1 /* 2 * Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include "internal/quic_demux.h" 11 #include "internal/quic_wire_pkt.h" 12 #include "internal/common.h" 13 #include <openssl/lhash.h> 14 #include <openssl/err.h> 15 16 #define URXE_DEMUX_STATE_FREE 0 /* on urx_free list */ 17 #define URXE_DEMUX_STATE_PENDING 1 /* on urx_pending list */ 18 #define URXE_DEMUX_STATE_ISSUED 2 /* on neither list */ 19 20 #define DEMUX_MAX_MSGS_PER_CALL 32 21 22 #define DEMUX_DEFAULT_MTU 1500 23 24 struct quic_demux_st { 25 /* The underlying transport BIO with datagram semantics. */ 26 BIO *net_bio; 27 28 /* 29 * QUIC short packets do not contain the length of the connection ID field, 30 * therefore it must be known contextually. The demuxer requires connection 31 * IDs of the same length to be used for all incoming packets. 32 */ 33 size_t short_conn_id_len; 34 35 /* 36 * Our current understanding of the upper bound on an incoming datagram size 37 * in bytes. 38 */ 39 size_t mtu; 40 41 /* The datagram_id to use for the next datagram we receive. */ 42 uint64_t next_datagram_id; 43 44 /* Time retrieval callback. */ 45 OSSL_TIME (*now)(void *arg); 46 void *now_arg; 47 48 /* The default packet handler, if any. */ 49 ossl_quic_demux_cb_fn *default_cb; 50 void *default_cb_arg; 51 52 /* 53 * List of URXEs which are not currently in use (i.e., not filled with 54 * unconsumed data). These are moved to the pending list as they are filled. 55 */ 56 QUIC_URXE_LIST urx_free; 57 58 /* 59 * List of URXEs which are filled with received encrypted data. These are 60 * removed from this list as we invoke the callbacks for each of them. They 61 * are then not on any list managed by us; we forget about them until our 62 * user calls ossl_quic_demux_release_urxe to return the URXE to us, at 63 * which point we add it to the free list. 64 */ 65 QUIC_URXE_LIST urx_pending; 66 67 /* Whether to use local address support. */ 68 char use_local_addr; 69 }; 70 71 QUIC_DEMUX *ossl_quic_demux_new(BIO *net_bio, 72 size_t short_conn_id_len, 73 OSSL_TIME (*now)(void *arg), 74 void *now_arg) 75 { 76 QUIC_DEMUX *demux; 77 78 demux = OPENSSL_zalloc(sizeof(QUIC_DEMUX)); 79 if (demux == NULL) 80 return NULL; 81 82 demux->net_bio = net_bio; 83 demux->short_conn_id_len = short_conn_id_len; 84 /* We update this if possible when we get a BIO. */ 85 demux->mtu = DEMUX_DEFAULT_MTU; 86 demux->now = now; 87 demux->now_arg = now_arg; 88 89 if (net_bio != NULL 90 && BIO_dgram_get_local_addr_cap(net_bio) 91 && BIO_dgram_set_local_addr_enable(net_bio, 1)) 92 demux->use_local_addr = 1; 93 94 return demux; 95 } 96 97 static void demux_free_urxl(QUIC_URXE_LIST *l) 98 { 99 QUIC_URXE *e, *enext; 100 101 for (e = ossl_list_urxe_head(l); e != NULL; e = enext) { 102 enext = ossl_list_urxe_next(e); 103 ossl_list_urxe_remove(l, e); 104 OPENSSL_free(e); 105 } 106 } 107 108 void ossl_quic_demux_free(QUIC_DEMUX *demux) 109 { 110 if (demux == NULL) 111 return; 112 113 /* Free all URXEs we are holding. */ 114 demux_free_urxl(&demux->urx_free); 115 demux_free_urxl(&demux->urx_pending); 116 117 OPENSSL_free(demux); 118 } 119 120 void ossl_quic_demux_set_bio(QUIC_DEMUX *demux, BIO *net_bio) 121 { 122 unsigned int mtu; 123 124 demux->net_bio = net_bio; 125 126 if (net_bio != NULL) { 127 /* 128 * Try to determine our MTU if possible. The BIO is not required to 129 * support this, in which case we remain at the last known MTU, or our 130 * initial default. 131 */ 132 mtu = BIO_dgram_get_mtu(net_bio); 133 if (mtu >= QUIC_MIN_INITIAL_DGRAM_LEN) 134 ossl_quic_demux_set_mtu(demux, mtu); /* best effort */ 135 } 136 } 137 138 int ossl_quic_demux_set_mtu(QUIC_DEMUX *demux, unsigned int mtu) 139 { 140 if (mtu < QUIC_MIN_INITIAL_DGRAM_LEN) 141 return 0; 142 143 demux->mtu = mtu; 144 return 1; 145 } 146 147 void ossl_quic_demux_set_default_handler(QUIC_DEMUX *demux, 148 ossl_quic_demux_cb_fn *cb, 149 void *cb_arg) 150 { 151 demux->default_cb = cb; 152 demux->default_cb_arg = cb_arg; 153 } 154 155 static QUIC_URXE *demux_alloc_urxe(size_t alloc_len) 156 { 157 QUIC_URXE *e; 158 159 if (alloc_len >= SIZE_MAX - sizeof(QUIC_URXE)) 160 return NULL; 161 162 e = OPENSSL_malloc(sizeof(QUIC_URXE) + alloc_len); 163 if (e == NULL) 164 return NULL; 165 166 ossl_list_urxe_init_elem(e); 167 e->alloc_len = alloc_len; 168 e->data_len = 0; 169 return e; 170 } 171 172 static QUIC_URXE *demux_resize_urxe(QUIC_DEMUX *demux, QUIC_URXE *e, 173 size_t new_alloc_len) 174 { 175 QUIC_URXE *e2, *prev; 176 177 if (!ossl_assert(e->demux_state == URXE_DEMUX_STATE_FREE)) 178 /* Never attempt to resize a URXE which is not on the free list. */ 179 return NULL; 180 181 prev = ossl_list_urxe_prev(e); 182 ossl_list_urxe_remove(&demux->urx_free, e); 183 184 if (new_alloc_len >= SIZE_MAX - sizeof(QUIC_URXE)) 185 return NULL; 186 187 e2 = OPENSSL_realloc(e, sizeof(QUIC_URXE) + new_alloc_len); 188 if (e2 == NULL) { 189 /* Failed to resize, abort. */ 190 if (prev == NULL) 191 ossl_list_urxe_insert_head(&demux->urx_free, e); 192 else 193 ossl_list_urxe_insert_after(&demux->urx_free, prev, e); 194 195 return NULL; 196 } 197 198 if (prev == NULL) 199 ossl_list_urxe_insert_head(&demux->urx_free, e2); 200 else 201 ossl_list_urxe_insert_after(&demux->urx_free, prev, e2); 202 203 e2->alloc_len = new_alloc_len; 204 return e2; 205 } 206 207 static QUIC_URXE *demux_reserve_urxe(QUIC_DEMUX *demux, QUIC_URXE *e, 208 size_t alloc_len) 209 { 210 return e->alloc_len < alloc_len ? demux_resize_urxe(demux, e, alloc_len) : e; 211 } 212 213 static int demux_ensure_free_urxe(QUIC_DEMUX *demux, size_t min_num_free) 214 { 215 QUIC_URXE *e; 216 217 while (ossl_list_urxe_num(&demux->urx_free) < min_num_free) { 218 e = demux_alloc_urxe(demux->mtu); 219 if (e == NULL) 220 return 0; 221 222 ossl_list_urxe_insert_tail(&demux->urx_free, e); 223 e->demux_state = URXE_DEMUX_STATE_FREE; 224 } 225 226 return 1; 227 } 228 229 /* 230 * Receive datagrams from network, placing them into URXEs. 231 * 232 * Returns 1 on success or 0 on failure. 233 * 234 * Precondition: at least one URXE is free 235 * Precondition: there are no pending URXEs 236 */ 237 static int demux_recv(QUIC_DEMUX *demux) 238 { 239 BIO_MSG msg[DEMUX_MAX_MSGS_PER_CALL]; 240 size_t rd, i; 241 QUIC_URXE *urxe = ossl_list_urxe_head(&demux->urx_free), *unext; 242 OSSL_TIME now; 243 244 /* This should never be called when we have any pending URXE. */ 245 assert(ossl_list_urxe_head(&demux->urx_pending) == NULL); 246 assert(urxe->demux_state == URXE_DEMUX_STATE_FREE); 247 248 if (demux->net_bio == NULL) 249 /* 250 * If no BIO is plugged in, treat this as no datagram being available. 251 */ 252 return QUIC_DEMUX_PUMP_RES_TRANSIENT_FAIL; 253 254 /* 255 * Opportunistically receive as many messages as possible in a single 256 * syscall, determined by how many free URXEs are available. 257 */ 258 for (i = 0; i < (ossl_ssize_t)OSSL_NELEM(msg); 259 ++i, urxe = ossl_list_urxe_next(urxe)) { 260 if (urxe == NULL) { 261 /* We need at least one URXE to receive into. */ 262 if (!ossl_assert(i > 0)) 263 return QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL; 264 265 break; 266 } 267 268 /* Ensure the URXE is big enough. */ 269 urxe = demux_reserve_urxe(demux, urxe, demux->mtu); 270 if (urxe == NULL) 271 /* Allocation error, fail. */ 272 return QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL; 273 274 /* Ensure we zero any fields added to BIO_MSG at a later date. */ 275 memset(&msg[i], 0, sizeof(BIO_MSG)); 276 msg[i].data = ossl_quic_urxe_data(urxe); 277 msg[i].data_len = urxe->alloc_len; 278 msg[i].peer = &urxe->peer; 279 BIO_ADDR_clear(&urxe->peer); 280 if (demux->use_local_addr) 281 msg[i].local = &urxe->local; 282 else 283 BIO_ADDR_clear(&urxe->local); 284 } 285 286 ERR_set_mark(); 287 if (!BIO_recvmmsg(demux->net_bio, msg, sizeof(BIO_MSG), i, 0, &rd)) { 288 if (BIO_err_is_non_fatal(ERR_peek_last_error())) { 289 /* Transient error, clear the error and stop. */ 290 ERR_pop_to_mark(); 291 return QUIC_DEMUX_PUMP_RES_TRANSIENT_FAIL; 292 } else { 293 /* Non-transient error, do not clear the error. */ 294 ERR_clear_last_mark(); 295 return QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL; 296 } 297 } 298 299 ERR_clear_last_mark(); 300 now = demux->now != NULL ? demux->now(demux->now_arg) : ossl_time_zero(); 301 302 urxe = ossl_list_urxe_head(&demux->urx_free); 303 for (i = 0; i < rd; ++i, urxe = unext) { 304 unext = ossl_list_urxe_next(urxe); 305 /* Set URXE with actual length of received datagram. */ 306 urxe->data_len = msg[i].data_len; 307 /* Time we received datagram. */ 308 urxe->time = now; 309 urxe->datagram_id = demux->next_datagram_id++; 310 /* Move from free list to pending list. */ 311 ossl_list_urxe_remove(&demux->urx_free, urxe); 312 ossl_list_urxe_insert_tail(&demux->urx_pending, urxe); 313 urxe->demux_state = URXE_DEMUX_STATE_PENDING; 314 } 315 316 return QUIC_DEMUX_PUMP_RES_OK; 317 } 318 319 /* Extract destination connection ID from the first packet in a datagram. */ 320 static int demux_identify_conn_id(QUIC_DEMUX *demux, 321 QUIC_URXE *e, 322 QUIC_CONN_ID *dst_conn_id) 323 { 324 return ossl_quic_wire_get_pkt_hdr_dst_conn_id(ossl_quic_urxe_data(e), 325 e->data_len, 326 demux->short_conn_id_len, 327 dst_conn_id); 328 } 329 330 /* 331 * Process a single pending URXE. 332 * Returning 1 on success, 0 on failure. 333 */ 334 static int demux_process_pending_urxe(QUIC_DEMUX *demux, QUIC_URXE *e) 335 { 336 QUIC_CONN_ID dst_conn_id; 337 int dst_conn_id_ok = 0; 338 339 /* The next URXE we process should be at the head of the pending list. */ 340 if (!ossl_assert(e == ossl_list_urxe_head(&demux->urx_pending))) 341 return 0; 342 343 assert(e->demux_state == URXE_DEMUX_STATE_PENDING); 344 345 /* Determine the DCID of the first packet in the datagram. */ 346 dst_conn_id_ok = demux_identify_conn_id(demux, e, &dst_conn_id); 347 348 ossl_list_urxe_remove(&demux->urx_pending, e); 349 if (demux->default_cb != NULL) { 350 /* 351 * Pass to default handler for routing. The URXE now belongs to the 352 * callback. 353 */ 354 e->demux_state = URXE_DEMUX_STATE_ISSUED; 355 demux->default_cb(e, demux->default_cb_arg, 356 dst_conn_id_ok ? &dst_conn_id : NULL); 357 } else { 358 /* Discard. */ 359 ossl_list_urxe_insert_tail(&demux->urx_free, e); 360 e->demux_state = URXE_DEMUX_STATE_FREE; 361 } 362 363 return 1; /* keep processing pending URXEs */ 364 } 365 366 /* Process pending URXEs to generate callbacks. */ 367 static int demux_process_pending_urxl(QUIC_DEMUX *demux) 368 { 369 QUIC_URXE *e; 370 int ret; 371 372 while ((e = ossl_list_urxe_head(&demux->urx_pending)) != NULL) 373 if ((ret = demux_process_pending_urxe(demux, e)) <= 0) 374 return ret; 375 376 return 1; 377 } 378 379 /* 380 * Drain the pending URXE list, processing any pending URXEs by making their 381 * callbacks. If no URXEs are pending, a network read is attempted first. 382 */ 383 int ossl_quic_demux_pump(QUIC_DEMUX *demux) 384 { 385 int ret; 386 387 if (ossl_list_urxe_head(&demux->urx_pending) == NULL) { 388 ret = demux_ensure_free_urxe(demux, DEMUX_MAX_MSGS_PER_CALL); 389 if (ret != 1) 390 return QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL; 391 392 ret = demux_recv(demux); 393 if (ret != QUIC_DEMUX_PUMP_RES_OK) 394 return ret; 395 396 /* 397 * If demux_recv returned successfully, we should always have something. 398 */ 399 assert(ossl_list_urxe_head(&demux->urx_pending) != NULL); 400 } 401 402 if ((ret = demux_process_pending_urxl(demux)) <= 0) 403 return QUIC_DEMUX_PUMP_RES_PERMANENT_FAIL; 404 405 return QUIC_DEMUX_PUMP_RES_OK; 406 } 407 408 /* Artificially inject a packet into the demuxer for testing purposes. */ 409 int ossl_quic_demux_inject(QUIC_DEMUX *demux, 410 const unsigned char *buf, 411 size_t buf_len, 412 const BIO_ADDR *peer, 413 const BIO_ADDR *local) 414 { 415 int ret; 416 QUIC_URXE *urxe; 417 418 ret = demux_ensure_free_urxe(demux, 1); 419 if (ret != 1) 420 return 0; 421 422 urxe = ossl_list_urxe_head(&demux->urx_free); 423 424 assert(urxe->demux_state == URXE_DEMUX_STATE_FREE); 425 426 urxe = demux_reserve_urxe(demux, urxe, buf_len); 427 if (urxe == NULL) 428 return 0; 429 430 memcpy(ossl_quic_urxe_data(urxe), buf, buf_len); 431 urxe->data_len = buf_len; 432 433 if (peer != NULL) 434 urxe->peer = *peer; 435 else 436 BIO_ADDR_clear(&urxe->peer); 437 438 if (local != NULL) 439 urxe->local = *local; 440 else 441 BIO_ADDR_clear(&urxe->local); 442 443 urxe->time 444 = demux->now != NULL ? demux->now(demux->now_arg) : ossl_time_zero(); 445 446 /* Move from free list to pending list. */ 447 ossl_list_urxe_remove(&demux->urx_free, urxe); 448 urxe->datagram_id = demux->next_datagram_id++; 449 ossl_list_urxe_insert_tail(&demux->urx_pending, urxe); 450 urxe->demux_state = URXE_DEMUX_STATE_PENDING; 451 452 return demux_process_pending_urxl(demux) > 0; 453 } 454 455 /* Called by our user to return a URXE to the free list. */ 456 void ossl_quic_demux_release_urxe(QUIC_DEMUX *demux, 457 QUIC_URXE *e) 458 { 459 assert(ossl_list_urxe_prev(e) == NULL && ossl_list_urxe_next(e) == NULL); 460 assert(e->demux_state == URXE_DEMUX_STATE_ISSUED); 461 ossl_list_urxe_insert_tail(&demux->urx_free, e); 462 e->demux_state = URXE_DEMUX_STATE_FREE; 463 } 464 465 void ossl_quic_demux_reinject_urxe(QUIC_DEMUX *demux, 466 QUIC_URXE *e) 467 { 468 assert(ossl_list_urxe_prev(e) == NULL && ossl_list_urxe_next(e) == NULL); 469 assert(e->demux_state == URXE_DEMUX_STATE_ISSUED); 470 ossl_list_urxe_insert_head(&demux->urx_pending, e); 471 e->demux_state = URXE_DEMUX_STATE_PENDING; 472 } 473 474 int ossl_quic_demux_has_pending(const QUIC_DEMUX *demux) 475 { 476 return ossl_list_urxe_head(&demux->urx_pending) != NULL; 477 } 478
Indexes created Fri Jun 26 00:24:39 UTC 2026