1 /* 2 * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include "internal/packet_quic.h" 11 #include "internal/nelem.h" 12 #include "internal/quic_wire.h" 13 #include "internal/quic_record_rx.h" 14 #include "internal/quic_ackm.h" 15 #include "internal/quic_rx_depack.h" 16 #include "internal/quic_error.h" 17 #include "internal/quic_fc.h" 18 #include "internal/quic_channel.h" 19 #include "internal/sockets.h" 20 21 #include "quic_local.h" 22 #include "quic_channel_local.h" 23 #include "../ssl_local.h" 24 25 /* 26 * Helper functions to process different frame types. 27 * 28 * Typically, those that are ACK eliciting will take an OSSL_ACKM_RX_PKT 29 * pointer argument, the few that aren't ACK eliciting will not. This makes 30 * them a verifiable pattern against tables where this is specified. 31 */ 32 static int depack_do_implicit_stream_create(QUIC_CHANNEL *ch, 33 uint64_t stream_id, 34 uint64_t frame_type, 35 QUIC_STREAM **result); 36 37 static int depack_do_frame_padding(PACKET *pkt) 38 { 39 /* We ignore this frame */ 40 ossl_quic_wire_decode_padding(pkt); 41 return 1; 42 } 43 44 static int depack_do_frame_ping(PACKET *pkt, QUIC_CHANNEL *ch, 45 uint32_t enc_level, 46 OSSL_ACKM_RX_PKT *ackm_data) 47 { 48 /* We ignore this frame, apart from eliciting an ACK */ 49 if (!ossl_quic_wire_decode_frame_ping(pkt)) { 50 ossl_quic_channel_raise_protocol_error(ch, 51 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 52 OSSL_QUIC_FRAME_TYPE_PING, 53 "decode error"); 54 return 0; 55 } 56 57 ossl_quic_tx_packetiser_schedule_ack_eliciting(ch->txp, enc_level); 58 return 1; 59 } 60 61 static int depack_do_frame_ack(PACKET *pkt, QUIC_CHANNEL *ch, 62 int packet_space, OSSL_TIME received, 63 uint64_t frame_type, 64 OSSL_QRX_PKT *qpacket) 65 { 66 OSSL_QUIC_FRAME_ACK ack; 67 OSSL_QUIC_ACK_RANGE *p; 68 uint64_t total_ranges = 0; 69 uint32_t ack_delay_exp = ch->rx_ack_delay_exp; 70 71 if (!ossl_quic_wire_peek_frame_ack_num_ranges(pkt, &total_ranges) 72 /* In case sizeof(uint64_t) > sizeof(size_t) */ 73 || total_ranges > SIZE_MAX / sizeof(OSSL_QUIC_ACK_RANGE)) 74 goto malformed; 75 76 if (ch->num_ack_range_scratch < (size_t)total_ranges) { 77 if ((p = OPENSSL_realloc(ch->ack_range_scratch, 78 sizeof(OSSL_QUIC_ACK_RANGE) 79 * (size_t)total_ranges)) == NULL) 80 goto malformed; 81 82 ch->ack_range_scratch = p; 83 ch->num_ack_range_scratch = (size_t)total_ranges; 84 } 85 86 ack.ack_ranges = ch->ack_range_scratch; 87 ack.num_ack_ranges = (size_t)total_ranges; 88 89 if (!ossl_quic_wire_decode_frame_ack(pkt, ack_delay_exp, &ack, NULL)) 90 goto malformed; 91 92 if (qpacket->hdr->type == QUIC_PKT_TYPE_1RTT 93 && (qpacket->key_epoch < ossl_qrx_get_key_epoch(ch->qrx) 94 || ch->rxku_expected) 95 && ack.ack_ranges[0].end >= ch->txku_pn) { 96 /* 97 * RFC 9001 s. 6.2: An endpoint that receives an acknowledgment that is 98 * carried in a packet protected with old keys where any acknowledged 99 * packet was protected with newer keys MAY treat that as a connection 100 * error of type KEY_UPDATE_ERROR. 101 * 102 * Two cases to handle here: 103 * 104 * - We did spontaneous TXKU, the peer has responded in kind and we 105 * have detected RXKU; !ch->rxku_expected, but then it sent a packet 106 * with old keys acknowledging a packet in the new key epoch. 107 * 108 * This also covers the case where we got RXKU and triggered 109 * solicited TXKU, and then for some reason the peer sent an ACK of 110 * a PN in our new TX key epoch with old keys. 111 * 112 * - We did spontaneous TXKU; ch->txku_pn is the starting PN of our 113 * new TX key epoch; the peer has not initiated a solicited TXKU in 114 * response (so we have not detected RXKU); in this case the RX key 115 * epoch has not incremented and ch->rxku_expected is still 1. 116 */ 117 ossl_quic_channel_raise_protocol_error(ch, 118 OSSL_QUIC_ERR_KEY_UPDATE_ERROR, 119 frame_type, 120 "acked packet which initiated a " 121 "key update without a " 122 "corresponding key update"); 123 return 0; 124 } 125 126 if (!ossl_ackm_on_rx_ack_frame(ch->ackm, &ack, 127 packet_space, received)) 128 goto malformed; 129 130 ++ch->diag_num_rx_ack; 131 return 1; 132 133 malformed: 134 ossl_quic_channel_raise_protocol_error(ch, 135 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 136 frame_type, 137 "decode error"); 138 return 0; 139 } 140 141 static int depack_do_frame_reset_stream(PACKET *pkt, 142 QUIC_CHANNEL *ch, 143 OSSL_ACKM_RX_PKT *ackm_data) 144 { 145 OSSL_QUIC_FRAME_RESET_STREAM frame_data; 146 QUIC_STREAM *stream = NULL; 147 uint64_t fce; 148 149 if (!ossl_quic_wire_decode_frame_reset_stream(pkt, &frame_data)) { 150 ossl_quic_channel_raise_protocol_error(ch, 151 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 152 OSSL_QUIC_FRAME_TYPE_RESET_STREAM, 153 "decode error"); 154 return 0; 155 } 156 157 if (!depack_do_implicit_stream_create(ch, frame_data.stream_id, 158 OSSL_QUIC_FRAME_TYPE_RESET_STREAM, 159 &stream)) 160 return 0; /* error already raised for us */ 161 162 if (stream == NULL) 163 return 1; /* old deleted stream, not a protocol violation, ignore */ 164 165 if (!ossl_quic_stream_has_recv(stream)) { 166 ossl_quic_channel_raise_protocol_error(ch, 167 OSSL_QUIC_ERR_STREAM_STATE_ERROR, 168 OSSL_QUIC_FRAME_TYPE_RESET_STREAM, 169 "RESET_STREAM frame for " 170 "TX only stream"); 171 return 0; 172 } 173 174 /* 175 * The final size field of the RESET_STREAM frame must be used to determine 176 * how much flow control credit the aborted stream was considered to have 177 * consumed. 178 * 179 * We also need to ensure that if we already have a final size for the 180 * stream, the RESET_STREAM frame's Final Size field matches this; we SHOULD 181 * terminate the connection otherwise (RFC 9000 s. 4.5). The RXFC takes care 182 * of this for us. 183 */ 184 if (!ossl_quic_rxfc_on_rx_stream_frame(&stream->rxfc, 185 frame_data.final_size, /*is_fin=*/1)) { 186 ossl_quic_channel_raise_protocol_error(ch, 187 OSSL_QUIC_ERR_INTERNAL_ERROR, 188 OSSL_QUIC_FRAME_TYPE_RESET_STREAM, 189 "internal error (flow control)"); 190 return 0; 191 } 192 193 /* Has a flow control error occurred? */ 194 fce = ossl_quic_rxfc_get_error(&stream->rxfc, 0); 195 if (fce != OSSL_QUIC_ERR_NO_ERROR) { 196 ossl_quic_channel_raise_protocol_error(ch, 197 fce, 198 OSSL_QUIC_FRAME_TYPE_RESET_STREAM, 199 "flow control violation"); 200 return 0; 201 } 202 203 /* 204 * Depending on the receive part state this is handled either as a reset 205 * transition or a no-op (e.g. if a reset has already been received before, 206 * or the application already retired a FIN). Best effort - there are no 207 * protocol error conditions we need to check for here. 208 */ 209 ossl_quic_stream_map_notify_reset_recv_part(&ch->qsm, stream, 210 frame_data.app_error_code, 211 frame_data.final_size); 212 213 ossl_quic_stream_map_update_state(&ch->qsm, stream); 214 return 1; 215 } 216 217 static int depack_do_frame_stop_sending(PACKET *pkt, 218 QUIC_CHANNEL *ch, 219 OSSL_ACKM_RX_PKT *ackm_data) 220 { 221 OSSL_QUIC_FRAME_STOP_SENDING frame_data; 222 QUIC_STREAM *stream = NULL; 223 224 if (!ossl_quic_wire_decode_frame_stop_sending(pkt, &frame_data)) { 225 ossl_quic_channel_raise_protocol_error(ch, 226 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 227 OSSL_QUIC_FRAME_TYPE_STOP_SENDING, 228 "decode error"); 229 return 0; 230 } 231 232 if (!depack_do_implicit_stream_create(ch, frame_data.stream_id, 233 OSSL_QUIC_FRAME_TYPE_STOP_SENDING, 234 &stream)) 235 return 0; /* error already raised for us */ 236 237 if (stream == NULL) 238 return 1; /* old deleted stream, not a protocol violation, ignore */ 239 240 if (!ossl_quic_stream_has_send(stream)) { 241 ossl_quic_channel_raise_protocol_error(ch, 242 OSSL_QUIC_ERR_STREAM_STATE_ERROR, 243 OSSL_QUIC_FRAME_TYPE_STOP_SENDING, 244 "STOP_SENDING frame for " 245 "RX only stream"); 246 return 0; 247 } 248 249 stream->peer_stop_sending = 1; 250 stream->peer_stop_sending_aec = frame_data.app_error_code; 251 252 /* 253 * RFC 9000 s. 3.5: Receiving a STOP_SENDING frame means we must respond in 254 * turn with a RESET_STREAM frame for the same part of the stream. The other 255 * part is unaffected. 256 */ 257 ossl_quic_stream_map_reset_stream_send_part(&ch->qsm, stream, 258 frame_data.app_error_code); 259 return 1; 260 } 261 262 static int depack_do_frame_crypto(PACKET *pkt, QUIC_CHANNEL *ch, 263 OSSL_QRX_PKT *parent_pkt, 264 OSSL_ACKM_RX_PKT *ackm_data, 265 uint64_t *datalen) 266 { 267 OSSL_QUIC_FRAME_CRYPTO f; 268 QUIC_RSTREAM *rstream; 269 QUIC_RXFC *rxfc; 270 271 *datalen = 0; 272 273 if (!ossl_quic_wire_decode_frame_crypto(pkt, 0, &f)) { 274 ossl_quic_channel_raise_protocol_error(ch, 275 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 276 OSSL_QUIC_FRAME_TYPE_CRYPTO, 277 "decode error"); 278 return 0; 279 } 280 281 if (f.len == 0) 282 return 1; /* nothing to do */ 283 284 rstream = ch->crypto_recv[ackm_data->pkt_space]; 285 if (!ossl_assert(rstream != NULL)) 286 /* 287 * This should not happen; we should only have a NULL stream here if 288 * the EL has been discarded, and if the EL has been discarded we 289 * shouldn't be here. 290 */ 291 return 0; 292 293 rxfc = &ch->crypto_rxfc[ackm_data->pkt_space]; 294 295 if (!ossl_quic_rxfc_on_rx_stream_frame(rxfc, f.offset + f.len, 296 /*is_fin=*/0)) { 297 ossl_quic_channel_raise_protocol_error(ch, 298 OSSL_QUIC_ERR_INTERNAL_ERROR, 299 OSSL_QUIC_FRAME_TYPE_CRYPTO, 300 "internal error (crypto RXFC)"); 301 return 0; 302 } 303 304 if (ossl_quic_rxfc_get_error(rxfc, 0) != OSSL_QUIC_ERR_NO_ERROR) { 305 ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED, 306 OSSL_QUIC_FRAME_TYPE_CRYPTO, 307 "exceeded maximum crypto buffer"); 308 return 0; 309 } 310 311 if (!ossl_quic_rstream_queue_data(rstream, parent_pkt, 312 f.offset, f.data, f.len, 0)) { 313 ossl_quic_channel_raise_protocol_error(ch, 314 OSSL_QUIC_ERR_INTERNAL_ERROR, 315 OSSL_QUIC_FRAME_TYPE_CRYPTO, 316 "internal error (rstream queue)"); 317 return 0; 318 } 319 320 ch->did_crypto_frame = 1; 321 *datalen = f.len; 322 323 return 1; 324 } 325 326 static int depack_do_frame_new_token(PACKET *pkt, QUIC_CHANNEL *ch, 327 OSSL_ACKM_RX_PKT *ackm_data) 328 { 329 const uint8_t *token; 330 size_t token_len; 331 332 if (!ossl_quic_wire_decode_frame_new_token(pkt, &token, &token_len)) { 333 ossl_quic_channel_raise_protocol_error(ch, 334 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 335 OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, 336 "decode error"); 337 return 0; 338 } 339 340 if (token_len == 0) { 341 /* 342 * RFC 9000 s. 19.7: "A client MUST treat receipt of a NEW_TOKEN frame 343 * with an empty Token field as a connection error of type 344 * FRAME_ENCODING_ERROR." 345 */ 346 ossl_quic_channel_raise_protocol_error(ch, 347 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 348 OSSL_QUIC_FRAME_TYPE_NEW_TOKEN, 349 "zero-length NEW_TOKEN"); 350 return 0; 351 } 352 353 /* store the new token in our token cache */ 354 if (!ossl_quic_set_peer_token(ossl_quic_port_get_channel_ctx(ch->port), 355 &ch->cur_peer_addr, token, token_len)) 356 return 0; 357 358 return 1; 359 } 360 361 /* 362 * Returns 1 if no protocol violation has occurred. In this case *result will be 363 * non-NULL unless this is an old deleted stream and we should ignore the frame 364 * causing this function to be called. Returns 0 on protocol violation. 365 */ 366 static int depack_do_implicit_stream_create(QUIC_CHANNEL *ch, 367 uint64_t stream_id, 368 uint64_t frame_type, 369 QUIC_STREAM **result) 370 { 371 QUIC_STREAM *stream; 372 uint64_t peer_role, stream_ordinal; 373 uint64_t *p_next_ordinal_local, *p_next_ordinal_remote; 374 QUIC_RXFC *max_streams_fc; 375 int is_uni, is_remote_init; 376 377 stream = ossl_quic_stream_map_get_by_id(&ch->qsm, stream_id); 378 if (stream != NULL) { 379 *result = stream; 380 return 1; 381 } 382 383 /* 384 * If we do not yet have a stream with the given ID, there are three 385 * possibilities: 386 * 387 * (a) The stream ID is for a remotely-created stream and the peer 388 * is creating a stream. 389 * 390 * (b) The stream ID is for a locally-created stream which has 391 * previously been deleted. 392 * 393 * (c) The stream ID is for a locally-created stream which does 394 * not exist yet. This is a protocol violation and we must 395 * terminate the connection in this case. 396 * 397 * We distinguish between (b) and (c) using the stream ID allocator 398 * variable. Since stream ordinals are allocated monotonically, we 399 * simply determine if the stream ordinal is in the future. 400 */ 401 peer_role = ch->is_server 402 ? QUIC_STREAM_INITIATOR_CLIENT 403 : QUIC_STREAM_INITIATOR_SERVER; 404 405 is_remote_init = ((stream_id & QUIC_STREAM_INITIATOR_MASK) == peer_role); 406 is_uni = ((stream_id & QUIC_STREAM_DIR_MASK) == QUIC_STREAM_DIR_UNI); 407 408 stream_ordinal = stream_id >> 2; 409 410 if (is_remote_init) { 411 /* 412 * Peer-created stream which does not yet exist. Create it. QUIC stream 413 * ordinals within a given stream type MUST be used in sequence and 414 * receiving a STREAM frame for ordinal n must implicitly create streams 415 * with ordinals [0, n) within that stream type even if no explicit 416 * STREAM frames are received for those ordinals. 417 */ 418 p_next_ordinal_remote = is_uni 419 ? &ch->next_remote_stream_ordinal_uni 420 : &ch->next_remote_stream_ordinal_bidi; 421 422 /* Check this isn't violating stream count flow control. */ 423 max_streams_fc = is_uni 424 ? &ch->max_streams_uni_rxfc 425 : &ch->max_streams_bidi_rxfc; 426 427 if (!ossl_quic_rxfc_on_rx_stream_frame(max_streams_fc, 428 stream_ordinal + 1, 429 /*is_fin=*/0)) { 430 ossl_quic_channel_raise_protocol_error(ch, 431 OSSL_QUIC_ERR_INTERNAL_ERROR, 432 frame_type, 433 "internal error (stream count RXFC)"); 434 return 0; 435 } 436 437 if (ossl_quic_rxfc_get_error(max_streams_fc, 0) != OSSL_QUIC_ERR_NO_ERROR) { 438 ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_STREAM_LIMIT_ERROR, 439 frame_type, 440 "exceeded maximum allowed streams"); 441 return 0; 442 } 443 444 /* 445 * Create the named stream and any streams coming before it yet to be 446 * created. 447 */ 448 while (*p_next_ordinal_remote <= stream_ordinal) { 449 uint64_t cur_stream_id = (*p_next_ordinal_remote << 2) | 450 (stream_id 451 & (QUIC_STREAM_DIR_MASK | QUIC_STREAM_INITIATOR_MASK)); 452 453 stream = ossl_quic_channel_new_stream_remote(ch, cur_stream_id); 454 if (stream == NULL) { 455 ossl_quic_channel_raise_protocol_error(ch, 456 OSSL_QUIC_ERR_INTERNAL_ERROR, 457 frame_type, 458 "internal error (stream allocation)"); 459 return 0; 460 } 461 462 ++*p_next_ordinal_remote; 463 } 464 465 *result = stream; 466 } else { 467 /* Locally-created stream which does not yet exist. */ 468 p_next_ordinal_local = is_uni 469 ? &ch->next_local_stream_ordinal_uni 470 : &ch->next_local_stream_ordinal_bidi; 471 472 if (stream_ordinal >= *p_next_ordinal_local) { 473 /* 474 * We never created this stream yet, this is a protocol 475 * violation. 476 */ 477 ossl_quic_channel_raise_protocol_error(ch, 478 OSSL_QUIC_ERR_STREAM_STATE_ERROR, 479 frame_type, 480 "STREAM frame for nonexistent " 481 "stream"); 482 return 0; 483 } 484 485 /* 486 * Otherwise this is for an old locally-initiated stream which we 487 * have subsequently deleted. Ignore the data; it may simply be a 488 * retransmission. We already take care of notifying the peer of the 489 * termination of the stream during the stream deletion lifecycle. 490 */ 491 *result = NULL; 492 } 493 494 return 1; 495 } 496 497 static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch, 498 OSSL_QRX_PKT *parent_pkt, 499 OSSL_ACKM_RX_PKT *ackm_data, 500 uint64_t frame_type, 501 uint64_t *datalen) 502 { 503 OSSL_QUIC_FRAME_STREAM frame_data; 504 QUIC_STREAM *stream; 505 uint64_t fce; 506 size_t rs_avail; 507 int rs_fin = 0; 508 509 *datalen = 0; 510 511 if (!ossl_quic_wire_decode_frame_stream(pkt, 0, &frame_data)) { 512 ossl_quic_channel_raise_protocol_error(ch, 513 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 514 frame_type, 515 "decode error"); 516 return 0; 517 } 518 519 if (!depack_do_implicit_stream_create(ch, frame_data.stream_id, 520 frame_type, &stream)) 521 return 0; /* protocol error raised by above call */ 522 523 if (stream == NULL) 524 /* 525 * Data for old stream which is not a protocol violation but should be 526 * ignored, so stop here. 527 */ 528 return 1; 529 530 if (!ossl_quic_stream_has_recv(stream)) { 531 ossl_quic_channel_raise_protocol_error(ch, 532 OSSL_QUIC_ERR_STREAM_STATE_ERROR, 533 frame_type, 534 "STREAM frame for TX only " 535 "stream"); 536 return 0; 537 } 538 539 /* Notify stream flow controller. */ 540 if (!ossl_quic_rxfc_on_rx_stream_frame(&stream->rxfc, 541 frame_data.offset + frame_data.len, 542 frame_data.is_fin)) { 543 ossl_quic_channel_raise_protocol_error(ch, 544 OSSL_QUIC_ERR_INTERNAL_ERROR, 545 frame_type, 546 "internal error (flow control)"); 547 return 0; 548 } 549 550 /* Has a flow control error occurred? */ 551 fce = ossl_quic_rxfc_get_error(&stream->rxfc, 0); 552 if (fce != OSSL_QUIC_ERR_NO_ERROR) { 553 ossl_quic_channel_raise_protocol_error(ch, 554 fce, 555 frame_type, 556 "flow control violation"); 557 return 0; 558 } 559 560 switch (stream->recv_state) { 561 case QUIC_RSTREAM_STATE_RECV: 562 case QUIC_RSTREAM_STATE_SIZE_KNOWN: 563 /* 564 * It only makes sense to process incoming STREAM frames in these 565 * states. 566 */ 567 break; 568 569 case QUIC_RSTREAM_STATE_DATA_RECVD: 570 case QUIC_RSTREAM_STATE_DATA_READ: 571 case QUIC_RSTREAM_STATE_RESET_RECVD: 572 case QUIC_RSTREAM_STATE_RESET_READ: 573 default: 574 /* 575 * We have no use for STREAM frames once the receive part reaches any of 576 * these states, so just ignore. 577 */ 578 return 1; 579 } 580 581 /* If we are in RECV, auto-transition to SIZE_KNOWN on FIN. */ 582 if (frame_data.is_fin 583 && !ossl_quic_stream_recv_get_final_size(stream, NULL)) { 584 585 /* State was already checked above, so can't fail. */ 586 ossl_quic_stream_map_notify_size_known_recv_part(&ch->qsm, stream, 587 frame_data.offset 588 + frame_data.len); 589 } 590 591 /* 592 * If we requested STOP_SENDING do not bother buffering the data. Note that 593 * this must happen after RXFC checks above as even if we sent STOP_SENDING 594 * we must still enforce correct flow control (RFC 9000 s. 3.5). 595 */ 596 if (stream->stop_sending) 597 return 1; /* not an error - packet reordering, etc. */ 598 599 /* 600 * The receive stream buffer may or may not choose to consume the data 601 * without copying by reffing the OSSL_QRX_PKT. In this case 602 * ossl_qrx_pkt_release() will be eventually called when the data is no 603 * longer needed. 604 * 605 * It is OK for the peer to send us a zero-length non-FIN STREAM frame, 606 * which is a no-op, aside from the fact that it ensures the stream exists. 607 * In this case we have nothing to report to the receive buffer. 608 */ 609 if ((frame_data.len > 0 || frame_data.is_fin) 610 && !ossl_quic_rstream_queue_data(stream->rstream, parent_pkt, 611 frame_data.offset, 612 frame_data.data, 613 frame_data.len, 614 frame_data.is_fin)) { 615 ossl_quic_channel_raise_protocol_error(ch, 616 OSSL_QUIC_ERR_INTERNAL_ERROR, 617 frame_type, 618 "internal error (rstream queue)"); 619 return 0; 620 } 621 622 /* 623 * rs_fin will be 1 only if we can read all data up to and including the FIN 624 * without any gaps before it; this implies we have received all data. Avoid 625 * calling ossl_quic_rstream_available() where it is not necessary as it is 626 * more expensive. 627 */ 628 if (stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN 629 && !ossl_quic_rstream_available(stream->rstream, &rs_avail, &rs_fin)) { 630 ossl_quic_channel_raise_protocol_error(ch, 631 OSSL_QUIC_ERR_INTERNAL_ERROR, 632 frame_type, 633 "internal error (rstream available)"); 634 return 0; 635 } 636 637 if (rs_fin) 638 ossl_quic_stream_map_notify_totally_received(&ch->qsm, stream); 639 640 *datalen = frame_data.len; 641 642 return 1; 643 } 644 645 static void update_streams(QUIC_STREAM *s, void *arg) 646 { 647 QUIC_CHANNEL *ch = arg; 648 649 ossl_quic_stream_map_update_state(&ch->qsm, s); 650 } 651 652 static void update_streams_bidi(QUIC_STREAM *s, void *arg) 653 { 654 QUIC_CHANNEL *ch = arg; 655 656 if (!ossl_quic_stream_is_bidi(s)) 657 return; 658 659 ossl_quic_stream_map_update_state(&ch->qsm, s); 660 } 661 662 static void update_streams_uni(QUIC_STREAM *s, void *arg) 663 { 664 QUIC_CHANNEL *ch = arg; 665 666 if (ossl_quic_stream_is_bidi(s)) 667 return; 668 669 ossl_quic_stream_map_update_state(&ch->qsm, s); 670 } 671 672 static int depack_do_frame_max_data(PACKET *pkt, QUIC_CHANNEL *ch, 673 OSSL_ACKM_RX_PKT *ackm_data) 674 { 675 uint64_t max_data = 0; 676 677 if (!ossl_quic_wire_decode_frame_max_data(pkt, &max_data)) { 678 ossl_quic_channel_raise_protocol_error(ch, 679 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 680 OSSL_QUIC_FRAME_TYPE_MAX_DATA, 681 "decode error"); 682 return 0; 683 } 684 685 ossl_quic_txfc_bump_cwm(&ch->conn_txfc, max_data); 686 ossl_quic_stream_map_visit(&ch->qsm, update_streams, ch); 687 return 1; 688 } 689 690 static int depack_do_frame_max_stream_data(PACKET *pkt, 691 QUIC_CHANNEL *ch, 692 OSSL_ACKM_RX_PKT *ackm_data) 693 { 694 uint64_t stream_id = 0; 695 uint64_t max_stream_data = 0; 696 QUIC_STREAM *stream; 697 698 if (!ossl_quic_wire_decode_frame_max_stream_data(pkt, &stream_id, 699 &max_stream_data)) { 700 ossl_quic_channel_raise_protocol_error(ch, 701 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 702 OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, 703 "decode error"); 704 return 0; 705 } 706 707 if (!depack_do_implicit_stream_create(ch, stream_id, 708 OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, 709 &stream)) 710 return 0; /* error already raised for us */ 711 712 if (stream == NULL) 713 return 1; /* old deleted stream, not a protocol violation, ignore */ 714 715 if (!ossl_quic_stream_has_send(stream)) { 716 ossl_quic_channel_raise_protocol_error(ch, 717 OSSL_QUIC_ERR_STREAM_STATE_ERROR, 718 OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA, 719 "MAX_STREAM_DATA for TX only " 720 "stream"); 721 return 0; 722 } 723 724 ossl_quic_txfc_bump_cwm(&stream->txfc, max_stream_data); 725 ossl_quic_stream_map_update_state(&ch->qsm, stream); 726 return 1; 727 } 728 729 static int depack_do_frame_max_streams(PACKET *pkt, 730 QUIC_CHANNEL *ch, 731 OSSL_ACKM_RX_PKT *ackm_data, 732 uint64_t frame_type) 733 { 734 uint64_t max_streams = 0; 735 736 if (!ossl_quic_wire_decode_frame_max_streams(pkt, &max_streams)) { 737 ossl_quic_channel_raise_protocol_error(ch, 738 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 739 frame_type, 740 "decode error"); 741 return 0; 742 } 743 744 if (max_streams > (((uint64_t)1) << 60)) { 745 ossl_quic_channel_raise_protocol_error(ch, 746 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 747 frame_type, 748 "invalid max streams value"); 749 return 0; 750 } 751 752 switch (frame_type) { 753 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI: 754 if (max_streams > ch->max_local_streams_bidi) 755 ch->max_local_streams_bidi = max_streams; 756 757 /* Some streams may now be able to send. */ 758 ossl_quic_stream_map_visit(&ch->qsm, update_streams_bidi, ch); 759 break; 760 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI: 761 if (max_streams > ch->max_local_streams_uni) 762 ch->max_local_streams_uni = max_streams; 763 764 /* Some streams may now be able to send. */ 765 ossl_quic_stream_map_visit(&ch->qsm, update_streams_uni, ch); 766 break; 767 default: 768 ossl_quic_channel_raise_protocol_error(ch, 769 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 770 frame_type, 771 "decode error"); 772 return 0; 773 } 774 775 return 1; 776 } 777 778 static int depack_do_frame_data_blocked(PACKET *pkt, 779 QUIC_CHANNEL *ch, 780 OSSL_ACKM_RX_PKT *ackm_data) 781 { 782 uint64_t max_data = 0; 783 784 if (!ossl_quic_wire_decode_frame_data_blocked(pkt, &max_data)) { 785 ossl_quic_channel_raise_protocol_error(ch, 786 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 787 OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED, 788 "decode error"); 789 return 0; 790 } 791 792 /* No-op - informative/debugging frame. */ 793 return 1; 794 } 795 796 static int depack_do_frame_stream_data_blocked(PACKET *pkt, 797 QUIC_CHANNEL *ch, 798 OSSL_ACKM_RX_PKT *ackm_data) 799 { 800 uint64_t stream_id = 0; 801 uint64_t max_data = 0; 802 QUIC_STREAM *stream; 803 804 if (!ossl_quic_wire_decode_frame_stream_data_blocked(pkt, &stream_id, 805 &max_data)) { 806 ossl_quic_channel_raise_protocol_error(ch, 807 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 808 OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, 809 "decode error"); 810 return 0; 811 } 812 813 /* 814 * This is an informative/debugging frame, so we don't have to do anything, 815 * but it does trigger stream creation. 816 */ 817 if (!depack_do_implicit_stream_create(ch, stream_id, 818 OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, 819 &stream)) 820 return 0; /* error already raised for us */ 821 822 if (stream == NULL) 823 return 1; /* old deleted stream, not a protocol violation, ignore */ 824 825 if (!ossl_quic_stream_has_recv(stream)) { 826 /* 827 * RFC 9000 s. 19.14: "An endpoint that receives a STREAM_DATA_BLOCKED 828 * frame for a send-only stream MUST terminate the connection with error 829 * STREAM_STATE_ERROR." 830 */ 831 ossl_quic_channel_raise_protocol_error(ch, 832 OSSL_QUIC_ERR_STREAM_STATE_ERROR, 833 OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED, 834 "STREAM_DATA_BLOCKED frame for " 835 "TX only stream"); 836 return 0; 837 } 838 839 /* No-op - informative/debugging frame. */ 840 return 1; 841 } 842 843 static int depack_do_frame_streams_blocked(PACKET *pkt, 844 QUIC_CHANNEL *ch, 845 OSSL_ACKM_RX_PKT *ackm_data, 846 uint64_t frame_type) 847 { 848 uint64_t max_data = 0; 849 850 if (!ossl_quic_wire_decode_frame_streams_blocked(pkt, &max_data)) { 851 ossl_quic_channel_raise_protocol_error(ch, 852 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 853 frame_type, 854 "decode error"); 855 return 0; 856 } 857 858 if (max_data > (((uint64_t)1) << 60)) { 859 /* 860 * RFC 9000 s. 19.14: "This value cannot exceed 2**60, as it is not 861 * possible to encode stream IDs larger than 2**62 - 1. Receipt of a 862 * frame that encodes a larger stream ID MUST be treated as a connection 863 * error of type STREAM_LIMIT_ERROR or FRAME_ENCODING_ERROR." 864 */ 865 ossl_quic_channel_raise_protocol_error(ch, 866 OSSL_QUIC_ERR_STREAM_LIMIT_ERROR, 867 frame_type, 868 "invalid stream count limit"); 869 return 0; 870 } 871 872 /* No-op - informative/debugging frame. */ 873 return 1; 874 } 875 876 static int depack_do_frame_new_conn_id(PACKET *pkt, 877 QUIC_CHANNEL *ch, 878 OSSL_ACKM_RX_PKT *ackm_data) 879 { 880 OSSL_QUIC_FRAME_NEW_CONN_ID frame_data; 881 882 if (!ossl_quic_wire_decode_frame_new_conn_id(pkt, &frame_data)) { 883 ossl_quic_channel_raise_protocol_error(ch, 884 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 885 OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID, 886 "decode error"); 887 return 0; 888 } 889 890 ossl_quic_channel_on_new_conn_id(ch, &frame_data); 891 892 return 1; 893 } 894 895 static int depack_do_frame_retire_conn_id(PACKET *pkt, 896 QUIC_CHANNEL *ch, 897 OSSL_ACKM_RX_PKT *ackm_data) 898 { 899 uint64_t seq_num; 900 901 if (!ossl_quic_wire_decode_frame_retire_conn_id(pkt, &seq_num)) { 902 ossl_quic_channel_raise_protocol_error(ch, 903 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 904 OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, 905 "decode error"); 906 return 0; 907 } 908 909 /* 910 * RFC 9000 s. 19.16: "An endpoint cannot send this frame if it was provided 911 * with a zero-length connection ID by its peer. An endpoint that provides a 912 * zero-length connection ID MUST treat receipt of a RETIRE_CONNECTION_ID 913 * frame as a connection error of type PROTOCOL_VIOLATION." 914 * 915 * Since we always use a zero-length SCID as a client, there is no case 916 * where it is valid for a server to send this. Our server support is 917 * currently non-conformant and for internal testing use; simply handle it 918 * as a no-op in this case. 919 * 920 * TODO(QUIC FUTURE): Revise and implement correctly for server support. 921 */ 922 if (!ch->is_server) { 923 ossl_quic_channel_raise_protocol_error(ch, 924 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 925 OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID, 926 "conn has zero-length CID"); 927 return 0; 928 } 929 930 return 1; 931 } 932 933 static void free_path_response(unsigned char *buf, size_t buf_len, void *arg) 934 { 935 OPENSSL_free(buf); 936 } 937 938 static int depack_do_frame_path_challenge(PACKET *pkt, 939 QUIC_CHANNEL *ch, 940 OSSL_ACKM_RX_PKT *ackm_data) 941 { 942 uint64_t frame_data = 0; 943 unsigned char *encoded = NULL; 944 size_t encoded_len; 945 WPACKET wpkt; 946 947 if (!ossl_quic_wire_decode_frame_path_challenge(pkt, &frame_data)) { 948 ossl_quic_channel_raise_protocol_error(ch, 949 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 950 OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, 951 "decode error"); 952 return 0; 953 } 954 955 /* 956 * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint MUST 957 * respond by echoing the data contained in the PATH_CHALLENGE frame in a 958 * PATH_RESPONSE frame. 959 * 960 * TODO(QUIC FUTURE): We should try to avoid allocation here in the future. 961 */ 962 encoded_len = sizeof(uint64_t) + 1; 963 if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) 964 goto err; 965 966 if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) 967 goto err; 968 969 if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { 970 WPACKET_cleanup(&wpkt); 971 goto err; 972 } 973 974 WPACKET_finish(&wpkt); 975 976 if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, 977 OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, 978 QUIC_CFQ_ITEM_FLAG_UNRELIABLE, 979 encoded, encoded_len, 980 free_path_response, NULL)) 981 goto err; 982 983 return 1; 984 985 err: 986 OPENSSL_free(encoded); 987 ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_INTERNAL_ERROR, 988 OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE, 989 "internal error"); 990 return 0; 991 } 992 993 static int depack_do_frame_path_response(PACKET *pkt, 994 QUIC_CHANNEL *ch, 995 OSSL_ACKM_RX_PKT *ackm_data) 996 { 997 uint64_t frame_data = 0; 998 999 if (!ossl_quic_wire_decode_frame_path_response(pkt, &frame_data)) { 1000 ossl_quic_channel_raise_protocol_error(ch, 1001 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 1002 OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, 1003 "decode error"); 1004 return 0; 1005 } 1006 1007 /* TODO(QUIC MULTIPATH): ADD CODE to send |frame_data| to the ch manager */ 1008 1009 return 1; 1010 } 1011 1012 static int depack_do_frame_conn_close(PACKET *pkt, QUIC_CHANNEL *ch, 1013 uint64_t frame_type) 1014 { 1015 OSSL_QUIC_FRAME_CONN_CLOSE frame_data; 1016 1017 if (!ossl_quic_wire_decode_frame_conn_close(pkt, &frame_data)) { 1018 ossl_quic_channel_raise_protocol_error(ch, 1019 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 1020 frame_type, 1021 "decode error"); 1022 return 0; 1023 } 1024 1025 ossl_quic_channel_on_remote_conn_close(ch, &frame_data); 1026 return 1; 1027 } 1028 1029 static int depack_do_frame_handshake_done(PACKET *pkt, 1030 QUIC_CHANNEL *ch, 1031 OSSL_ACKM_RX_PKT *ackm_data) 1032 { 1033 if (!ossl_quic_wire_decode_frame_handshake_done(pkt)) { 1034 /* This can fail only with an internal error. */ 1035 ossl_quic_channel_raise_protocol_error(ch, 1036 OSSL_QUIC_ERR_INTERNAL_ERROR, 1037 OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE, 1038 "internal error (decode frame handshake done)"); 1039 return 0; 1040 } 1041 1042 ossl_quic_channel_on_handshake_confirmed(ch); 1043 return 1; 1044 } 1045 1046 /* Main frame processor */ 1047 1048 static int depack_process_frames(QUIC_CHANNEL *ch, PACKET *pkt, 1049 OSSL_QRX_PKT *parent_pkt, uint32_t enc_level, 1050 OSSL_TIME received, OSSL_ACKM_RX_PKT *ackm_data) 1051 { 1052 uint32_t pkt_type = parent_pkt->hdr->type; 1053 uint32_t packet_space = ossl_quic_enc_level_to_pn_space(enc_level); 1054 1055 if (PACKET_remaining(pkt) == 0) { 1056 /* 1057 * RFC 9000 s. 12.4: An endpoint MUST treat receipt of a packet 1058 * containing no frames as a connection error of type 1059 * PROTOCOL_VIOLATION. 1060 */ 1061 ossl_quic_channel_raise_protocol_error(ch, 1062 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1063 0, 1064 "empty packet payload"); 1065 return 0; 1066 } 1067 1068 while (PACKET_remaining(pkt) > 0) { 1069 int was_minimal; 1070 uint64_t frame_type; 1071 const unsigned char *sof = NULL; 1072 uint64_t datalen = 0; 1073 1074 if (ch->msg_callback != NULL) 1075 sof = PACKET_data(pkt); 1076 1077 if (!ossl_quic_wire_peek_frame_header(pkt, &frame_type, &was_minimal)) { 1078 ossl_quic_channel_raise_protocol_error(ch, 1079 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1080 0, 1081 "malformed frame header"); 1082 return 0; 1083 } 1084 1085 if (!was_minimal) { 1086 ossl_quic_channel_raise_protocol_error(ch, 1087 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1088 frame_type, 1089 "non-minimal frame type encoding"); 1090 return 0; 1091 } 1092 1093 /* 1094 * There are only a few frame types which are not ACK-eliciting. Handle 1095 * these centrally to make error handling cases more resilient, as we 1096 * should tell the ACKM about an ACK-eliciting frame even if it was not 1097 * successfully handled. 1098 */ 1099 switch (frame_type) { 1100 case OSSL_QUIC_FRAME_TYPE_PADDING: 1101 case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN: 1102 case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN: 1103 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT: 1104 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP: 1105 break; 1106 default: 1107 ackm_data->is_ack_eliciting = 1; 1108 break; 1109 } 1110 1111 switch (frame_type) { 1112 case OSSL_QUIC_FRAME_TYPE_PING: 1113 /* Allowed in all packet types */ 1114 if (!depack_do_frame_ping(pkt, ch, enc_level, ackm_data)) 1115 return 0; 1116 break; 1117 case OSSL_QUIC_FRAME_TYPE_PADDING: 1118 /* Allowed in all packet types */ 1119 if (!depack_do_frame_padding(pkt)) 1120 return 0; 1121 break; 1122 1123 case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN: 1124 case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN: 1125 /* ACK frames are valid everywhere except in 0RTT packets */ 1126 if (pkt_type == QUIC_PKT_TYPE_0RTT) { 1127 ossl_quic_channel_raise_protocol_error(ch, 1128 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1129 frame_type, 1130 "ACK not valid in 0-RTT"); 1131 return 0; 1132 } 1133 if (!depack_do_frame_ack(pkt, ch, packet_space, received, 1134 frame_type, parent_pkt)) 1135 return 0; 1136 break; 1137 1138 case OSSL_QUIC_FRAME_TYPE_RESET_STREAM: 1139 /* RESET_STREAM frames are valid in 0RTT and 1RTT packets */ 1140 if (pkt_type != QUIC_PKT_TYPE_0RTT 1141 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1142 ossl_quic_channel_raise_protocol_error(ch, 1143 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1144 frame_type, 1145 "RESET_STREAM not valid in " 1146 "INITIAL/HANDSHAKE"); 1147 return 0; 1148 } 1149 if (!depack_do_frame_reset_stream(pkt, ch, ackm_data)) 1150 return 0; 1151 break; 1152 case OSSL_QUIC_FRAME_TYPE_STOP_SENDING: 1153 /* STOP_SENDING frames are valid in 0RTT and 1RTT packets */ 1154 if (pkt_type != QUIC_PKT_TYPE_0RTT 1155 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1156 ossl_quic_channel_raise_protocol_error(ch, 1157 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1158 frame_type, 1159 "STOP_SENDING not valid in " 1160 "INITIAL/HANDSHAKE"); 1161 return 0; 1162 } 1163 if (!depack_do_frame_stop_sending(pkt, ch, ackm_data)) 1164 return 0; 1165 break; 1166 case OSSL_QUIC_FRAME_TYPE_CRYPTO: 1167 /* CRYPTO frames are valid everywhere except in 0RTT packets */ 1168 if (pkt_type == QUIC_PKT_TYPE_0RTT) { 1169 ossl_quic_channel_raise_protocol_error(ch, 1170 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1171 frame_type, 1172 "CRYPTO frame not valid in 0-RTT"); 1173 return 0; 1174 } 1175 if (!depack_do_frame_crypto(pkt, ch, parent_pkt, ackm_data, &datalen)) 1176 return 0; 1177 break; 1178 case OSSL_QUIC_FRAME_TYPE_NEW_TOKEN: 1179 /* NEW_TOKEN frames are valid in 1RTT packets */ 1180 if (pkt_type != QUIC_PKT_TYPE_1RTT) { 1181 ossl_quic_channel_raise_protocol_error(ch, 1182 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1183 frame_type, 1184 "NEW_TOKEN valid only in 1-RTT"); 1185 return 0; 1186 } 1187 1188 /* 1189 * RFC 9000 s. 19.7: "A server MUST treat receipt of a NEW_TOKEN 1190 * frame as a connection error of type PROTOCOL_VIOLATION." 1191 */ 1192 if (ch->is_server) { 1193 ossl_quic_channel_raise_protocol_error(ch, 1194 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1195 frame_type, 1196 "NEW_TOKEN can only be sent by a server"); 1197 return 0; 1198 } 1199 1200 if (!depack_do_frame_new_token(pkt, ch, ackm_data)) 1201 return 0; 1202 break; 1203 1204 case OSSL_QUIC_FRAME_TYPE_STREAM: 1205 case OSSL_QUIC_FRAME_TYPE_STREAM_FIN: 1206 case OSSL_QUIC_FRAME_TYPE_STREAM_LEN: 1207 case OSSL_QUIC_FRAME_TYPE_STREAM_LEN_FIN: 1208 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF: 1209 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_FIN: 1210 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN: 1211 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN_FIN: 1212 /* STREAM frames are valid in 0RTT and 1RTT packets */ 1213 if (pkt_type != QUIC_PKT_TYPE_0RTT 1214 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1215 ossl_quic_channel_raise_protocol_error(ch, 1216 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1217 frame_type, 1218 "STREAM valid only in 0/1-RTT"); 1219 return 0; 1220 } 1221 if (!depack_do_frame_stream(pkt, ch, parent_pkt, ackm_data, 1222 frame_type, &datalen)) 1223 return 0; 1224 break; 1225 1226 case OSSL_QUIC_FRAME_TYPE_MAX_DATA: 1227 /* MAX_DATA frames are valid in 0RTT and 1RTT packets */ 1228 if (pkt_type != QUIC_PKT_TYPE_0RTT 1229 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1230 ossl_quic_channel_raise_protocol_error(ch, 1231 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1232 frame_type, 1233 "MAX_DATA valid only in 0/1-RTT"); 1234 return 0; 1235 } 1236 if (!depack_do_frame_max_data(pkt, ch, ackm_data)) 1237 return 0; 1238 break; 1239 case OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA: 1240 /* MAX_STREAM_DATA frames are valid in 0RTT and 1RTT packets */ 1241 if (pkt_type != QUIC_PKT_TYPE_0RTT 1242 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1243 ossl_quic_channel_raise_protocol_error(ch, 1244 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1245 frame_type, 1246 "MAX_STREAM_DATA valid only in 0/1-RTT"); 1247 return 0; 1248 } 1249 if (!depack_do_frame_max_stream_data(pkt, ch, ackm_data)) 1250 return 0; 1251 break; 1252 1253 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI: 1254 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI: 1255 /* MAX_STREAMS frames are valid in 0RTT and 1RTT packets */ 1256 if (pkt_type != QUIC_PKT_TYPE_0RTT 1257 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1258 ossl_quic_channel_raise_protocol_error(ch, 1259 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1260 frame_type, 1261 "MAX_STREAMS valid only in 0/1-RTT"); 1262 return 0; 1263 } 1264 if (!depack_do_frame_max_streams(pkt, ch, ackm_data, 1265 frame_type)) 1266 return 0; 1267 break; 1268 1269 case OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED: 1270 /* DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */ 1271 if (pkt_type != QUIC_PKT_TYPE_0RTT 1272 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1273 ossl_quic_channel_raise_protocol_error(ch, 1274 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1275 frame_type, 1276 "DATA_BLOCKED valid only in 0/1-RTT"); 1277 return 0; 1278 } 1279 if (!depack_do_frame_data_blocked(pkt, ch, ackm_data)) 1280 return 0; 1281 break; 1282 case OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED: 1283 /* STREAM_DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */ 1284 if (pkt_type != QUIC_PKT_TYPE_0RTT 1285 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1286 ossl_quic_channel_raise_protocol_error(ch, 1287 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1288 frame_type, 1289 "STREAM_DATA_BLOCKED valid only in 0/1-RTT"); 1290 return 0; 1291 } 1292 if (!depack_do_frame_stream_data_blocked(pkt, ch, ackm_data)) 1293 return 0; 1294 break; 1295 1296 case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI: 1297 case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI: 1298 /* STREAMS_BLOCKED frames are valid in 0RTT and 1RTT packets */ 1299 if (pkt_type != QUIC_PKT_TYPE_0RTT 1300 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1301 ossl_quic_channel_raise_protocol_error(ch, 1302 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1303 frame_type, 1304 "STREAMS valid only in 0/1-RTT"); 1305 return 0; 1306 } 1307 if (!depack_do_frame_streams_blocked(pkt, ch, ackm_data, 1308 frame_type)) 1309 return 0; 1310 break; 1311 1312 case OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID: 1313 /* NEW_CONN_ID frames are valid in 0RTT and 1RTT packets */ 1314 if (pkt_type != QUIC_PKT_TYPE_0RTT 1315 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1316 ossl_quic_channel_raise_protocol_error(ch, 1317 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1318 frame_type, 1319 "NEW_CONN_ID valid only in 0/1-RTT"); 1320 } 1321 if (!depack_do_frame_new_conn_id(pkt, ch, ackm_data)) 1322 return 0; 1323 break; 1324 case OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID: 1325 /* RETIRE_CONN_ID frames are valid in 0RTT and 1RTT packets */ 1326 if (pkt_type != QUIC_PKT_TYPE_0RTT 1327 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1328 ossl_quic_channel_raise_protocol_error(ch, 1329 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1330 frame_type, 1331 "RETIRE_CONN_ID valid only in 0/1-RTT"); 1332 return 0; 1333 } 1334 if (!depack_do_frame_retire_conn_id(pkt, ch, ackm_data)) 1335 return 0; 1336 break; 1337 case OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE: 1338 /* PATH_CHALLENGE frames are valid in 0RTT and 1RTT packets */ 1339 if (pkt_type != QUIC_PKT_TYPE_0RTT 1340 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1341 ossl_quic_channel_raise_protocol_error(ch, 1342 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1343 frame_type, 1344 "PATH_CHALLENGE valid only in 0/1-RTT"); 1345 return 0; 1346 } 1347 if (!depack_do_frame_path_challenge(pkt, ch, ackm_data)) 1348 return 0; 1349 1350 break; 1351 case OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE: 1352 /* PATH_RESPONSE frames are valid in 1RTT packets */ 1353 if (pkt_type != QUIC_PKT_TYPE_1RTT) { 1354 ossl_quic_channel_raise_protocol_error(ch, 1355 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1356 frame_type, 1357 "PATH_CHALLENGE valid only in 1-RTT"); 1358 return 0; 1359 } 1360 if (!depack_do_frame_path_response(pkt, ch, ackm_data)) 1361 return 0; 1362 break; 1363 1364 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP: 1365 /* CONN_CLOSE_APP frames are valid in 0RTT and 1RTT packets */ 1366 if (pkt_type != QUIC_PKT_TYPE_0RTT 1367 && pkt_type != QUIC_PKT_TYPE_1RTT) { 1368 ossl_quic_channel_raise_protocol_error(ch, 1369 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1370 frame_type, 1371 "CONN_CLOSE (APP) valid only in 0/1-RTT"); 1372 return 0; 1373 } 1374 /* FALLTHRU */ 1375 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT: 1376 /* CONN_CLOSE_TRANSPORT frames are valid in all packets */ 1377 if (!depack_do_frame_conn_close(pkt, ch, frame_type)) 1378 return 0; 1379 break; 1380 1381 case OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE: 1382 /* HANDSHAKE_DONE frames are valid in 1RTT packets */ 1383 if (pkt_type != QUIC_PKT_TYPE_1RTT) { 1384 ossl_quic_channel_raise_protocol_error(ch, 1385 OSSL_QUIC_ERR_PROTOCOL_VIOLATION, 1386 frame_type, 1387 "HANDSHAKE_DONE valid only in 1-RTT"); 1388 return 0; 1389 } 1390 if (!depack_do_frame_handshake_done(pkt, ch, ackm_data)) 1391 return 0; 1392 break; 1393 1394 default: 1395 /* Unknown frame type */ 1396 ossl_quic_channel_raise_protocol_error(ch, 1397 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR, 1398 frame_type, 1399 "Unknown frame type received"); 1400 return 0; 1401 } 1402 1403 if (ch->msg_callback != NULL) { 1404 int ctype = SSL3_RT_QUIC_FRAME_FULL; 1405 1406 size_t framelen = PACKET_data(pkt) - sof; 1407 1408 if (frame_type == OSSL_QUIC_FRAME_TYPE_PADDING) { 1409 ctype = SSL3_RT_QUIC_FRAME_PADDING; 1410 } else if (OSSL_QUIC_FRAME_TYPE_IS_STREAM(frame_type) 1411 || frame_type == OSSL_QUIC_FRAME_TYPE_CRYPTO) { 1412 ctype = SSL3_RT_QUIC_FRAME_HEADER; 1413 framelen -= (size_t)datalen; 1414 } 1415 1416 ch->msg_callback(0, OSSL_QUIC1_VERSION, ctype, sof, framelen, 1417 ch->msg_callback_ssl, ch->msg_callback_arg); 1418 } 1419 } 1420 1421 return 1; 1422 } 1423 1424 QUIC_NEEDS_LOCK 1425 int ossl_quic_handle_frames(QUIC_CHANNEL *ch, OSSL_QRX_PKT *qpacket) 1426 { 1427 PACKET pkt; 1428 OSSL_ACKM_RX_PKT ackm_data; 1429 uint32_t enc_level; 1430 size_t dgram_len = qpacket->datagram_len; 1431 1432 /* 1433 * ok has three states: 1434 * -1 error with ackm_data uninitialized 1435 * 0 error with ackm_data initialized 1436 * 1 success (ackm_data initialized) 1437 */ 1438 int ok = -1; /* Assume the worst */ 1439 1440 if (ch == NULL) 1441 goto end; 1442 1443 ch->did_crypto_frame = 0; 1444 1445 /* Initialize |ackm_data| (and reinitialize |ok|)*/ 1446 memset(&ackm_data, 0, sizeof(ackm_data)); 1447 /* 1448 * ASSUMPTION: All packets that aren't special case have a 1449 * packet number. 1450 */ 1451 ackm_data.pkt_num = qpacket->pn; 1452 ackm_data.time = qpacket->time; 1453 enc_level = ossl_quic_pkt_type_to_enc_level(qpacket->hdr->type); 1454 if (enc_level >= QUIC_ENC_LEVEL_NUM) 1455 /* 1456 * Retry and Version Negotiation packets should not be passed to this 1457 * function. 1458 */ 1459 goto end; 1460 1461 ok = 0; /* Still assume the worst */ 1462 ackm_data.pkt_space = ossl_quic_enc_level_to_pn_space(enc_level); 1463 1464 /* 1465 * RFC 9000 s. 8.1 1466 * We can consider the connection to be validated, if we receive a packet 1467 * from the client protected via handshake keys, meaning that the 1468 * amplification limit no longer applies (i.e. we can set it as validated. 1469 * Otherwise, add the size of this packet to the unvalidated credit for 1470 * the connection. 1471 */ 1472 if (enc_level == QUIC_ENC_LEVEL_HANDSHAKE) 1473 ossl_quic_tx_packetiser_set_validated(ch->txp); 1474 else 1475 ossl_quic_tx_packetiser_add_unvalidated_credit(ch->txp, dgram_len); 1476 1477 /* Now that special cases are out of the way, parse frames */ 1478 if (!PACKET_buf_init(&pkt, qpacket->hdr->data, qpacket->hdr->len) 1479 || !depack_process_frames(ch, &pkt, qpacket, 1480 enc_level, 1481 qpacket->time, 1482 &ackm_data)) 1483 goto end; 1484 1485 ok = 1; 1486 end: 1487 /* 1488 * ASSUMPTION: If this function is called at all, |qpacket| is 1489 * a legitimate packet, even if its contents aren't. 1490 * Therefore, we call ossl_ackm_on_rx_packet() unconditionally, as long as 1491 * |ackm_data| has at least been initialized. 1492 */ 1493 if (ok >= 0) 1494 ossl_ackm_on_rx_packet(ch->ackm, &ackm_data); 1495 1496 return ok > 0; 1497 } 1498