protocol

package
v0.0.0-...-f642fed Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 4, 2021 License: MIT Imports: 3 Imported by: 0

Documentation

Index

Constants

View Source
const AckSendDelay = 25 * time.Millisecond

AckSendDelay is the maximum delay that can be applied to an ACK for a retransmittable packet This is the value Chromium is using

View Source
const ClientHelloMinimumSize = 1024

ClientHelloMinimumSize is the minimum size the server expects an inchoate CHLO to have.

View Source
const ClosedSessionDeleteTimeout = time.Minute

ClosedSessionDeleteTimeout the server ignores packets arriving on a connection that is already closed after this time all information about the old connection will be deleted

View Source
const ConnectionFlowControlMultiplier = 1.5

ConnectionFlowControlMultiplier determines how much larger the connection flow control windows needs to be relative to any stream's flow control window This is the value that Chromium is using

View Source
const CookieExpiryTime = 24 * time.Hour

CookieExpiryTime is the valid time of a cookie

View Source
const CryptoMaxParams = 128

CryptoMaxParams is the upper limit for the number of parameters in a crypto message. Value taken from Chrome.

View Source
const CryptoParameterMaxLength = 4000

CryptoParameterMaxLength is the upper limit for the length of a parameter in a crypto message.

View Source
const DefaultHandshakeTimeout = 10 * time.Second

DefaultHandshakeTimeout is the default timeout for a connection until the crypto handshake succeeds.

View Source
const DefaultIdleTimeout = 30 * time.Second

DefaultIdleTimeout is the default idle timeout

View Source
const DefaultMaxCongestionWindow = 2500

DefaultMaxCongestionWindow is the default for the max congestion window XXX (QDC): with large bandwidth networks, this can be a limiting factor Seems reasonable, around 3.5MB in flight

View Source
const DefaultMaxReceiveConnectionFlowControlWindowClient = 24 * (1 << 20) // 24 MB

DefaultMaxReceiveConnectionFlowControlWindowClient is the default connection-level flow control window for receiving data, for the client This is the value that Google servers are using

View Source
const DefaultMaxReceiveConnectionFlowControlWindowServer = 1.5 * (1 << 20) // 1.5 MB

DefaultMaxReceiveConnectionFlowControlWindowServer is the default connection-level flow control window for receiving data, for the server This is the value that Google servers are using

View Source
const DefaultMaxReceiveStreamFlowControlWindowClient = 16 * (1 << 20) // 16 MB

DefaultMaxReceiveStreamFlowControlWindowClient is the default maximum stream-level flow control window for receiving data, for the client This is the value that Chromium is using

View Source
const DefaultMaxReceiveStreamFlowControlWindowServer = 1 * (1 << 20) // 1 MB

DefaultMaxReceiveStreamFlowControlWindowServer is the default maximum stream-level flow control window for receiving data, for the server This is the value that Google servers are using

View Source
const EphermalKeyLifetime = time.Minute

EphermalKeyLifetime is the lifetime of the ephermal key during the handshake, see handshake.getEphermalKEX.

View Source
const InitialCongestionWindow = 32

InitialCongestionWindow is the initial congestion window in QUIC packets

View Source
const InitialPathID = 0

Initial PathID

View Source
const MaxByteCount = ByteCount(math.MaxUint64)

MaxByteCount is the maximum value of a ByteCount

View Source
const MaxClientHellos = 3

MaxClientHellos is the maximum number of times we'll send a client hello The value 3 accounts for: * one failure due to an incorrect or missing source-address token * one failure due the server's certificate chain being unavailible and the server being unwilling to send it without a valid source-address token

View Source
const MaxIncomingDynamicStreamsPerConnection = 100

MaxIncomingDynamicStreamsPerConnection is the maximum value accepted for the incoming number of dynamic streams per connection

View Source
const MaxNewStreamIDDelta = 4 * MaxStreamsPerConnection

MaxNewStreamIDDelta is the maximum difference between and a newly opened Stream and the highest StreamID that a client has ever opened note that the number of streams is half this value, since the client can only open streams with open StreamID

View Source
const MaxNonRetransmittablePackets = 19

MaxNonRetransmittablePackets is the maximum number of non-retransmittable packets that we send in a row

View Source
const MaxPacketsReceivedBeforeAckSend = 20

MaxPacketsReceivedBeforeAckSend is the number of packets that can be received before an ACK frame is sent

View Source
const MaxSessionUnprocessedPackets = DefaultMaxCongestionWindow

MaxSessionUnprocessedPackets is the max number of packets stored in each session that are not yet processed.

View Source
const MaxStreamFrameSorterGaps = 2500

MaxStreamFrameSorterGaps is the maximum number of gaps between received StreamFrames prevents DoS attacks against the streamFrameSorter XXX (QDC): needs to be compliant with the maximal congestion window

View Source
const MaxStreamsMinimumIncrement = 10

MaxStreamsMinimumIncrement is the slack the client is allowed for the maximum number of streams per connection, needed e.g. when packets are out of order or dropped. The minimum of this absolute increment and the procentual increase specified by MaxStreamsMultiplier is used.

View Source
const MaxStreamsMultiplier = 1.1

MaxStreamsMultiplier is the slack the client is allowed for the maximum number of streams per connection, needed e.g. when packets are out of order or dropped. The minimum of this procentual increase and the absolute increment specified by MaxStreamsMinimumIncrement is used.

View Source
const MaxStreamsPerConnection = 100

MaxStreamsPerConnection is the maximum value accepted for the number of streams per connection

View Source
const MaxTrackedReceivedAckRanges = DefaultMaxCongestionWindow

MaxTrackedReceivedAckRanges is the maximum number of ACK ranges tracked

View Source
const MaxTrackedSentPackets = 2 * DefaultMaxCongestionWindow

MaxTrackedSentPackets is maximum number of sent packets saved for either later retransmission or entropy calculation

View Source
const MaxTrackedSkippedPackets = 10

MaxTrackedSkippedPackets is the maximum number of skipped packet numbers the SentPacketHandler keep track of for Optimistic ACK attack mitigation

View Source
const MaxUndecryptablePackets = 10

MaxUndecryptablePackets limits the number of undecryptable packets that a session queues for later until it sends a public reset.

View Source
const NonForwardSecurePacketSizeReduction = 50

NonForwardSecurePacketSizeReduction is the number of bytes a non forward-secure packet has to be smaller than a forward-secure packet This makes sure that those packets can always be retransmitted without splitting the contained StreamFrames

View Source
const NumCachedCertificates = 128

NumCachedCertificates is the number of cached compressed certificate chains, each taking ~1K space

View Source
const PublicResetTimeout = 500 * time.Millisecond

PublicResetTimeout is the time to wait before sending a Public Reset when receiving too many undecryptable packets during the handshake This timeout allows the Go scheduler to switch to the Go rountine that reads the crypto stream and to escalate the crypto

View Source
const ReceiveConnectionFlowControlWindow = (1 << 10) * 48 // 48 kB

ReceiveConnectionFlowControlWindow is the connection-level flow control window for receiving data This is the value that Google servers are using

View Source
const ReceiveStreamFlowControlWindow = (1 << 10) * 32 // 32 kB

ReceiveStreamFlowControlWindow is the stream-level flow control window for receiving data This is the value that Google servers are using

View Source
const RetransmittablePacketsBeforeAck = 2

RetransmittablePacketsBeforeAck is the number of retransmittable that an ACK is sent for

Variables

View Source
var SupportedVersions = []VersionNumber{
	VersionMP,
	Version39,
	Version38,
	Version37,
}

SupportedVersions lists the versions that the server supports must be in sorted descending order

Functions

func IsSupportedVersion

func IsSupportedVersion(supported []VersionNumber, v VersionNumber) bool

IsSupportedVersion returns true if the server supports this version

func VersionNumberToTag

func VersionNumberToTag(vn VersionNumber) uint32

VersionNumberToTag maps version numbers ('32') to tags ('Q032')

Types

type ByteCount

type ByteCount uint64

A ByteCount in QUIC

const DefaultTCPMSS ByteCount = 1460

DefaultTCPMSS is the default maximum packet size used in the Linux TCP implementation. Used in QUIC for congestion window computations in bytes.

const InitialConnectionFlowControlWindow ByteCount = (1 << 14) // 16 kB

InitialConnectionFlowControlWindow is the initial connection-level flow control window for sending

const InitialStreamFlowControlWindow ByteCount = (1 << 14) // 16 kB

InitialStreamFlowControlWindow is the initial stream-level flow control window for sending

const MaxPacketSize ByteCount = 1350

MaxPacketSize is the maximum packet size, including the public header, that we use for sending packets This is the value used by Chromium for a QUIC packet sent using IPv6 (for IPv4 it would be 1370)

const MaxReceivePacketSize ByteCount = 1452

MaxReceivePacketSize maximum packet size of any QUIC packet, based on ethernet's max size, minus the IP and UDP headers. IPv6 has a 40 byte header, UDP adds an additional 8 bytes. This is a total overhead of 48 bytes. Ethernet's max packet size is 1500 bytes, 1500 - 48 = 1452.

type ConnectionID

type ConnectionID uint64

A ConnectionID in QUIC

type EncryptionLevel

type EncryptionLevel int

EncryptionLevel is the encryption level Default value is Unencrypted

const (
	// EncryptionUnspecified is a not specified encryption level
	EncryptionUnspecified EncryptionLevel = iota
	// EncryptionUnencrypted is not encrypted
	EncryptionUnencrypted
	// EncryptionSecure is encrypted, but not forward secure
	EncryptionSecure
	// EncryptionForwardSecure is forward secure
	EncryptionForwardSecure
)

func (EncryptionLevel) String

func (e EncryptionLevel) String() string

type PacketNumber

type PacketNumber uint64

A PacketNumber in QUIC

const SkipPacketAveragePeriodLength PacketNumber = 500

SkipPacketAveragePeriodLength is the average period length in which one packet number is skipped to prevent an Optimistic ACK attack

func InferPacketNumber

func InferPacketNumber(packetNumberLength PacketNumberLen, lastPacketNumber PacketNumber, wirePacketNumber PacketNumber) PacketNumber

InferPacketNumber calculates the packet number based on the received packet number, its length and the last seen packet number

type PacketNumberLen

type PacketNumberLen uint8

PacketNumberLen is the length of the packet number in bytes

const (
	// PacketNumberLenInvalid is the default value and not a valid length for a packet number
	PacketNumberLenInvalid PacketNumberLen = 0
	// PacketNumberLen1 is a packet number length of 1 byte
	PacketNumberLen1 PacketNumberLen = 1
	// PacketNumberLen2 is a packet number length of 2 bytes
	PacketNumberLen2 PacketNumberLen = 2
	// PacketNumberLen4 is a packet number length of 4 bytes
	PacketNumberLen4 PacketNumberLen = 4
	// PacketNumberLen6 is a packet number length of 6 bytes
	PacketNumberLen6 PacketNumberLen = 6
)

func GetPacketNumberLength

func GetPacketNumberLength(packetNumber PacketNumber) PacketNumberLen

GetPacketNumberLength gets the minimum length needed to fully represent the packet number

func GetPacketNumberLengthForPublicHeader

func GetPacketNumberLengthForPublicHeader(packetNumber PacketNumber, leastUnacked PacketNumber) PacketNumberLen

GetPacketNumberLengthForPublicHeader gets the length of the packet number for the public header it never chooses a PacketNumberLen of 1 byte, since this is too short under certain circumstances

type PathID

type PathID uint8

A PathID in QUIC

type Perspective

type Perspective int

Perspective determines if we're acting as a server or a client

const (
	PerspectiveServer Perspective = 1
	PerspectiveClient Perspective = 2
)

the perspectives

type StreamID

type StreamID uint32

A StreamID in QUIC

type VersionNumber

type VersionNumber int

VersionNumber is a version number as int

const (
	Version37 VersionNumber = 37 + iota
	Version38
	Version39
	VersionTLS         VersionNumber = 101
	VersionWhatever    VersionNumber = 0 // for when the version doesn't matter
	VersionUnsupported VersionNumber = -1
	VersionUnknown     VersionNumber = -2
	VersionMP          VersionNumber = 512
)

The version numbers, making grepping easier

func ChooseSupportedVersion

func ChooseSupportedVersion(ours, theirs []VersionNumber) VersionNumber

ChooseSupportedVersion finds the best version in the overlap of ours and theirs ours is a slice of versions that we support, sorted by our preference (descending) theirs is a slice of versions offered by the peer. The order does not matter if no suitable version is found, it returns VersionUnsupported

func VersionTagToNumber

func VersionTagToNumber(v uint32) VersionNumber

VersionTagToNumber is built from VersionNumberToTag in init()

func (VersionNumber) String

func (vn VersionNumber) String() string

func (VersionNumber) UsesTLS

func (vn VersionNumber) UsesTLS() bool

UsesTLS says if this QUIC version uses TLS 1.3 for the handshake

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL