1 /*
2 * Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include "internal/packet_quic.h"
11 #include "internal/nelem.h"
12 #include "internal/quic_wire.h"
13 #include "internal/quic_record_rx.h"
14 #include "internal/quic_ackm.h"
15 #include "internal/quic_rx_depack.h"
16 #include "internal/quic_error.h"
17 #include "internal/quic_fc.h"
18 #include "internal/quic_channel.h"
19 #include "internal/sockets.h"
20
21 #include "quic_local.h"
22 #include "quic_channel_local.h"
23 #include "../ssl_local.h"
24
25 /*
26 * Helper functions to process different frame types.
27 *
28 * Typically, those that are ACK eliciting will take an OSSL_ACKM_RX_PKT
29 * pointer argument, the few that aren't ACK eliciting will not. This makes
30 * them a verifiable pattern against tables where this is specified.
31 */
32 static int depack_do_implicit_stream_create(QUIC_CHANNEL *ch,
33 uint64_t stream_id,
34 uint64_t frame_type,
35 QUIC_STREAM **result);
36
depack_do_frame_padding(PACKET * pkt)37 static int depack_do_frame_padding(PACKET *pkt)
38 {
39 /* We ignore this frame */
40 ossl_quic_wire_decode_padding(pkt);
41 return 1;
42 }
43
depack_do_frame_ping(PACKET * pkt,QUIC_CHANNEL * ch,uint32_t enc_level,OSSL_ACKM_RX_PKT * ackm_data)44 static int depack_do_frame_ping(PACKET *pkt, QUIC_CHANNEL *ch,
45 uint32_t enc_level,
46 OSSL_ACKM_RX_PKT *ackm_data)
47 {
48 /* We ignore this frame, apart from eliciting an ACK */
49 if (!ossl_quic_wire_decode_frame_ping(pkt)) {
50 ossl_quic_channel_raise_protocol_error(ch,
51 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
52 OSSL_QUIC_FRAME_TYPE_PING,
53 "decode error");
54 return 0;
55 }
56
57 ossl_quic_tx_packetiser_schedule_ack_eliciting(ch->txp, enc_level);
58 return 1;
59 }
60
depack_do_frame_ack(PACKET * pkt,QUIC_CHANNEL * ch,int packet_space,OSSL_TIME received,uint64_t frame_type,OSSL_QRX_PKT * qpacket)61 static int depack_do_frame_ack(PACKET *pkt, QUIC_CHANNEL *ch,
62 int packet_space, OSSL_TIME received,
63 uint64_t frame_type,
64 OSSL_QRX_PKT *qpacket)
65 {
66 OSSL_QUIC_FRAME_ACK ack;
67 OSSL_QUIC_ACK_RANGE *p;
68 uint64_t total_ranges = 0;
69 uint32_t ack_delay_exp = ch->rx_ack_delay_exp;
70
71 if (!ossl_quic_wire_peek_frame_ack_num_ranges(pkt, &total_ranges)
72 /* In case sizeof(uint64_t) > sizeof(size_t) */
73 || total_ranges > SIZE_MAX / sizeof(OSSL_QUIC_ACK_RANGE))
74 goto malformed;
75
76 if (ch->num_ack_range_scratch < (size_t)total_ranges) {
77 if ((p = OPENSSL_realloc(ch->ack_range_scratch,
78 sizeof(OSSL_QUIC_ACK_RANGE)
79 * (size_t)total_ranges)) == NULL)
80 goto malformed;
81
82 ch->ack_range_scratch = p;
83 ch->num_ack_range_scratch = (size_t)total_ranges;
84 }
85
86 ack.ack_ranges = ch->ack_range_scratch;
87 ack.num_ack_ranges = (size_t)total_ranges;
88
89 if (!ossl_quic_wire_decode_frame_ack(pkt, ack_delay_exp, &ack, NULL))
90 goto malformed;
91
92 if (qpacket->hdr->type == QUIC_PKT_TYPE_1RTT
93 && (qpacket->key_epoch < ossl_qrx_get_key_epoch(ch->qrx)
94 || ch->rxku_expected)
95 && ack.ack_ranges[0].end >= ch->txku_pn) {
96 /*
97 * RFC 9001 s. 6.2: An endpoint that receives an acknowledgment that is
98 * carried in a packet protected with old keys where any acknowledged
99 * packet was protected with newer keys MAY treat that as a connection
100 * error of type KEY_UPDATE_ERROR.
101 *
102 * Two cases to handle here:
103 *
104 * - We did spontaneous TXKU, the peer has responded in kind and we
105 * have detected RXKU; !ch->rxku_expected, but then it sent a packet
106 * with old keys acknowledging a packet in the new key epoch.
107 *
108 * This also covers the case where we got RXKU and triggered
109 * solicited TXKU, and then for some reason the peer sent an ACK of
110 * a PN in our new TX key epoch with old keys.
111 *
112 * - We did spontaneous TXKU; ch->txku_pn is the starting PN of our
113 * new TX key epoch; the peer has not initiated a solicited TXKU in
114 * response (so we have not detected RXKU); in this case the RX key
115 * epoch has not incremented and ch->rxku_expected is still 1.
116 */
117 ossl_quic_channel_raise_protocol_error(ch,
118 OSSL_QUIC_ERR_KEY_UPDATE_ERROR,
119 frame_type,
120 "acked packet which initiated a "
121 "key update without a "
122 "corresponding key update");
123 return 0;
124 }
125
126 if (!ossl_ackm_on_rx_ack_frame(ch->ackm, &ack,
127 packet_space, received))
128 goto malformed;
129
130 ++ch->diag_num_rx_ack;
131 return 1;
132
133 malformed:
134 ossl_quic_channel_raise_protocol_error(ch,
135 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
136 frame_type,
137 "decode error");
138 return 0;
139 }
140
depack_do_frame_reset_stream(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)141 static int depack_do_frame_reset_stream(PACKET *pkt,
142 QUIC_CHANNEL *ch,
143 OSSL_ACKM_RX_PKT *ackm_data)
144 {
145 OSSL_QUIC_FRAME_RESET_STREAM frame_data;
146 QUIC_STREAM *stream = NULL;
147 uint64_t fce;
148
149 if (!ossl_quic_wire_decode_frame_reset_stream(pkt, &frame_data)) {
150 ossl_quic_channel_raise_protocol_error(ch,
151 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
152 OSSL_QUIC_FRAME_TYPE_RESET_STREAM,
153 "decode error");
154 return 0;
155 }
156
157 if (!depack_do_implicit_stream_create(ch, frame_data.stream_id,
158 OSSL_QUIC_FRAME_TYPE_RESET_STREAM,
159 &stream))
160 return 0; /* error already raised for us */
161
162 if (stream == NULL)
163 return 1; /* old deleted stream, not a protocol violation, ignore */
164
165 if (!ossl_quic_stream_has_recv(stream)) {
166 ossl_quic_channel_raise_protocol_error(ch,
167 OSSL_QUIC_ERR_STREAM_STATE_ERROR,
168 OSSL_QUIC_FRAME_TYPE_RESET_STREAM,
169 "RESET_STREAM frame for "
170 "TX only stream");
171 return 0;
172 }
173
174 /*
175 * The final size field of the RESET_STREAM frame must be used to determine
176 * how much flow control credit the aborted stream was considered to have
177 * consumed.
178 *
179 * We also need to ensure that if we already have a final size for the
180 * stream, the RESET_STREAM frame's Final Size field matches this; we SHOULD
181 * terminate the connection otherwise (RFC 9000 s. 4.5). The RXFC takes care
182 * of this for us.
183 */
184 if (!ossl_quic_rxfc_on_rx_stream_frame(&stream->rxfc,
185 frame_data.final_size, /*is_fin=*/1)) {
186 ossl_quic_channel_raise_protocol_error(ch,
187 OSSL_QUIC_ERR_INTERNAL_ERROR,
188 OSSL_QUIC_FRAME_TYPE_RESET_STREAM,
189 "internal error (flow control)");
190 return 0;
191 }
192
193 /* Has a flow control error occurred? */
194 fce = ossl_quic_rxfc_get_error(&stream->rxfc, 0);
195 if (fce != OSSL_QUIC_ERR_NO_ERROR) {
196 ossl_quic_channel_raise_protocol_error(ch,
197 fce,
198 OSSL_QUIC_FRAME_TYPE_RESET_STREAM,
199 "flow control violation");
200 return 0;
201 }
202
203 /*
204 * Depending on the receive part state this is handled either as a reset
205 * transition or a no-op (e.g. if a reset has already been received before,
206 * or the application already retired a FIN). Best effort - there are no
207 * protocol error conditions we need to check for here.
208 */
209 ossl_quic_stream_map_notify_reset_recv_part(&ch->qsm, stream,
210 frame_data.app_error_code,
211 frame_data.final_size);
212
213 ossl_quic_stream_map_update_state(&ch->qsm, stream);
214 return 1;
215 }
216
depack_do_frame_stop_sending(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)217 static int depack_do_frame_stop_sending(PACKET *pkt,
218 QUIC_CHANNEL *ch,
219 OSSL_ACKM_RX_PKT *ackm_data)
220 {
221 OSSL_QUIC_FRAME_STOP_SENDING frame_data;
222 QUIC_STREAM *stream = NULL;
223
224 if (!ossl_quic_wire_decode_frame_stop_sending(pkt, &frame_data)) {
225 ossl_quic_channel_raise_protocol_error(ch,
226 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
227 OSSL_QUIC_FRAME_TYPE_STOP_SENDING,
228 "decode error");
229 return 0;
230 }
231
232 if (!depack_do_implicit_stream_create(ch, frame_data.stream_id,
233 OSSL_QUIC_FRAME_TYPE_STOP_SENDING,
234 &stream))
235 return 0; /* error already raised for us */
236
237 if (stream == NULL)
238 return 1; /* old deleted stream, not a protocol violation, ignore */
239
240 if (!ossl_quic_stream_has_send(stream)) {
241 ossl_quic_channel_raise_protocol_error(ch,
242 OSSL_QUIC_ERR_STREAM_STATE_ERROR,
243 OSSL_QUIC_FRAME_TYPE_STOP_SENDING,
244 "STOP_SENDING frame for "
245 "RX only stream");
246 return 0;
247 }
248
249 stream->peer_stop_sending = 1;
250 stream->peer_stop_sending_aec = frame_data.app_error_code;
251
252 /*
253 * RFC 9000 s. 3.5: Receiving a STOP_SENDING frame means we must respond in
254 * turn with a RESET_STREAM frame for the same part of the stream. The other
255 * part is unaffected.
256 */
257 ossl_quic_stream_map_reset_stream_send_part(&ch->qsm, stream,
258 frame_data.app_error_code);
259 return 1;
260 }
261
depack_do_frame_crypto(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_QRX_PKT * parent_pkt,OSSL_ACKM_RX_PKT * ackm_data,uint64_t * datalen)262 static int depack_do_frame_crypto(PACKET *pkt, QUIC_CHANNEL *ch,
263 OSSL_QRX_PKT *parent_pkt,
264 OSSL_ACKM_RX_PKT *ackm_data,
265 uint64_t *datalen)
266 {
267 OSSL_QUIC_FRAME_CRYPTO f;
268 QUIC_RSTREAM *rstream;
269 QUIC_RXFC *rxfc;
270
271 *datalen = 0;
272
273 if (!ossl_quic_wire_decode_frame_crypto(pkt, 0, &f)) {
274 ossl_quic_channel_raise_protocol_error(ch,
275 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
276 OSSL_QUIC_FRAME_TYPE_CRYPTO,
277 "decode error");
278 return 0;
279 }
280
281 if (f.len == 0)
282 return 1; /* nothing to do */
283
284 rstream = ch->crypto_recv[ackm_data->pkt_space];
285 if (!ossl_assert(rstream != NULL))
286 /*
287 * This should not happen; we should only have a NULL stream here if
288 * the EL has been discarded, and if the EL has been discarded we
289 * shouldn't be here.
290 */
291 return 0;
292
293 rxfc = &ch->crypto_rxfc[ackm_data->pkt_space];
294
295 if (!ossl_quic_rxfc_on_rx_stream_frame(rxfc, f.offset + f.len,
296 /*is_fin=*/0)) {
297 ossl_quic_channel_raise_protocol_error(ch,
298 OSSL_QUIC_ERR_INTERNAL_ERROR,
299 OSSL_QUIC_FRAME_TYPE_CRYPTO,
300 "internal error (crypto RXFC)");
301 return 0;
302 }
303
304 if (ossl_quic_rxfc_get_error(rxfc, 0) != OSSL_QUIC_ERR_NO_ERROR) {
305 ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED,
306 OSSL_QUIC_FRAME_TYPE_CRYPTO,
307 "exceeded maximum crypto buffer");
308 return 0;
309 }
310
311 if (!ossl_quic_rstream_queue_data(rstream, parent_pkt,
312 f.offset, f.data, f.len, 0)) {
313 ossl_quic_channel_raise_protocol_error(ch,
314 OSSL_QUIC_ERR_INTERNAL_ERROR,
315 OSSL_QUIC_FRAME_TYPE_CRYPTO,
316 "internal error (rstream queue)");
317 return 0;
318 }
319
320 ch->did_crypto_frame = 1;
321 *datalen = f.len;
322
323 return 1;
324 }
325
depack_do_frame_new_token(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)326 static int depack_do_frame_new_token(PACKET *pkt, QUIC_CHANNEL *ch,
327 OSSL_ACKM_RX_PKT *ackm_data)
328 {
329 const uint8_t *token;
330 size_t token_len;
331
332 if (!ossl_quic_wire_decode_frame_new_token(pkt, &token, &token_len)) {
333 ossl_quic_channel_raise_protocol_error(ch,
334 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
335 OSSL_QUIC_FRAME_TYPE_NEW_TOKEN,
336 "decode error");
337 return 0;
338 }
339
340 if (token_len == 0) {
341 /*
342 * RFC 9000 s. 19.7: "A client MUST treat receipt of a NEW_TOKEN frame
343 * with an empty Token field as a connection error of type
344 * FRAME_ENCODING_ERROR."
345 */
346 ossl_quic_channel_raise_protocol_error(ch,
347 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
348 OSSL_QUIC_FRAME_TYPE_NEW_TOKEN,
349 "zero-length NEW_TOKEN");
350 return 0;
351 }
352
353 /* TODO(QUIC FUTURE): ADD CODE to send |token| to the session manager */
354
355 return 1;
356 }
357
358 /*
359 * Returns 1 if no protocol violation has occurred. In this case *result will be
360 * non-NULL unless this is an old deleted stream and we should ignore the frame
361 * causing this function to be called. Returns 0 on protocol violation.
362 */
depack_do_implicit_stream_create(QUIC_CHANNEL * ch,uint64_t stream_id,uint64_t frame_type,QUIC_STREAM ** result)363 static int depack_do_implicit_stream_create(QUIC_CHANNEL *ch,
364 uint64_t stream_id,
365 uint64_t frame_type,
366 QUIC_STREAM **result)
367 {
368 QUIC_STREAM *stream;
369 uint64_t peer_role, stream_ordinal;
370 uint64_t *p_next_ordinal_local, *p_next_ordinal_remote;
371 QUIC_RXFC *max_streams_fc;
372 int is_uni, is_remote_init;
373
374 stream = ossl_quic_stream_map_get_by_id(&ch->qsm, stream_id);
375 if (stream != NULL) {
376 *result = stream;
377 return 1;
378 }
379
380 /*
381 * If we do not yet have a stream with the given ID, there are three
382 * possibilities:
383 *
384 * (a) The stream ID is for a remotely-created stream and the peer
385 * is creating a stream.
386 *
387 * (b) The stream ID is for a locally-created stream which has
388 * previously been deleted.
389 *
390 * (c) The stream ID is for a locally-created stream which does
391 * not exist yet. This is a protocol violation and we must
392 * terminate the connection in this case.
393 *
394 * We distinguish between (b) and (c) using the stream ID allocator
395 * variable. Since stream ordinals are allocated monotonically, we
396 * simply determine if the stream ordinal is in the future.
397 */
398 peer_role = ch->is_server
399 ? QUIC_STREAM_INITIATOR_CLIENT
400 : QUIC_STREAM_INITIATOR_SERVER;
401
402 is_remote_init = ((stream_id & QUIC_STREAM_INITIATOR_MASK) == peer_role);
403 is_uni = ((stream_id & QUIC_STREAM_DIR_MASK) == QUIC_STREAM_DIR_UNI);
404
405 stream_ordinal = stream_id >> 2;
406
407 if (is_remote_init) {
408 /*
409 * Peer-created stream which does not yet exist. Create it. QUIC stream
410 * ordinals within a given stream type MUST be used in sequence and
411 * receiving a STREAM frame for ordinal n must implicitly create streams
412 * with ordinals [0, n) within that stream type even if no explicit
413 * STREAM frames are received for those ordinals.
414 */
415 p_next_ordinal_remote = is_uni
416 ? &ch->next_remote_stream_ordinal_uni
417 : &ch->next_remote_stream_ordinal_bidi;
418
419 /* Check this isn't violating stream count flow control. */
420 max_streams_fc = is_uni
421 ? &ch->max_streams_uni_rxfc
422 : &ch->max_streams_bidi_rxfc;
423
424 if (!ossl_quic_rxfc_on_rx_stream_frame(max_streams_fc,
425 stream_ordinal + 1,
426 /*is_fin=*/0)) {
427 ossl_quic_channel_raise_protocol_error(ch,
428 OSSL_QUIC_ERR_INTERNAL_ERROR,
429 frame_type,
430 "internal error (stream count RXFC)");
431 return 0;
432 }
433
434 if (ossl_quic_rxfc_get_error(max_streams_fc, 0) != OSSL_QUIC_ERR_NO_ERROR) {
435 ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_STREAM_LIMIT_ERROR,
436 frame_type,
437 "exceeded maximum allowed streams");
438 return 0;
439 }
440
441 /*
442 * Create the named stream and any streams coming before it yet to be
443 * created.
444 */
445 while (*p_next_ordinal_remote <= stream_ordinal) {
446 uint64_t cur_stream_id = (*p_next_ordinal_remote << 2) |
447 (stream_id
448 & (QUIC_STREAM_DIR_MASK | QUIC_STREAM_INITIATOR_MASK));
449
450 stream = ossl_quic_channel_new_stream_remote(ch, cur_stream_id);
451 if (stream == NULL) {
452 ossl_quic_channel_raise_protocol_error(ch,
453 OSSL_QUIC_ERR_INTERNAL_ERROR,
454 frame_type,
455 "internal error (stream allocation)");
456 return 0;
457 }
458
459 ++*p_next_ordinal_remote;
460 }
461
462 *result = stream;
463 } else {
464 /* Locally-created stream which does not yet exist. */
465 p_next_ordinal_local = is_uni
466 ? &ch->next_local_stream_ordinal_uni
467 : &ch->next_local_stream_ordinal_bidi;
468
469 if (stream_ordinal >= *p_next_ordinal_local) {
470 /*
471 * We never created this stream yet, this is a protocol
472 * violation.
473 */
474 ossl_quic_channel_raise_protocol_error(ch,
475 OSSL_QUIC_ERR_STREAM_STATE_ERROR,
476 frame_type,
477 "STREAM frame for nonexistent "
478 "stream");
479 return 0;
480 }
481
482 /*
483 * Otherwise this is for an old locally-initiated stream which we
484 * have subsequently deleted. Ignore the data; it may simply be a
485 * retransmission. We already take care of notifying the peer of the
486 * termination of the stream during the stream deletion lifecycle.
487 */
488 *result = NULL;
489 }
490
491 return 1;
492 }
493
depack_do_frame_stream(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_QRX_PKT * parent_pkt,OSSL_ACKM_RX_PKT * ackm_data,uint64_t frame_type,uint64_t * datalen)494 static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch,
495 OSSL_QRX_PKT *parent_pkt,
496 OSSL_ACKM_RX_PKT *ackm_data,
497 uint64_t frame_type,
498 uint64_t *datalen)
499 {
500 OSSL_QUIC_FRAME_STREAM frame_data;
501 QUIC_STREAM *stream;
502 uint64_t fce;
503 size_t rs_avail;
504 int rs_fin = 0;
505
506 *datalen = 0;
507
508 if (!ossl_quic_wire_decode_frame_stream(pkt, 0, &frame_data)) {
509 ossl_quic_channel_raise_protocol_error(ch,
510 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
511 frame_type,
512 "decode error");
513 return 0;
514 }
515
516 if (!depack_do_implicit_stream_create(ch, frame_data.stream_id,
517 frame_type, &stream))
518 return 0; /* protocol error raised by above call */
519
520 if (stream == NULL)
521 /*
522 * Data for old stream which is not a protocol violation but should be
523 * ignored, so stop here.
524 */
525 return 1;
526
527 if (!ossl_quic_stream_has_recv(stream)) {
528 ossl_quic_channel_raise_protocol_error(ch,
529 OSSL_QUIC_ERR_STREAM_STATE_ERROR,
530 frame_type,
531 "STREAM frame for TX only "
532 "stream");
533 return 0;
534 }
535
536 /* Notify stream flow controller. */
537 if (!ossl_quic_rxfc_on_rx_stream_frame(&stream->rxfc,
538 frame_data.offset + frame_data.len,
539 frame_data.is_fin)) {
540 ossl_quic_channel_raise_protocol_error(ch,
541 OSSL_QUIC_ERR_INTERNAL_ERROR,
542 frame_type,
543 "internal error (flow control)");
544 return 0;
545 }
546
547 /* Has a flow control error occurred? */
548 fce = ossl_quic_rxfc_get_error(&stream->rxfc, 0);
549 if (fce != OSSL_QUIC_ERR_NO_ERROR) {
550 ossl_quic_channel_raise_protocol_error(ch,
551 fce,
552 frame_type,
553 "flow control violation");
554 return 0;
555 }
556
557 switch (stream->recv_state) {
558 case QUIC_RSTREAM_STATE_RECV:
559 case QUIC_RSTREAM_STATE_SIZE_KNOWN:
560 /*
561 * It only makes sense to process incoming STREAM frames in these
562 * states.
563 */
564 break;
565
566 case QUIC_RSTREAM_STATE_DATA_RECVD:
567 case QUIC_RSTREAM_STATE_DATA_READ:
568 case QUIC_RSTREAM_STATE_RESET_RECVD:
569 case QUIC_RSTREAM_STATE_RESET_READ:
570 default:
571 /*
572 * We have no use for STREAM frames once the receive part reaches any of
573 * these states, so just ignore.
574 */
575 return 1;
576 }
577
578 /* If we are in RECV, auto-transition to SIZE_KNOWN on FIN. */
579 if (frame_data.is_fin
580 && !ossl_quic_stream_recv_get_final_size(stream, NULL)) {
581
582 /* State was already checked above, so can't fail. */
583 ossl_quic_stream_map_notify_size_known_recv_part(&ch->qsm, stream,
584 frame_data.offset
585 + frame_data.len);
586 }
587
588 /*
589 * If we requested STOP_SENDING do not bother buffering the data. Note that
590 * this must happen after RXFC checks above as even if we sent STOP_SENDING
591 * we must still enforce correct flow control (RFC 9000 s. 3.5).
592 */
593 if (stream->stop_sending)
594 return 1; /* not an error - packet reordering, etc. */
595
596 /*
597 * The receive stream buffer may or may not choose to consume the data
598 * without copying by reffing the OSSL_QRX_PKT. In this case
599 * ossl_qrx_pkt_release() will be eventually called when the data is no
600 * longer needed.
601 *
602 * It is OK for the peer to send us a zero-length non-FIN STREAM frame,
603 * which is a no-op, aside from the fact that it ensures the stream exists.
604 * In this case we have nothing to report to the receive buffer.
605 */
606 if ((frame_data.len > 0 || frame_data.is_fin)
607 && !ossl_quic_rstream_queue_data(stream->rstream, parent_pkt,
608 frame_data.offset,
609 frame_data.data,
610 frame_data.len,
611 frame_data.is_fin)) {
612 ossl_quic_channel_raise_protocol_error(ch,
613 OSSL_QUIC_ERR_INTERNAL_ERROR,
614 frame_type,
615 "internal error (rstream queue)");
616 return 0;
617 }
618
619 /*
620 * rs_fin will be 1 only if we can read all data up to and including the FIN
621 * without any gaps before it; this implies we have received all data. Avoid
622 * calling ossl_quic_rstream_available() where it is not necessary as it is
623 * more expensive.
624 */
625 if (stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN
626 && !ossl_quic_rstream_available(stream->rstream, &rs_avail, &rs_fin)) {
627 ossl_quic_channel_raise_protocol_error(ch,
628 OSSL_QUIC_ERR_INTERNAL_ERROR,
629 frame_type,
630 "internal error (rstream available)");
631 return 0;
632 }
633
634 if (rs_fin)
635 ossl_quic_stream_map_notify_totally_received(&ch->qsm, stream);
636
637 *datalen = frame_data.len;
638
639 return 1;
640 }
641
update_streams(QUIC_STREAM * s,void * arg)642 static void update_streams(QUIC_STREAM *s, void *arg)
643 {
644 QUIC_CHANNEL *ch = arg;
645
646 ossl_quic_stream_map_update_state(&ch->qsm, s);
647 }
648
update_streams_bidi(QUIC_STREAM * s,void * arg)649 static void update_streams_bidi(QUIC_STREAM *s, void *arg)
650 {
651 QUIC_CHANNEL *ch = arg;
652
653 if (!ossl_quic_stream_is_bidi(s))
654 return;
655
656 ossl_quic_stream_map_update_state(&ch->qsm, s);
657 }
658
update_streams_uni(QUIC_STREAM * s,void * arg)659 static void update_streams_uni(QUIC_STREAM *s, void *arg)
660 {
661 QUIC_CHANNEL *ch = arg;
662
663 if (ossl_quic_stream_is_bidi(s))
664 return;
665
666 ossl_quic_stream_map_update_state(&ch->qsm, s);
667 }
668
depack_do_frame_max_data(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)669 static int depack_do_frame_max_data(PACKET *pkt, QUIC_CHANNEL *ch,
670 OSSL_ACKM_RX_PKT *ackm_data)
671 {
672 uint64_t max_data = 0;
673
674 if (!ossl_quic_wire_decode_frame_max_data(pkt, &max_data)) {
675 ossl_quic_channel_raise_protocol_error(ch,
676 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
677 OSSL_QUIC_FRAME_TYPE_MAX_DATA,
678 "decode error");
679 return 0;
680 }
681
682 ossl_quic_txfc_bump_cwm(&ch->conn_txfc, max_data);
683 ossl_quic_stream_map_visit(&ch->qsm, update_streams, ch);
684 return 1;
685 }
686
depack_do_frame_max_stream_data(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)687 static int depack_do_frame_max_stream_data(PACKET *pkt,
688 QUIC_CHANNEL *ch,
689 OSSL_ACKM_RX_PKT *ackm_data)
690 {
691 uint64_t stream_id = 0;
692 uint64_t max_stream_data = 0;
693 QUIC_STREAM *stream;
694
695 if (!ossl_quic_wire_decode_frame_max_stream_data(pkt, &stream_id,
696 &max_stream_data)) {
697 ossl_quic_channel_raise_protocol_error(ch,
698 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
699 OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA,
700 "decode error");
701 return 0;
702 }
703
704 if (!depack_do_implicit_stream_create(ch, stream_id,
705 OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA,
706 &stream))
707 return 0; /* error already raised for us */
708
709 if (stream == NULL)
710 return 1; /* old deleted stream, not a protocol violation, ignore */
711
712 if (!ossl_quic_stream_has_send(stream)) {
713 ossl_quic_channel_raise_protocol_error(ch,
714 OSSL_QUIC_ERR_STREAM_STATE_ERROR,
715 OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA,
716 "MAX_STREAM_DATA for TX only "
717 "stream");
718 return 0;
719 }
720
721 ossl_quic_txfc_bump_cwm(&stream->txfc, max_stream_data);
722 ossl_quic_stream_map_update_state(&ch->qsm, stream);
723 return 1;
724 }
725
depack_do_frame_max_streams(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data,uint64_t frame_type)726 static int depack_do_frame_max_streams(PACKET *pkt,
727 QUIC_CHANNEL *ch,
728 OSSL_ACKM_RX_PKT *ackm_data,
729 uint64_t frame_type)
730 {
731 uint64_t max_streams = 0;
732
733 if (!ossl_quic_wire_decode_frame_max_streams(pkt, &max_streams)) {
734 ossl_quic_channel_raise_protocol_error(ch,
735 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
736 frame_type,
737 "decode error");
738 return 0;
739 }
740
741 if (max_streams > (((uint64_t)1) << 60)) {
742 ossl_quic_channel_raise_protocol_error(ch,
743 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
744 frame_type,
745 "invalid max streams value");
746 return 0;
747 }
748
749 switch (frame_type) {
750 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI:
751 if (max_streams > ch->max_local_streams_bidi)
752 ch->max_local_streams_bidi = max_streams;
753
754 /* Some streams may now be able to send. */
755 ossl_quic_stream_map_visit(&ch->qsm, update_streams_bidi, ch);
756 break;
757 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI:
758 if (max_streams > ch->max_local_streams_uni)
759 ch->max_local_streams_uni = max_streams;
760
761 /* Some streams may now be able to send. */
762 ossl_quic_stream_map_visit(&ch->qsm, update_streams_uni, ch);
763 break;
764 default:
765 ossl_quic_channel_raise_protocol_error(ch,
766 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
767 frame_type,
768 "decode error");
769 return 0;
770 }
771
772 return 1;
773 }
774
depack_do_frame_data_blocked(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)775 static int depack_do_frame_data_blocked(PACKET *pkt,
776 QUIC_CHANNEL *ch,
777 OSSL_ACKM_RX_PKT *ackm_data)
778 {
779 uint64_t max_data = 0;
780
781 if (!ossl_quic_wire_decode_frame_data_blocked(pkt, &max_data)) {
782 ossl_quic_channel_raise_protocol_error(ch,
783 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
784 OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED,
785 "decode error");
786 return 0;
787 }
788
789 /* No-op - informative/debugging frame. */
790 return 1;
791 }
792
depack_do_frame_stream_data_blocked(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)793 static int depack_do_frame_stream_data_blocked(PACKET *pkt,
794 QUIC_CHANNEL *ch,
795 OSSL_ACKM_RX_PKT *ackm_data)
796 {
797 uint64_t stream_id = 0;
798 uint64_t max_data = 0;
799 QUIC_STREAM *stream;
800
801 if (!ossl_quic_wire_decode_frame_stream_data_blocked(pkt, &stream_id,
802 &max_data)) {
803 ossl_quic_channel_raise_protocol_error(ch,
804 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
805 OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED,
806 "decode error");
807 return 0;
808 }
809
810 /*
811 * This is an informative/debugging frame, so we don't have to do anything,
812 * but it does trigger stream creation.
813 */
814 if (!depack_do_implicit_stream_create(ch, stream_id,
815 OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED,
816 &stream))
817 return 0; /* error already raised for us */
818
819 if (stream == NULL)
820 return 1; /* old deleted stream, not a protocol violation, ignore */
821
822 if (!ossl_quic_stream_has_recv(stream)) {
823 /*
824 * RFC 9000 s. 19.14: "An endpoint that receives a STREAM_DATA_BLOCKED
825 * frame for a send-only stream MUST terminate the connection with error
826 * STREAM_STATE_ERROR."
827 */
828 ossl_quic_channel_raise_protocol_error(ch,
829 OSSL_QUIC_ERR_STREAM_STATE_ERROR,
830 OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED,
831 "STREAM_DATA_BLOCKED frame for "
832 "TX only stream");
833 return 0;
834 }
835
836 /* No-op - informative/debugging frame. */
837 return 1;
838 }
839
depack_do_frame_streams_blocked(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data,uint64_t frame_type)840 static int depack_do_frame_streams_blocked(PACKET *pkt,
841 QUIC_CHANNEL *ch,
842 OSSL_ACKM_RX_PKT *ackm_data,
843 uint64_t frame_type)
844 {
845 uint64_t max_data = 0;
846
847 if (!ossl_quic_wire_decode_frame_streams_blocked(pkt, &max_data)) {
848 ossl_quic_channel_raise_protocol_error(ch,
849 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
850 frame_type,
851 "decode error");
852 return 0;
853 }
854
855 if (max_data > (((uint64_t)1) << 60)) {
856 /*
857 * RFC 9000 s. 19.14: "This value cannot exceed 2**60, as it is not
858 * possible to encode stream IDs larger than 2**62 - 1. Receipt of a
859 * frame that encodes a larger stream ID MUST be treated as a connection
860 * error of type STREAM_LIMIT_ERROR or FRAME_ENCODING_ERROR."
861 */
862 ossl_quic_channel_raise_protocol_error(ch,
863 OSSL_QUIC_ERR_STREAM_LIMIT_ERROR,
864 frame_type,
865 "invalid stream count limit");
866 return 0;
867 }
868
869 /* No-op - informative/debugging frame. */
870 return 1;
871 }
872
depack_do_frame_new_conn_id(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)873 static int depack_do_frame_new_conn_id(PACKET *pkt,
874 QUIC_CHANNEL *ch,
875 OSSL_ACKM_RX_PKT *ackm_data)
876 {
877 OSSL_QUIC_FRAME_NEW_CONN_ID frame_data;
878
879 if (!ossl_quic_wire_decode_frame_new_conn_id(pkt, &frame_data)) {
880 ossl_quic_channel_raise_protocol_error(ch,
881 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
882 OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID,
883 "decode error");
884 return 0;
885 }
886
887 ossl_quic_channel_on_new_conn_id(ch, &frame_data);
888
889 return 1;
890 }
891
depack_do_frame_retire_conn_id(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)892 static int depack_do_frame_retire_conn_id(PACKET *pkt,
893 QUIC_CHANNEL *ch,
894 OSSL_ACKM_RX_PKT *ackm_data)
895 {
896 uint64_t seq_num;
897
898 if (!ossl_quic_wire_decode_frame_retire_conn_id(pkt, &seq_num)) {
899 ossl_quic_channel_raise_protocol_error(ch,
900 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
901 OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID,
902 "decode error");
903 return 0;
904 }
905
906 /*
907 * RFC 9000 s. 19.16: "An endpoint cannot send this frame if it was provided
908 * with a zero-length connection ID by its peer. An endpoint that provides a
909 * zero-length connection ID MUST treat receipt of a RETIRE_CONNECTION_ID
910 * frame as a connection error of type PROTOCOL_VIOLATION."
911 *
912 * Since we always use a zero-length SCID as a client, there is no case
913 * where it is valid for a server to send this. Our server support is
914 * currently non-conformant and for internal testing use; simply handle it
915 * as a no-op in this case.
916 *
917 * TODO(QUIC SERVER): Revise and implement correctly for server support.
918 */
919 if (!ch->is_server) {
920 ossl_quic_channel_raise_protocol_error(ch,
921 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
922 OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID,
923 "conn has zero-length CID");
924 return 0;
925 }
926
927 return 1;
928 }
929
free_path_response(unsigned char * buf,size_t buf_len,void * arg)930 static void free_path_response(unsigned char *buf, size_t buf_len, void *arg)
931 {
932 OPENSSL_free(buf);
933 }
934
depack_do_frame_path_challenge(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)935 static int depack_do_frame_path_challenge(PACKET *pkt,
936 QUIC_CHANNEL *ch,
937 OSSL_ACKM_RX_PKT *ackm_data)
938 {
939 uint64_t frame_data = 0;
940 unsigned char *encoded = NULL;
941 size_t encoded_len;
942 WPACKET wpkt;
943
944 if (!ossl_quic_wire_decode_frame_path_challenge(pkt, &frame_data)) {
945 ossl_quic_channel_raise_protocol_error(ch,
946 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
947 OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE,
948 "decode error");
949 return 0;
950 }
951
952 /*
953 * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint MUST
954 * respond by echoing the data contained in the PATH_CHALLENGE frame in a
955 * PATH_RESPONSE frame.
956 *
957 * TODO(QUIC FUTURE): We should try to avoid allocation here in the future.
958 */
959 encoded_len = sizeof(uint64_t) + 1;
960 if ((encoded = OPENSSL_malloc(encoded_len)) == NULL)
961 goto err;
962
963 if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0))
964 goto err;
965
966 if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) {
967 WPACKET_cleanup(&wpkt);
968 goto err;
969 }
970
971 WPACKET_finish(&wpkt);
972
973 if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP,
974 OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE,
975 QUIC_CFQ_ITEM_FLAG_UNRELIABLE,
976 encoded, encoded_len,
977 free_path_response, NULL))
978 goto err;
979
980 return 1;
981
982 err:
983 OPENSSL_free(encoded);
984 ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_INTERNAL_ERROR,
985 OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE,
986 "internal error");
987 return 0;
988 }
989
depack_do_frame_path_response(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)990 static int depack_do_frame_path_response(PACKET *pkt,
991 QUIC_CHANNEL *ch,
992 OSSL_ACKM_RX_PKT *ackm_data)
993 {
994 uint64_t frame_data = 0;
995
996 if (!ossl_quic_wire_decode_frame_path_response(pkt, &frame_data)) {
997 ossl_quic_channel_raise_protocol_error(ch,
998 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
999 OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE,
1000 "decode error");
1001 return 0;
1002 }
1003
1004 /* TODO(QUIC MULTIPATH): ADD CODE to send |frame_data| to the ch manager */
1005
1006 return 1;
1007 }
1008
depack_do_frame_conn_close(PACKET * pkt,QUIC_CHANNEL * ch,uint64_t frame_type)1009 static int depack_do_frame_conn_close(PACKET *pkt, QUIC_CHANNEL *ch,
1010 uint64_t frame_type)
1011 {
1012 OSSL_QUIC_FRAME_CONN_CLOSE frame_data;
1013
1014 if (!ossl_quic_wire_decode_frame_conn_close(pkt, &frame_data)) {
1015 ossl_quic_channel_raise_protocol_error(ch,
1016 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
1017 frame_type,
1018 "decode error");
1019 return 0;
1020 }
1021
1022 ossl_quic_channel_on_remote_conn_close(ch, &frame_data);
1023 return 1;
1024 }
1025
depack_do_frame_handshake_done(PACKET * pkt,QUIC_CHANNEL * ch,OSSL_ACKM_RX_PKT * ackm_data)1026 static int depack_do_frame_handshake_done(PACKET *pkt,
1027 QUIC_CHANNEL *ch,
1028 OSSL_ACKM_RX_PKT *ackm_data)
1029 {
1030 if (!ossl_quic_wire_decode_frame_handshake_done(pkt)) {
1031 /* This can fail only with an internal error. */
1032 ossl_quic_channel_raise_protocol_error(ch,
1033 OSSL_QUIC_ERR_INTERNAL_ERROR,
1034 OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE,
1035 "internal error (decode frame handshake done)");
1036 return 0;
1037 }
1038
1039 ossl_quic_channel_on_handshake_confirmed(ch);
1040 return 1;
1041 }
1042
1043 /* Main frame processor */
1044
depack_process_frames(QUIC_CHANNEL * ch,PACKET * pkt,OSSL_QRX_PKT * parent_pkt,uint32_t enc_level,OSSL_TIME received,OSSL_ACKM_RX_PKT * ackm_data)1045 static int depack_process_frames(QUIC_CHANNEL *ch, PACKET *pkt,
1046 OSSL_QRX_PKT *parent_pkt, uint32_t enc_level,
1047 OSSL_TIME received, OSSL_ACKM_RX_PKT *ackm_data)
1048 {
1049 uint32_t pkt_type = parent_pkt->hdr->type;
1050 uint32_t packet_space = ossl_quic_enc_level_to_pn_space(enc_level);
1051
1052 if (PACKET_remaining(pkt) == 0) {
1053 /*
1054 * RFC 9000 s. 12.4: An endpoint MUST treat receipt of a packet
1055 * containing no frames as a connection error of type
1056 * PROTOCOL_VIOLATION.
1057 */
1058 ossl_quic_channel_raise_protocol_error(ch,
1059 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1060 0,
1061 "empty packet payload");
1062 return 0;
1063 }
1064
1065 while (PACKET_remaining(pkt) > 0) {
1066 int was_minimal;
1067 uint64_t frame_type;
1068 const unsigned char *sof = NULL;
1069 uint64_t datalen = 0;
1070
1071 if (ch->msg_callback != NULL)
1072 sof = PACKET_data(pkt);
1073
1074 if (!ossl_quic_wire_peek_frame_header(pkt, &frame_type, &was_minimal)) {
1075 ossl_quic_channel_raise_protocol_error(ch,
1076 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1077 0,
1078 "malformed frame header");
1079 return 0;
1080 }
1081
1082 if (!was_minimal) {
1083 ossl_quic_channel_raise_protocol_error(ch,
1084 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1085 frame_type,
1086 "non-minimal frame type encoding");
1087 return 0;
1088 }
1089
1090 /*
1091 * There are only a few frame types which are not ACK-eliciting. Handle
1092 * these centrally to make error handling cases more resilient, as we
1093 * should tell the ACKM about an ACK-eliciting frame even if it was not
1094 * successfully handled.
1095 */
1096 switch (frame_type) {
1097 case OSSL_QUIC_FRAME_TYPE_PADDING:
1098 case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN:
1099 case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN:
1100 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT:
1101 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP:
1102 break;
1103 default:
1104 ackm_data->is_ack_eliciting = 1;
1105 break;
1106 }
1107
1108 switch (frame_type) {
1109 case OSSL_QUIC_FRAME_TYPE_PING:
1110 /* Allowed in all packet types */
1111 if (!depack_do_frame_ping(pkt, ch, enc_level, ackm_data))
1112 return 0;
1113 break;
1114 case OSSL_QUIC_FRAME_TYPE_PADDING:
1115 /* Allowed in all packet types */
1116 if (!depack_do_frame_padding(pkt))
1117 return 0;
1118 break;
1119
1120 case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN:
1121 case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN:
1122 /* ACK frames are valid everywhere except in 0RTT packets */
1123 if (pkt_type == QUIC_PKT_TYPE_0RTT) {
1124 ossl_quic_channel_raise_protocol_error(ch,
1125 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1126 frame_type,
1127 "ACK not valid in 0-RTT");
1128 return 0;
1129 }
1130 if (!depack_do_frame_ack(pkt, ch, packet_space, received,
1131 frame_type, parent_pkt))
1132 return 0;
1133 break;
1134
1135 case OSSL_QUIC_FRAME_TYPE_RESET_STREAM:
1136 /* RESET_STREAM frames are valid in 0RTT and 1RTT packets */
1137 if (pkt_type != QUIC_PKT_TYPE_0RTT
1138 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1139 ossl_quic_channel_raise_protocol_error(ch,
1140 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1141 frame_type,
1142 "RESET_STREAM not valid in "
1143 "INITIAL/HANDSHAKE");
1144 return 0;
1145 }
1146 if (!depack_do_frame_reset_stream(pkt, ch, ackm_data))
1147 return 0;
1148 break;
1149 case OSSL_QUIC_FRAME_TYPE_STOP_SENDING:
1150 /* STOP_SENDING frames are valid in 0RTT and 1RTT packets */
1151 if (pkt_type != QUIC_PKT_TYPE_0RTT
1152 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1153 ossl_quic_channel_raise_protocol_error(ch,
1154 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1155 frame_type,
1156 "STOP_SENDING not valid in "
1157 "INITIAL/HANDSHAKE");
1158 return 0;
1159 }
1160 if (!depack_do_frame_stop_sending(pkt, ch, ackm_data))
1161 return 0;
1162 break;
1163 case OSSL_QUIC_FRAME_TYPE_CRYPTO:
1164 /* CRYPTO frames are valid everywhere except in 0RTT packets */
1165 if (pkt_type == QUIC_PKT_TYPE_0RTT) {
1166 ossl_quic_channel_raise_protocol_error(ch,
1167 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1168 frame_type,
1169 "CRYPTO frame not valid in 0-RTT");
1170 return 0;
1171 }
1172 if (!depack_do_frame_crypto(pkt, ch, parent_pkt, ackm_data, &datalen))
1173 return 0;
1174 break;
1175 case OSSL_QUIC_FRAME_TYPE_NEW_TOKEN:
1176 /* NEW_TOKEN frames are valid in 1RTT packets */
1177 if (pkt_type != QUIC_PKT_TYPE_1RTT) {
1178 ossl_quic_channel_raise_protocol_error(ch,
1179 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1180 frame_type,
1181 "NEW_TOKEN valid only in 1-RTT");
1182 return 0;
1183 }
1184 if (!depack_do_frame_new_token(pkt, ch, ackm_data))
1185 return 0;
1186 break;
1187
1188 case OSSL_QUIC_FRAME_TYPE_STREAM:
1189 case OSSL_QUIC_FRAME_TYPE_STREAM_FIN:
1190 case OSSL_QUIC_FRAME_TYPE_STREAM_LEN:
1191 case OSSL_QUIC_FRAME_TYPE_STREAM_LEN_FIN:
1192 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF:
1193 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_FIN:
1194 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN:
1195 case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN_FIN:
1196 /* STREAM frames are valid in 0RTT and 1RTT packets */
1197 if (pkt_type != QUIC_PKT_TYPE_0RTT
1198 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1199 ossl_quic_channel_raise_protocol_error(ch,
1200 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1201 frame_type,
1202 "STREAM valid only in 0/1-RTT");
1203 return 0;
1204 }
1205 if (!depack_do_frame_stream(pkt, ch, parent_pkt, ackm_data,
1206 frame_type, &datalen))
1207 return 0;
1208 break;
1209
1210 case OSSL_QUIC_FRAME_TYPE_MAX_DATA:
1211 /* MAX_DATA frames are valid in 0RTT and 1RTT packets */
1212 if (pkt_type != QUIC_PKT_TYPE_0RTT
1213 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1214 ossl_quic_channel_raise_protocol_error(ch,
1215 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1216 frame_type,
1217 "MAX_DATA valid only in 0/1-RTT");
1218 return 0;
1219 }
1220 if (!depack_do_frame_max_data(pkt, ch, ackm_data))
1221 return 0;
1222 break;
1223 case OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA:
1224 /* MAX_STREAM_DATA frames are valid in 0RTT and 1RTT packets */
1225 if (pkt_type != QUIC_PKT_TYPE_0RTT
1226 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1227 ossl_quic_channel_raise_protocol_error(ch,
1228 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1229 frame_type,
1230 "MAX_STREAM_DATA valid only in 0/1-RTT");
1231 return 0;
1232 }
1233 if (!depack_do_frame_max_stream_data(pkt, ch, ackm_data))
1234 return 0;
1235 break;
1236
1237 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI:
1238 case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI:
1239 /* MAX_STREAMS frames are valid in 0RTT and 1RTT packets */
1240 if (pkt_type != QUIC_PKT_TYPE_0RTT
1241 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1242 ossl_quic_channel_raise_protocol_error(ch,
1243 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1244 frame_type,
1245 "MAX_STREAMS valid only in 0/1-RTT");
1246 return 0;
1247 }
1248 if (!depack_do_frame_max_streams(pkt, ch, ackm_data,
1249 frame_type))
1250 return 0;
1251 break;
1252
1253 case OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED:
1254 /* DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */
1255 if (pkt_type != QUIC_PKT_TYPE_0RTT
1256 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1257 ossl_quic_channel_raise_protocol_error(ch,
1258 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1259 frame_type,
1260 "DATA_BLOCKED valid only in 0/1-RTT");
1261 return 0;
1262 }
1263 if (!depack_do_frame_data_blocked(pkt, ch, ackm_data))
1264 return 0;
1265 break;
1266 case OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED:
1267 /* STREAM_DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */
1268 if (pkt_type != QUIC_PKT_TYPE_0RTT
1269 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1270 ossl_quic_channel_raise_protocol_error(ch,
1271 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1272 frame_type,
1273 "STREAM_DATA_BLOCKED valid only in 0/1-RTT");
1274 return 0;
1275 }
1276 if (!depack_do_frame_stream_data_blocked(pkt, ch, ackm_data))
1277 return 0;
1278 break;
1279
1280 case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI:
1281 case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI:
1282 /* STREAMS_BLOCKED frames are valid in 0RTT and 1RTT packets */
1283 if (pkt_type != QUIC_PKT_TYPE_0RTT
1284 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1285 ossl_quic_channel_raise_protocol_error(ch,
1286 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1287 frame_type,
1288 "STREAMS valid only in 0/1-RTT");
1289 return 0;
1290 }
1291 if (!depack_do_frame_streams_blocked(pkt, ch, ackm_data,
1292 frame_type))
1293 return 0;
1294 break;
1295
1296 case OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID:
1297 /* NEW_CONN_ID frames are valid in 0RTT and 1RTT packets */
1298 if (pkt_type != QUIC_PKT_TYPE_0RTT
1299 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1300 ossl_quic_channel_raise_protocol_error(ch,
1301 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1302 frame_type,
1303 "NEW_CONN_ID valid only in 0/1-RTT");
1304 }
1305 if (!depack_do_frame_new_conn_id(pkt, ch, ackm_data))
1306 return 0;
1307 break;
1308 case OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID:
1309 /* RETIRE_CONN_ID frames are valid in 0RTT and 1RTT packets */
1310 if (pkt_type != QUIC_PKT_TYPE_0RTT
1311 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1312 ossl_quic_channel_raise_protocol_error(ch,
1313 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1314 frame_type,
1315 "RETIRE_CONN_ID valid only in 0/1-RTT");
1316 return 0;
1317 }
1318 if (!depack_do_frame_retire_conn_id(pkt, ch, ackm_data))
1319 return 0;
1320 break;
1321 case OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE:
1322 /* PATH_CHALLENGE frames are valid in 0RTT and 1RTT packets */
1323 if (pkt_type != QUIC_PKT_TYPE_0RTT
1324 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1325 ossl_quic_channel_raise_protocol_error(ch,
1326 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1327 frame_type,
1328 "PATH_CHALLENGE valid only in 0/1-RTT");
1329 return 0;
1330 }
1331 if (!depack_do_frame_path_challenge(pkt, ch, ackm_data))
1332 return 0;
1333
1334 break;
1335 case OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE:
1336 /* PATH_RESPONSE frames are valid in 1RTT packets */
1337 if (pkt_type != QUIC_PKT_TYPE_1RTT) {
1338 ossl_quic_channel_raise_protocol_error(ch,
1339 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1340 frame_type,
1341 "PATH_CHALLENGE valid only in 1-RTT");
1342 return 0;
1343 }
1344 if (!depack_do_frame_path_response(pkt, ch, ackm_data))
1345 return 0;
1346 break;
1347
1348 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP:
1349 /* CONN_CLOSE_APP frames are valid in 0RTT and 1RTT packets */
1350 if (pkt_type != QUIC_PKT_TYPE_0RTT
1351 && pkt_type != QUIC_PKT_TYPE_1RTT) {
1352 ossl_quic_channel_raise_protocol_error(ch,
1353 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1354 frame_type,
1355 "CONN_CLOSE (APP) valid only in 0/1-RTT");
1356 return 0;
1357 }
1358 /* FALLTHRU */
1359 case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT:
1360 /* CONN_CLOSE_TRANSPORT frames are valid in all packets */
1361 if (!depack_do_frame_conn_close(pkt, ch, frame_type))
1362 return 0;
1363 break;
1364
1365 case OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE:
1366 /* HANDSHAKE_DONE frames are valid in 1RTT packets */
1367 if (pkt_type != QUIC_PKT_TYPE_1RTT) {
1368 ossl_quic_channel_raise_protocol_error(ch,
1369 OSSL_QUIC_ERR_PROTOCOL_VIOLATION,
1370 frame_type,
1371 "HANDSHAKE_DONE valid only in 1-RTT");
1372 return 0;
1373 }
1374 if (!depack_do_frame_handshake_done(pkt, ch, ackm_data))
1375 return 0;
1376 break;
1377
1378 default:
1379 /* Unknown frame type */
1380 ossl_quic_channel_raise_protocol_error(ch,
1381 OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,
1382 frame_type,
1383 "Unknown frame type received");
1384 return 0;
1385 }
1386
1387 if (ch->msg_callback != NULL) {
1388 int ctype = SSL3_RT_QUIC_FRAME_FULL;
1389
1390 size_t framelen = PACKET_data(pkt) - sof;
1391
1392 if (frame_type == OSSL_QUIC_FRAME_TYPE_PADDING) {
1393 ctype = SSL3_RT_QUIC_FRAME_PADDING;
1394 } else if (OSSL_QUIC_FRAME_TYPE_IS_STREAM(frame_type)
1395 || frame_type == OSSL_QUIC_FRAME_TYPE_CRYPTO) {
1396 ctype = SSL3_RT_QUIC_FRAME_HEADER;
1397 framelen -= (size_t)datalen;
1398 }
1399
1400 ch->msg_callback(0, OSSL_QUIC1_VERSION, ctype, sof, framelen,
1401 ch->msg_callback_ssl, ch->msg_callback_arg);
1402 }
1403 }
1404
1405 return 1;
1406 }
1407
1408 QUIC_NEEDS_LOCK
ossl_quic_handle_frames(QUIC_CHANNEL * ch,OSSL_QRX_PKT * qpacket)1409 int ossl_quic_handle_frames(QUIC_CHANNEL *ch, OSSL_QRX_PKT *qpacket)
1410 {
1411 PACKET pkt;
1412 OSSL_ACKM_RX_PKT ackm_data;
1413 uint32_t enc_level;
1414
1415 /*
1416 * ok has three states:
1417 * -1 error with ackm_data uninitialized
1418 * 0 error with ackm_data initialized
1419 * 1 success (ackm_data initialized)
1420 */
1421 int ok = -1; /* Assume the worst */
1422
1423 if (ch == NULL)
1424 goto end;
1425
1426 ch->did_crypto_frame = 0;
1427
1428 /* Initialize |ackm_data| (and reinitialize |ok|)*/
1429 memset(&ackm_data, 0, sizeof(ackm_data));
1430 /*
1431 * ASSUMPTION: All packets that aren't special case have a
1432 * packet number.
1433 */
1434 ackm_data.pkt_num = qpacket->pn;
1435 ackm_data.time = qpacket->time;
1436 enc_level = ossl_quic_pkt_type_to_enc_level(qpacket->hdr->type);
1437 if (enc_level >= QUIC_ENC_LEVEL_NUM)
1438 /*
1439 * Retry and Version Negotiation packets should not be passed to this
1440 * function.
1441 */
1442 goto end;
1443
1444 ok = 0; /* Still assume the worst */
1445 ackm_data.pkt_space = ossl_quic_enc_level_to_pn_space(enc_level);
1446
1447 /* Now that special cases are out of the way, parse frames */
1448 if (!PACKET_buf_init(&pkt, qpacket->hdr->data, qpacket->hdr->len)
1449 || !depack_process_frames(ch, &pkt, qpacket,
1450 enc_level,
1451 qpacket->time,
1452 &ackm_data))
1453 goto end;
1454
1455 ok = 1;
1456 end:
1457 /*
1458 * ASSUMPTION: If this function is called at all, |qpacket| is
1459 * a legitimate packet, even if its contents aren't.
1460 * Therefore, we call ossl_ackm_on_rx_packet() unconditionally, as long as
1461 * |ackm_data| has at least been initialized.
1462 */
1463 if (ok >= 0)
1464 ossl_ackm_on_rx_packet(ch->ackm, &ackm_data);
1465
1466 return ok > 0;
1467 }
1468
