protocol

package
v2.0.13+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 4, 2020 License: GPL-3.0, MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source
const ClosedSessionDeleteTimeout = time.Minute

ClosedSessionDeleteTimeout the server ignores packets arriving on a connection that is already closed after this time all information about the old connection will be deleted

View Source
const ConnectionFlowControlMultiplier = 1.5

ConnectionFlowControlMultiplier determines how much larger the connection flow control windows needs to be relative to any stream's flow control window This is the value that Chromium is using

View Source
const ConnectionIDLenGQUIC = 8

ConnectionIDLenGQUIC is the length of the source Connection ID used on gQUIC QUIC packets.

View Source
const CookieExpiryTime = 24 * time.Hour

CookieExpiryTime is the valid time of a cookie

View Source
const CryptoMaxParams = 128

CryptoMaxParams is the upper limit for the number of parameters in a crypto message. Value taken from Chrome.

View Source
const CryptoParameterMaxLength = 4000

CryptoParameterMaxLength is the upper limit for the length of a parameter in a crypto message.

View Source
const DefaultConnectionIDLength = 4

DefaultConnectionIDLength is the connection ID length that is used for multiplexed connections if no other value is configured.

View Source
const DefaultHandshakeTimeout = 10 * time.Second

DefaultHandshakeTimeout is the default timeout for a connection until the crypto handshake succeeds.

View Source
const DefaultIdleTimeout = 30 * time.Second

DefaultIdleTimeout is the default idle timeout

View Source
const DefaultMaxIncomingStreams = 100

DefaultMaxIncomingStreams is the maximum number of streams that a peer may open

View Source
const DefaultMaxIncomingUniStreams = 100

DefaultMaxIncomingUniStreams is the maximum number of unidirectional streams that a peer may open

View Source
const DefaultMaxReceiveConnectionFlowControlWindowClient = 15 * (1 << 20) // 15 MB

DefaultMaxReceiveConnectionFlowControlWindowClient is the default connection-level flow control window for receiving data, for the client This is the value that Google servers are using

View Source
const DefaultMaxReceiveConnectionFlowControlWindowServer = 1.5 * (1 << 20) // 1.5 MB

DefaultMaxReceiveConnectionFlowControlWindowServer is the default connection-level flow control window for receiving data, for the server This is the value that Google servers are using

View Source
const DefaultMaxReceiveStreamFlowControlWindowClient = 6 * (1 << 20) // 6 MB

DefaultMaxReceiveStreamFlowControlWindowClient is the default maximum stream-level flow control window for receiving data, for the client This is the value that Chromium is using

View Source
const DefaultMaxReceiveStreamFlowControlWindowServer = 1 * (1 << 20) // 1 MB

DefaultMaxReceiveStreamFlowControlWindowServer is the default maximum stream-level flow control window for receiving data, for the server This is the value that Google servers are using

View Source
const EphermalKeyLifetime = time.Minute

EphermalKeyLifetime is the lifetime of the ephermal key during the handshake, see handshake.getEphermalKEX.

View Source
const MaxByteCount = ByteCount(1<<62 - 1)

MaxByteCount is the maximum value of a ByteCount

View Source
const MaxClientHellos = 3

MaxClientHellos is the maximum number of times we'll send a client hello The value 3 accounts for: * one failure due to an incorrect or missing source-address token * one failure due the server's certificate chain being unavailable and the server being unwilling to send it without a valid source-address token

View Source
const MaxNonRetransmittableAcks = 19

MaxNonRetransmittableAcks is the maximum number of packets containing an ACK, but no retransmittable frames, that we send in a row

View Source
const MaxOutstandingSentPackets = 2 * defaultMaxCongestionWindowPackets

MaxOutstandingSentPackets is maximum number of packets saved for retransmission. When reached, it imposes a soft limit on sending new packets: Sending ACKs and retransmission is still allowed, but now new regular packets can be sent.

View Source
const MaxPacketSizeIPv4 = 1252

MaxPacketSizeIPv4 is the maximum packet size that we use for sending IPv4 packets.

View Source
const MaxPacketSizeIPv6 = 1232

MaxPacketSizeIPv6 is the maximum packet size that we use for sending IPv6 packets.

View Source
const MaxSessionUnprocessedPackets = defaultMaxCongestionWindowPackets

MaxSessionUnprocessedPackets is the max number of packets stored in each session that are not yet processed.

View Source
const MaxStreamFrameSorterGaps = 1000

MaxStreamFrameSorterGaps is the maximum number of gaps between received StreamFrames prevents DoS attacks against the streamFrameSorter

View Source
const MaxStreamsMinimumIncrement = 10

MaxStreamsMinimumIncrement is the slack the client is allowed for the maximum number of streams per connection, needed e.g. when packets are out of order or dropped. The minimum of this absolute increment and the procentual increase specified by MaxStreamsMultiplier is used.

View Source
const MaxStreamsMultiplier = 1.1

MaxStreamsMultiplier is the slack the client is allowed for the maximum number of streams per connection, needed e.g. when packets are out of order or dropped. The minimum of this procentual increase and the absolute increment specified by MaxStreamsMinimumIncrement is used.

View Source
const MaxTrackedReceivedAckRanges = defaultMaxCongestionWindowPackets

MaxTrackedReceivedAckRanges is the maximum number of ACK ranges tracked

View Source
const MaxTrackedSentPackets = MaxOutstandingSentPackets * 5 / 4

MaxTrackedSentPackets is maximum number of sent packets saved for retransmission. When reached, no more packets will be sent. This value *must* be larger than MaxOutstandingSentPackets.

View Source
const MaxTrackedSkippedPackets = 10

MaxTrackedSkippedPackets is the maximum number of skipped packet numbers the SentPacketHandler keep track of for Optimistic ACK attack mitigation

View Source
const MaxUndecryptablePackets = 10

MaxUndecryptablePackets limits the number of undecryptable packets that a session queues for later until it sends a public reset.

View Source
const MinClientHelloSize = 1024

MinClientHelloSize is the minimum size the server expects an inchoate CHLO to have (in gQUIC)

View Source
const MinConnectionIDLenInitial = 8

MinConnectionIDLenInitial is the minimum length of the destination connection ID on an Initial packet.

View Source
const MinInitialPacketSize = 1200

MinInitialPacketSize is the minimum size an Initial packet (in IETF QUIC) is required to have.

View Source
const MinPacingDelay time.Duration = 100 * time.Microsecond

MinPacingDelay is the minimum duration that is used for packet pacing If the packet packing frequency is higher, multiple packets might be sent at once. Example: For a packet pacing delay of 20 microseconds, we would send 5 packets at once, wait for 100 microseconds, and so forth.

View Source
const MinRemoteIdleTimeout = 5 * time.Second

MinRemoteIdleTimeout is the minimum value that we accept for the remote idle timeout

View Source
const NonForwardSecurePacketSizeReduction = 50

NonForwardSecurePacketSizeReduction is the number of bytes a non forward-secure packet has to be smaller than a forward-secure packet This makes sure that those packets can always be retransmitted without splitting the contained StreamFrames

View Source
const NumCachedCertificates = 128

NumCachedCertificates is the number of cached compressed certificate chains, each taking ~1K space

View Source
const PublicResetTimeout = 500 * time.Millisecond

PublicResetTimeout is the time to wait before sending a Public Reset when receiving too many undecryptable packets during the handshake This timeout allows the Go scheduler to switch to the Go rountine that reads the crypto stream and to escalate the crypto

View Source
const ReceiveConnectionFlowControlWindow = (1 << 10) * 48 // 48 kB

ReceiveConnectionFlowControlWindow is the connection-level flow control window for receiving data This is the value that Google servers are using

View Source
const ReceiveStreamFlowControlWindow = (1 << 10) * 32 // 32 kB

ReceiveStreamFlowControlWindow is the stream-level flow control window for receiving data This is the value that Google servers are using

View Source
const WindowUpdateThreshold = 0.25

WindowUpdateThreshold is the fraction of the receive window that has to be consumed before an higher offset is advertised to the client

Variables

View Source
var SupportedVersions = []VersionNumber{
	Version44,
	Version43,
	Version39,
}

SupportedVersions lists the versions that the server supports must be in sorted descending order

Functions

func IsSupportedVersion

func IsSupportedVersion(supported []VersionNumber, v VersionNumber) bool

IsSupportedVersion returns true if the server supports this version

func IsValidVersion

func IsValidVersion(v VersionNumber) bool

IsValidVersion says if the version is known to quic-go

Types

type ApplicationErrorCode

type ApplicationErrorCode uint16

An ApplicationErrorCode is an application-defined error code.

type ByteCount

type ByteCount uint64

A ByteCount in QUIC

const DefaultMaxCongestionWindow ByteCount = defaultMaxCongestionWindowPackets * DefaultTCPMSS

DefaultMaxCongestionWindow is the default for the max congestion window

const DefaultTCPMSS ByteCount = 1460

DefaultTCPMSS is the default maximum packet size used in the Linux TCP implementation. Used in QUIC for congestion window computations in bytes.

const InitialCongestionWindow ByteCount = 32 * DefaultTCPMSS

InitialCongestionWindow is the initial congestion window in QUIC packets

const MaxAckFrameSize ByteCount = 1000

MaxAckFrameSize is the maximum size for an (IETF QUIC) ACK frame that we write Due to the varint encoding, ACK frames can grow (almost) indefinitely large. The MaxAckFrameSize should be large enough to encode many ACK range, but must ensure that a maximum size ACK frame fits into one packet.

const MaxReceivePacketSize ByteCount = 1452

MaxReceivePacketSize maximum packet size of any QUIC packet, based on ethernet's max size, minus the IP and UDP headers. IPv6 has a 40 byte header, UDP adds an additional 8 bytes. This is a total overhead of 48 bytes. Ethernet's max packet size is 1500 bytes, 1500 - 48 = 1452.

const MinStreamFrameSize ByteCount = 128

MinStreamFrameSize is the minimum size that has to be left in a packet, so that we add another STREAM frame. This avoids splitting up STREAM frames into small pieces, which has 2 advantages: 1. it reduces the framing overhead 2. it reduces the head-of-line blocking, when a packet is lost

type ConnectionID

type ConnectionID []byte

A ConnectionID in QUIC

func GenerateConnectionID

func GenerateConnectionID(len int) (ConnectionID, error)

GenerateConnectionID generates a connection ID using cryptographic random

func GenerateConnectionIDForInitial

func GenerateConnectionIDForInitial() (ConnectionID, error)

GenerateConnectionIDForInitial generates a connection ID for the Initial packet. It uses a length randomly chosen between 8 and 18 bytes.

func ReadConnectionID

func ReadConnectionID(r io.Reader, len int) (ConnectionID, error)

ReadConnectionID reads a connection ID of length len from the given io.Reader. It returns io.EOF if there are not enough bytes to read.

func (ConnectionID) Bytes

func (c ConnectionID) Bytes() []byte

Bytes returns the byte representation

func (ConnectionID) Equal

func (c ConnectionID) Equal(other ConnectionID) bool

Equal says if two connection IDs are equal

func (ConnectionID) Len

func (c ConnectionID) Len() int

Len returns the length of the connection ID in bytes

func (ConnectionID) String

func (c ConnectionID) String() string

type EncryptionLevel

type EncryptionLevel int

EncryptionLevel is the encryption level Default value is Unencrypted

const (
	// EncryptionUnspecified is a not specified encryption level
	EncryptionUnspecified EncryptionLevel = iota
	// EncryptionUnencrypted is not encrypted
	EncryptionUnencrypted
	// EncryptionSecure is encrypted, but not forward secure
	EncryptionSecure
	// EncryptionForwardSecure is forward secure
	EncryptionForwardSecure
)

func (EncryptionLevel) String

func (e EncryptionLevel) String() string

type PacketNumber

type PacketNumber uint64

A PacketNumber in QUIC

const SkipPacketAveragePeriodLength PacketNumber = 500

SkipPacketAveragePeriodLength is the average period length in which one packet number is skipped to prevent an Optimistic ACK attack

func InferPacketNumber

func InferPacketNumber(
	packetNumberLength PacketNumberLen,
	lastPacketNumber PacketNumber,
	wirePacketNumber PacketNumber,
	version VersionNumber,
) PacketNumber

InferPacketNumber calculates the packet number based on the received packet number, its length and the last seen packet number

type PacketNumberLen

type PacketNumberLen uint8

PacketNumberLen is the length of the packet number in bytes

const (
	// PacketNumberLenInvalid is the default value and not a valid length for a packet number
	PacketNumberLenInvalid PacketNumberLen = 0
	// PacketNumberLen1 is a packet number length of 1 byte
	PacketNumberLen1 PacketNumberLen = 1
	// PacketNumberLen2 is a packet number length of 2 bytes
	PacketNumberLen2 PacketNumberLen = 2
	// PacketNumberLen4 is a packet number length of 4 bytes
	PacketNumberLen4 PacketNumberLen = 4
	// PacketNumberLen6 is a packet number length of 6 bytes
	PacketNumberLen6 PacketNumberLen = 6
)

func GetPacketNumberLength

func GetPacketNumberLength(packetNumber PacketNumber) PacketNumberLen

GetPacketNumberLength gets the minimum length needed to fully represent the packet number

func GetPacketNumberLengthForHeader

func GetPacketNumberLengthForHeader(packetNumber, leastUnacked PacketNumber, version VersionNumber) PacketNumberLen

GetPacketNumberLengthForHeader gets the length of the packet number for the public header it never chooses a PacketNumberLen of 1 byte, since this is too short under certain circumstances

type PacketType

type PacketType uint8

The PacketType is the Long Header Type (only used for the IETF draft header format)

const (
	// PacketTypeInitial is the packet type of an Initial packet
	PacketTypeInitial PacketType = 0x7f
	// PacketTypeRetry is the packet type of a Retry packet
	PacketTypeRetry PacketType = 0x7e
	// PacketTypeHandshake is the packet type of a Handshake packet
	PacketTypeHandshake PacketType = 0x7d
	// PacketType0RTT is the packet type of a 0-RTT packet
	PacketType0RTT PacketType = 0x7c
)

func (PacketType) String

func (t PacketType) String() string

type Perspective

type Perspective int

Perspective determines if we're acting as a server or a client

const (
	PerspectiveServer Perspective = 1
	PerspectiveClient Perspective = 2
)

the perspectives

func (Perspective) Opposite

func (p Perspective) Opposite() Perspective

Opposite returns the perspective of the peer

func (Perspective) String

func (p Perspective) String() string

type StreamID

type StreamID uint64

A StreamID in QUIC

func MaxBidiStreamID

func MaxBidiStreamID(numStreams int, pers Perspective) StreamID

MaxBidiStreamID is the highest stream ID that the peer is allowed to open, when it is allowed to open numStreams bidirectional streams. It is only valid for IETF QUIC.

func MaxUniStreamID

func MaxUniStreamID(numStreams int, pers Perspective) StreamID

MaxUniStreamID is the highest stream ID that the peer is allowed to open, when it is allowed to open numStreams unidirectional streams. It is only valid for IETF QUIC.

type VersionNumber

type VersionNumber uint32

VersionNumber is a version number as int

const (
	Version39       VersionNumber = gquicVersion0 + 3*0x100 + 0x9
	Version43       VersionNumber = gquicVersion0 + 4*0x100 + 0x3
	Version44       VersionNumber = gquicVersion0 + 4*0x100 + 0x4
	VersionTLS      VersionNumber = 101
	VersionWhatever VersionNumber = 0 // for when the version doesn't matter
	VersionUnknown  VersionNumber = math.MaxUint32
)

The version numbers, making grepping easier

func ChooseSupportedVersion

func ChooseSupportedVersion(ours, theirs []VersionNumber) (VersionNumber, bool)

ChooseSupportedVersion finds the best version in the overlap of ours and theirs ours is a slice of versions that we support, sorted by our preference (descending) theirs is a slice of versions offered by the peer. The order does not matter. The bool returned indicates if a matching version was found.

func GetGreasedVersions

func GetGreasedVersions(supported []VersionNumber) []VersionNumber

GetGreasedVersions adds one reserved version number to a slice of version numbers, at a random position

func StripGreasedVersions

func StripGreasedVersions(versions []VersionNumber) []VersionNumber

StripGreasedVersions strips all greased versions from a slice of versions

func (VersionNumber) CryptoStreamID

func (vn VersionNumber) CryptoStreamID() StreamID

CryptoStreamID gets the Stream ID of the crypto stream

func (VersionNumber) StreamContributesToConnectionFlowControl

func (vn VersionNumber) StreamContributesToConnectionFlowControl(id StreamID) bool

StreamContributesToConnectionFlowControl says if a stream contributes to connection-level flow control

func (VersionNumber) String

func (vn VersionNumber) String() string

func (VersionNumber) ToAltSvc

func (vn VersionNumber) ToAltSvc() string

ToAltSvc returns the representation of the version for the H2 Alt-Svc parameters

func (VersionNumber) UsesIETFFrameFormat

func (vn VersionNumber) UsesIETFFrameFormat() bool

UsesIETFFrameFormat tells if this version uses the IETF frame format

func (VersionNumber) UsesIETFHeaderFormat

func (vn VersionNumber) UsesIETFHeaderFormat() bool

UsesIETFHeaderFormat tells if this version uses the IETF header format

func (VersionNumber) UsesLengthInHeader

func (vn VersionNumber) UsesLengthInHeader() bool

UsesLengthInHeader tells if this version uses the Length field in the IETF header

func (VersionNumber) UsesStopWaitingFrames

func (vn VersionNumber) UsesStopWaitingFrames() bool

UsesStopWaitingFrames tells if this version uses STOP_WAITING frames

func (VersionNumber) UsesTLS

func (vn VersionNumber) UsesTLS() bool

UsesTLS says if this QUIC version uses TLS 1.3 for the handshake

func (VersionNumber) UsesTokenInHeader

func (vn VersionNumber) UsesTokenInHeader() bool

UsesTokenInHeader tells if this version uses the Token field in the IETF header

func (VersionNumber) UsesVarintPacketNumbers

func (vn VersionNumber) UsesVarintPacketNumbers() bool

UsesVarintPacketNumbers tells if this version uses 7/14/30 bit packet numbers

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL