Commit f913a297 authored by Dmitri Tikhonov's avatar Dmitri Tikhonov
Browse files

Release 2.16.2

- [BUGFIX] ID-28: do not use TLS middlebox compatibility mode in
  ClientHello.  This change requires using a newer version of BoringSSL.
- [BUGFIX] Free connections in Advisory Tick Time Queue in engine dtor.
- [BUGFIX] IETF QUIC client: narrow migration check to a single path.
- [BUGFIX] NULL dereference: set function pointers for alarm for path
  challenges 2 and 3.
- [BUGFIX] HTTP/3 headers may be followed immediately by trailers.
- [BUGFIX] Log messages when SCID changes.
parent 8ae5ecb4
......@@ -8,7 +8,7 @@ task:
- cd boringssl
# This is so that both GQUIC and IETF branches build. Just picking
# a known good revision:
- git checkout bfe527fa35735e8e045cbfb42b012e13ca68f9cf
- git checkout 251b5169fd44345f455438312ec4e18ae07fd58c
- cmake .
- make
- cd -
......
......@@ -31,7 +31,7 @@ before_script:
- cd boringssl
# This is so that both GQUIC and IETF branches build. Just picking
# a known good revision:
- git checkout bfe527fa35735e8e045cbfb42b012e13ca68f9cf
- git checkout 251b5169fd44345f455438312ec4e18ae07fd58c
- cmake .
- make
- cd -
......
2020-06-12
- 2.16.2
- [BUGFIX] ID-28: do not use TLS middlebox compatibility mode in
ClientHello. This change requires using a newer version of BoringSSL.
- [BUGFIX] Free connections in Advisory Tick Time Queue in engine dtor.
- [BUGFIX] IETF QUIC client: narrow migration check to a single path.
- [BUGFIX] NULL dereference: set function pointers for alarm for path
challenges 2 and 3.
- [BUGFIX] HTTP/3 headers may be followed immediately by trailers.
- [BUGFIX] Log messages when SCID changes.
2020-06-09
- 2.16.1
- [FEATURE] Use "no-progress timeout" after which connection is closed.
......
......@@ -50,7 +50,7 @@ You may need to install pre-requisites like zlib and libevent.
2. Use specific BoringSSL version
```
git checkout bfe527fa35735e8e045cbfb42b012e13ca68f9cf
git checkout 251b5169fd44345f455438312ec4e18ae07fd58c
```
3. Compile the library
......
......@@ -30,7 +30,7 @@ build_script:
cd boringssl
git checkout bfe527fa35735e8e045cbfb42b012e13ca68f9cf
git checkout 251b5169fd44345f455438312ec4e18ae07fd58c
cmake -DCMAKE_GENERATOR_PLATFORM=x64 --config Debug -DBUILD_SHARED_LIBS=OFF -DOPENSSL_NO_ASM=1 .
......
......@@ -26,7 +26,7 @@ author = u'LiteSpeed Technologies'
# The short X.Y version
version = u'2.16'
# The full version, including alpha/beta/rc tags
release = u'2.16.1'
release = u'2.16.2'
# -- General configuration ---------------------------------------------------
......
......@@ -25,7 +25,7 @@ extern "C" {
#define LSQUIC_MAJOR_VERSION 2
#define LSQUIC_MINOR_VERSION 16
#define LSQUIC_PATCH_VERSION 1
#define LSQUIC_PATCH_VERSION 2
/**
* Engine flags:
......
This diff is collapsed.
......@@ -1447,6 +1447,9 @@ lsquic_engine_destroy (lsquic_engine_t *engine)
}
lsquic_hash_destroy(engine->conns_hash);
while ((conn = lsquic_attq_pop(engine->attq, UINT64_MAX)))
(void) engine_decref_conn(engine, conn, LSCONN_ATTQ);
assert(0 == engine->n_conns);
assert(0 == engine->mini_conns_count);
if (engine->pr_queue)
......
......@@ -591,9 +591,10 @@ wipe_path (struct ietf_full_conn *conn, unsigned path_id)
static void
path_chal_alarm_expired (enum alarm_id al_id, void *ctx,
lsquic_time_t expiry, lsquic_time_t now, unsigned path_id)
lsquic_time_t expiry, lsquic_time_t now)
{
struct ietf_full_conn *const conn = (struct ietf_full_conn *) ctx;
const unsigned path_id = al_id - AL_PATH_CHAL;
struct conn_path *const copath = &conn->ifc_paths[path_id];
if (copath->cop_n_chals < sizeof(copath->cop_path_chals)
......@@ -614,22 +615,6 @@ path_chal_alarm_expired (enum alarm_id al_id, void *ctx,
}
static void
path_chal_0_alarm_expired (enum alarm_id al_id, void *ctx,
lsquic_time_t expiry, lsquic_time_t now)
{
path_chal_alarm_expired(al_id, ctx, expiry, now, 0);
}
static void
path_chal_1_alarm_expired (enum alarm_id al_id, void *ctx,
lsquic_time_t expiry, lsquic_time_t now)
{
path_chal_alarm_expired(al_id, ctx, expiry, now, 1);
}
/* Sending DATA_BLOCKED and STREAM_DATA_BLOCKED frames is a way to elicit
* incoming packets from peer when it is too slow to read data. This is
* recommended by [draft-ietf-quic-transport-25] Section 4.1.
......@@ -670,10 +655,10 @@ blocked_ka_alarm_expired (enum alarm_id al_id, void *ctx,
static int
migra_is_on (const struct ietf_full_conn *conn)
migra_is_on (const struct ietf_full_conn *conn, unsigned path_id)
{
return (conn->ifc_send_flags & SF_SEND_PATH_CHAL_ALL)
|| lsquic_alarmset_are_set(&conn->ifc_alset, ALBIT_PATH_CHAL_0|ALBIT_PATH_CHAL_1);
return (conn->ifc_send_flags & (SF_SEND_PATH_CHAL << path_id))
|| lsquic_alarmset_is_set(&conn->ifc_alset, AL_PATH_CHAL + path_id);
}
......@@ -682,7 +667,7 @@ migra_begin (struct ietf_full_conn *conn, struct conn_path *copath,
struct dcid_elem *dce, const struct sockaddr *dest_sa,
const struct transport_params *params)
{
assert(!(migra_is_on(conn)));
assert(!(migra_is_on(conn, copath - conn->ifc_paths)));
dce->de_flags |= DE_ASSIGNED;
copath->cop_flags |= COP_INITIALIZED;
......@@ -1126,8 +1111,10 @@ ietf_full_conn_init (struct ietf_full_conn *conn,
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_PING, ping_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_HANDSHAKE, handshake_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_CID_THROT, cid_throt_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_PATH_CHAL_0, path_chal_0_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_PATH_CHAL_1, path_chal_1_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_PATH_CHAL_0, path_chal_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_PATH_CHAL_1, path_chal_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_PATH_CHAL_2, path_chal_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_PATH_CHAL_3, path_chal_alarm_expired, conn);
lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_BLOCKED_KA, blocked_ka_alarm_expired, conn);
lsquic_rechist_init(&conn->ifc_rechist[PNS_INIT], &conn->ifc_conn, 1);
lsquic_rechist_init(&conn->ifc_rechist[PNS_HSK], &conn->ifc_conn, 1);
......@@ -5461,11 +5448,11 @@ process_retire_connection_id_frame (struct ietf_full_conn *conn,
cce = find_cce_by_cid(conn, &packet_in->pi_dcid);
if (cce)
{
cce->cce_flags |= CCE_USED;
lconn->cn_cur_cce_idx = cce - lconn->cn_cces;
LSQ_DEBUGC("current SCID was retired; set current SCID to "
"%"CID_FMT" based on DCID in incoming packet",
CID_BITS(&packet_in->pi_dcid));
cce->cce_flags |= CCE_USED;
lconn->cn_cur_cce_idx = cce - lconn->cn_cces;
}
else
LSQ_WARN("current SCID was retired; no new SCID candidate");
......@@ -6310,7 +6297,7 @@ process_regular_packet (struct ietf_full_conn *conn,
if (packet_in->pi_path_id != conn->ifc_cur_path_id
&& 0 == (conn->ifc_flags & IFC_SERVER)
&& !(packet_in->pi_path_id == conn->ifc_mig_path_id
&& migra_is_on(conn)))
&& migra_is_on(conn, conn->ifc_mig_path_id)))
{
/* The "known server address" is recorded in the current path. */
switch ((NP_IS_IPv6(CUR_NPATH(conn)) << 1) |
......
......@@ -4140,6 +4140,7 @@ update_type_hist_and_check (const struct lsquic_stream *stream,
0123, /* HD+ */
012, /* HD */
01, /* H */
013, /* H+ */ /* Really HH, but we don't record it like this */
01231, /* HD+H */
0121, /* HDH */
};
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment