm->list);

This should fix github issue #1747.

This must be backported up to 2.6.
2022-06-13 14:43:00 +02:00
Christopher Faulet 4167e05002 BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing
The CLI applet process one request after another. Thus, when several
requests are pipelined, it is important to notify it won't consume remaining
outgoing data while it is processing a request. Otherwise, the applet may be
woken up in loop. For instance, it may happen with the HTTP client while we
are waiting for the server response if a shutr is received.

This patch must be backported in all supported versions after an observation
period. But a massive refactoring was performed in 2.6. So, for the 2.5 and
below, the patch will have to be adapted. Note also that, AFAIK, the bug can
only be triggered by the HTTP client for now.
2022-06-13 14:33:30 +02:00
Christopher Faulet 04f03e15c3 BUG/MEDIUM: stconn: Don't wakeup applet for send if it won't consume data
in .chk_snd applet callback function, we must not wake up an applet if
SE_FL_WONT_CONSUME flag is set. Indeed, if an applet explicitly specify it
will not consume any outgoing data, it is useless to wake it up when more
data are sent. Note the applet may still be woken up for another reason. In
this case SE_FL_WONT_CONSUME flag will be removed. It is the applet
responsibility to set it again, if necessary.

This patch must be backported to 2.6 after an observation period. On earlier
versions, the bug probably exists too. However, because a massive
refactoring was performed in 2.6, the patch will have to be adapted and
carefully reviewed/tested if it is backported..
2022-06-13 14:26:13 +02:00
Christopher Faulet e4b4019280 CLEANUP: check: Remove useless tests on check's stream-connector
Since the conn-stream refactoring, from the time the health-check is in
progress, its stream-connector is always defined. So, some tests on it are
useless and can be removed.

This patch should fix the issue #1739.
2022-06-13 08:04:10 +02:00
Christopher Faulet d1c6cfe45a BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration
When a TCP content ruleset is evaluated, we stop waiting for more data if
the inspect-delay is reached, if there is a read error or if we know no more
data will be received. This last point is only valid for ACLs. An action may
decide to yield for another reason. For instance, in the SPOE, the
"send-spoe-group" action yields while the agent response is not
received. Thus, now, an action call is final only when the inspect-delay is
reached or if there is a read error. But it is possible for an action to
yield if the buffer is full or if CF_EOI flag is set.

This patch could be backported to all supported versions.
2022-06-13 08:04:10 +02:00
Amaury Denoyelle 43c090c1ed BUG/MINOR: mux-quic: fix memleak on frames rejected by transport
When the MUX transfers a big amount of data to the client, the transport
layer may reject some of them because of the congestion controller
limit. Frames built by the MUX are thus dropped, even if streams transferred
data are kept in buffers for future new frames.

Thus, the MUX is required to free rejected frames. This fixes a memory
leak which may grow with important data transfers.

It should be backported to 2.6 after it has been tested and validated.
2022-06-10 17:59:06 +02:00
Amaury Denoyelle 78fa559679 MINOR: mux-quic: complete BUG_ON on TX flow-control enforcing
TX flow-control enforcing is not straightforward : it requires the usage
of several counters at stream and connection level, in part due to the
difficult sending API between MUX and quic-conn layers.

To strengthen this part and ensures it behaves as expected, some
existing BUG_ON statements were adjusted and new one were added. This
should help to catch errors as early as possible, as in the case with
github issue #1738.
2022-06-10 17:40:42 +02:00
Amaury Denoyelle b9e0640405 BUG/MEDIUM: mux-quic: fix flow control connection Tx level
The flow control enforced at connection level is incorrectly calculated.
There is a risk of exceeding the limit. In most cases, this results in a
segfault produced by a BUG_ON which is here to catch this kind of error.
If not compiled with DEBUG_STRICT, this should generate a connection
closed by the client due to the flow control overflow.

The problem is encountered when transfered payload is big enough to fill
the transport congestion window. In this case, some data are rejected by
the transport layer and kept by the MUX to be reemitted later. However,
these preserved data are not counted on the connection flow control when
resubmitted, which gradually amplify the gap between expected and real
consumed flow control.

To fix this, handle the flow-control at the connection level in the same
way as the stream level. A new field qcc.tx.offsets is incremented as
soon as data are transfered between stream TX buffers. The field
qcc.tx.sent_offsets is preserved to count bytes handled by the transport
layer and stop the MUX transfer if limit is reached.

As already stated, this bug can occur during transfers with enough
emitted data, over multiple streams. When using a single stream, the
flow control at the stream level hides it.

The BUG_ON crash is reproduced systematically with quiche client :
$ quiche-client --no-verify --http-version HTTP/3 -n 10000 https://127.0.0.1:20443/10K

This must be backported up to 2.6 when confirmed to work as expected.

This should fix github issue #1738.
2022-06-10 17:30:41 +02:00
Willy Tarreau 1424774207 DOC: design: update the notes on thread groups
Some (few) elements were already done, others were clarified and worth
mentionning.
2022-06-10 16:10:04 +02:00
Willy Tarreau c6b7a97e54 BUG/MINOR: cli/stats: add missing trailing LF after "show info json"
This is the continuation of commit 5a0e7ca5d ("BUG/MINOR: cli/stats: add
missing trailing LF after JSON outputs"). There's also a "show info json"
command which was also missing the trailing LF. It's constructed exactly
like the "show stat json", in that it dumps a series of fields without any
LF. The difference however is that for the stats output, everything was
enclosed in an array which required an LF *after* the closing bracket,
while here there's no such array so we have to emit the LF after the loop.
That makes the two functions a bit inconsistent, it's quite annoying, but
making them better would require sending one LF per line in the stats
output, which is not particularly interesting.

Given that it took 5+ years to spot that this code wasn't working as
expected it doesn't seem worth investing much time trying to refactor
it to make it look cleaner at the risk of breaking other obscure parts.
2022-06-10 15:12:21 +02:00
Willy Tarreau 9b46fb4cca BUG/MINOR: server: do not enable DNS resolution on disabled proxies
Leonhard Wimmer reported an interesting bug in github issue #1742.
Servers in disabled proxies that are configured for resolution are still
subscribed to DNS resolutions, but the LB algos are not initialized at
all since the proxy is disabled, so when the server state changes,
attempts to update its status cause a crash when the server's weight
is recalculated via a divide by the proxy's total weight which is zero.

This should be backported to all versions. Beware that before 2.5 or
so, there's no PR_FL_DISABLED flag, instead px->disabled should be
used (2.3-2.4) or PR_STSTOPPED for older versions.

Thanks to Leonhard for his report and quick test!
2022-06-10 11:17:27 +02:00
Willy Tarreau 5a0e7ca5d0 BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs
Patrick Hemmer reported that we have a bug in the CLI commands
"show stat json" and "show schema json" in that they forget the trailing
LF that's required to mark the end of the response. This has been the
case since the introduction of the feature in 1.8-dev1 by commit 6f6bb380e
("MEDIUM: stats: Add show json schema"), so this fix may be backported to
all versions.
2022-06-10 09:23:44 +02:00
Amaury Denoyelle 3a2fcfd58d BUG/MEDIUM: h3: fix SETTINGS parsing
Function used to parse SETTINGS frame is incorrect as it does not stop
at the frame length but continue to parse beyond it. In most cases, it
will result in a connection closed with error H3_FRAME_ERROR.

This bug can be reproduced with clients that sent more than just a
SETTINGS frame on the H3 control stream. This is notably the case with
aioquic which emit a MAX_PUSH_ID after SETTINGS.

This bug has been introduced in the current dev release, by the
following patch
  62eef85961
  MINOR: mux-quic: simplify decode_qcs API
thus, it does not need to be backported.
2022-06-09 14:34:43 +02:00
Amaury Denoyelle c715eb7898 BUG/MINOR: h3: fix frame type definition
Frame type has changed during HTTP/3 specification process. Adjust it to
reflect the latest RFC 9114 status.

Concretly, type for GOAWAY and MAX_PUSH_ID frames has been adjusted.
The impact of this bug is limited as currently these frames are not
handled by haproxy and are ignored.

This can be backported up to 2.6.
2022-06-09 14:34:43 +02:00
Glenn Strauss 0012f899dd OPTIM: mux-h2: increase h2_settings_initial_window_size default to 64k
This changes the default from RFC 7540's default 65535 (64k-1) to avoid
avoid some degenerative WINDOW_UPDATE behaviors in the wild observed with
clients using 65536 as their buffer size, and have to complete each block
with a 1-byte frame, which with some servers tend to degenerate in 1-byte
WU causing more 1-byte frames to be sent until the transfer almost only
uses 1-byte frames.

More details here: https://github.com/nghttp2/nghttp2/issues/1722

As mentioned in previous commit (MEDIUM: mux-h2: try to coalesce outgoing
WINDOW_UPDATE frames) the issue could not be reproduced with haproxy but
individual WU frames are sent so theoretically nothing prevents this from
happening. As such it should be backported as a workaround for already
deployed clients after watching for any possible side effect with rare
clients. As an added benefit, uploads from curl now use less DATA frames
(all are 16384 now). Note that the previous patch alone is sufficient to
stop the issue with curl in case this one would need to be reverted.

[wt: edited commit messaged, updated doc]
2022-06-09 09:28:21 +02:00
Willy Tarreau 617592c9eb MEDIUM: mux-h2: try to coalesce outgoing WINDOW_UPDATE frames
Glenn Strauss from Lighttpd reported a corner case affecting curl+lighttpd
that causes some uploads to degenerate to extremely suboptimal conditions
under certain circumstances, and noted that many other implementations
were possibly not safe against this degradation.

Glenn's detailed analysis is available here:

   https://github.com/nghttp2/nghttp2/issues/1722

In short, curl uses a 65536 bytes buffer and the default stream window
is 65535, with 16384 bytes per frame. Curl will then send 3 frames of
16384 bytes followed by one of 16383, will wait for a window update to
send the last byte before recycling the buffer to read the next 64kB.
On each round like this, one extra single-byte frame will be sent, and
if ACKs for these single-byte frames are not aggregated, this will only
allow the client to send one extra byte at a time. At some point it is
possible (at least Glenn observed it) to have mostly 1-byte frames in
the transfer, resulting in huge CPU usage and a long transfer.

It was not possible to reproduce this with haproxy, even when playing
with frame sizes, buffer sizes nor window sizes. One reason seems to
be that we're using the same buffer size for the connection and the
stream and that the frame headers prevent the filling of the window
from happening on the same boundaries as on the sender. However it
does occasionally happen to see up to two 1-byte data frames in a row,
indicating that there's definitely room for improvement.

The WINDOW_UPDATE frames for the connection are sent at the end of the
demuxing, but the ones for the streams are currently sent immediately
after a DATA frame is processed, mostly for convenience. But we don't
need to proceed like this, we already have the counter of unacked bytes
in rcvd_s, so we can simply use that to decide when to send an ACK. It
must just be done before processing a new frame. The benefit is that
contiguous frames for the same stream will now only produce a single
WU, like for the connection. On complicated tests involving a client
that was limited to 100 Mbps transfers and a dummy Lua-based payload
consumer, it was possible to see the number of stream WU frames being
halved for a 100 MB transfer, which is already a nice saving anyway.

Glenn proposed a better workaround consisting in increasing the
default window size to 65536. This will be done in a separate patch
so that both can be studied independently in field and backported as
needed.

This patch is not much complicated and shold be backportable. It just
needs to be tested in development first.
2022-06-09 09:28:21 +02:00
Amaury Denoyelle 1cd43aa194 BUG/MINOR: h3: fix incorrect BUG_ON assert on SETTINGS parsing
BUG_ON() assertion to check for incomplete SETTINGS frame is incorrect.
It should check if frame length is greater, not smaller, than current
buffer data. Anyway, this BUG_ON() is useless as h3_decode_qcs()
prevents parsing of an incomplete frame, except for H3 DATA. Remove it
to fix this bug.

This bug was introduced in the current dev tree by commit
  commit 62eef85961
  MINOR: mux-quic: simplify decode_qcs API
Thus it does not need to be backported.

This fixes crashes which happen with DEBUG_STRICT=2. Most notably, this
is reproducible with clients that emit more than just a SETTINGS frame
on the H3 control stream. It can be reproduced with aioquic for example.
2022-06-08 18:26:06 +02:00
Christopher Faulet af936762d0 REGTESTS: healthcheckmail: Relax health-check failure condition
The info field in the log message may change. For instance, on FreeBSD, a
"broken pipe" is reported. Thus, the expected log message must be more
generic.
2022-06-08 16:58:07 +02:00
Christopher Faulet 52912579ee REGTESTS: healthcheckmail: Update the test to be functionnal again
This reg-test is broken since a while. It was simplified to be
functionnal. Now, it only test email alerts.
2022-06-08 15:28:38 +02:00
Christopher Faulet 58e3501910 BUG/MEDIUM: mailers: Set the object type for check attached to an email alert
The health-check attached to an email alert has no type. It is unexpected,
and since the 2.6, it is important because we rely on it to know the
application type in front of a connection at the stream-connector
level. Because the object type is not set, the SE descriptor is not properly
initialized, leading to a segfault when a connection to the SMTP server is
established.

This patch must be backported to 2.6 and may be backported as far as
2.0. However, it is only an issue for the 2.6 and upper.
2022-06-08 15:28:38 +02:00
Christopher Faulet 4f1825c5db BUG/MINOR: checks: Properly handle email alerts in trace messages
There is no server for email alerts. So the trace messages must be adapted
to handle this case. Information related to the server are now skipped for
email alerts and "[EMAIL]" prefix is used.

This patch must be backported as far as 2.4.
2022-06-08 15:28:38 +02:00
Christopher Faulet e3b2574796 BUG/MINOR: trace: Test server existence for health-checks to get proxy
Email alerts are based on health-checks but with no server. Thus, in
__trace() function, responsible to write a trace message, we must be
prepared to have no server and thus no proxy.

This patch must be backported as far as 2.4.
2022-06-08 15:28:38 +02:00
Willy Tarreau 2d7cd3e4ca DEV: tcploop: add minimal UDP support
Passing "-u" turns to SOCK_DGRAM + IPPROTO_UDP, which still allows
bind/connect()/recv()/send() and can be convenient for experimentation
purposes.
2022-06-08 14:42:15 +02:00
Willy Tarreau d493331d47 DEV: tcploop: add a new "bind" command to bind to ip/port.
The Listen command automatically relies on it (without passing its
argument), and both Listen and Connect now support working with the
existing socket, so that it's possible to Bind an ip:port on an
existing socket or to create a new one for the purpose of listening
or connecting. It now becomes possible to do:

   tcploop 0 L1234 C8888

to connect from port 1234 to port 8888.
2022-06-08 14:42:15 +02:00
Willy Tarreau cb284c7a62 DEV: tcploop: permit port 0 to ease handling of default options
This will also be convenient when binding to an IP and no port.
2022-06-08 14:42:15 +02:00
Willy Tarreau ff13dadaa5 DEV: tcploop: factor out the socket creation
This will later permit to separately bind() before connect(). Let's
first deal with existing sockets.
2022-06-08 14:42:15 +02:00
Willy Tarreau 542bf0a7bb DEV: tcploop: make it possible to change the target address of a connect()
Sometimes it's more convenient to be able to specify where to connect on
the connect() statement, let's make it possible to pass it in argument to
the C command.
2022-06-08 14:42:15 +02:00
Willy Tarreau 7184ca23c6 DEV: tcploop: make the current address the default address
It's difficult to refine bind/connect right now, let's make the address
optionall by turning it to the default one.
2022-06-08 14:42:15 +02:00
Willy Tarreau 98028c8d0a DEV: tcploop: reorder options in the usage message
Options have become difficult to find, let's reorder them alphabetically.
2022-06-08 14:42:15 +02:00
Willy Tarreau 7d318ed8cc BUILD: compiler: implement unreachable for older compilers too
Benoit Dolez reported that gcc-4.4 emits several "may be used
uninitialized" warnings around places where there are BUG_ON()
or ABORT_NOW(). The reason is that __builtin_unreachable() was
introduced in gcc-4.5 thus older ones do not know that the code
after such statements is not reachable.

This patch solves the problem by deplacing the statement with
an infinite loop on older versions. The compiler knows that the
code following it cannot be reached, and this is quite cheap
(2 to 4 bytes depending on architectures). It even reduces the
code size a little bit as the compiler doesn't have to optimize
for branches that do not exist.

This may be backported to older versions.
2022-06-08 12:17:22 +02:00
Benoit DOLEZ 69e3f05b15 BUILD: quic: fix anonymous union for gcc-4.4
Building QUIC with gcc-4.4 on el6 shows this error:

src/xprt_quic.c: In function 'qc_release_lost_pkts':
src/xprt_quic.c:1905: error: unknown field 'loss' specified in initializer
compilation terminated due to -Wfatal-errors.
make: *** [src/xprt_quic.o] Error 1
make: *** Waiting for unfinished jobs....

Initializing an anonymous form of union like :
     struct quic_cc_event ev = {
          (...)
          .loss.time_sent = newest_lost->time_sent,
          (...)
     };

generates an error with gcc-4.4 but not when initializing the
fields outside of the declaration.
2022-06-08 11:24:36 +02:00
Amaury Denoyelle dca4c53a95 BUG/MINOR: h3: fix return value on decode_qcs on error
Convert return code to -1 when an error has been detected. This is
required since the previous API change on return value from the patch :

  1f21ebdd76
  MINOR: mux-quic/h3: adjust demuxing function return values

Without this, QUIC MUX won't consider the call as an error and will try
to remove one byte from the buffer. This may cause a BUG_ON failure if
the buffer is empty at this stage.

This bug was introduced in the current dev tree. Does not need to be
backported.
2022-06-07 18:26:46 +02:00
Amaury Denoyelle 1f21ebdd76 MINOR: mux-quic/h3: adjust demuxing function return values
Clean the API used by decode_qcs() and transcoder internal functions.
Parsing functions now returns a ssize_t which represents the number of
consumed bytes or a negative error code. The total consumed bytes is
returned via decode_qcs().

The API is now unified and cleaner. The MUX can thus simply use the
return value of decode_qcs() instead of substracting the data bytes in
the buffer before and after the call. Transcoders functions are not
anymore obliged to remove consumed bytes from the buffer which was not
obvious.
2022-06-07 18:15:47 +02:00
Amaury Denoyelle 62eef85961 MINOR: mux-quic: simplify decode_qcs API
Slightly modify decode_qcs function used by transcoders. The MUX now
gives a buffer instance on which each transcoder is free to work on it.
At the return of the function, the MUX removes consume data from its own
buffer.

This reduces the number of invocation to qcs_consume at the end of a
full demuxing process. The API is also cleaner with the transcoders not
responsible of calling it with the risk of having the input buffer
freed if empty.
2022-06-07 18:15:47 +02:00