Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

0RTT, Early data, session ticketing, key verification, stateless reset #153

Open
wants to merge 17 commits into
base: dev
Choose a base branch
from
Open

0RTT, Early data, session ticketing, key verification, stateless reset #153

wants to merge 17 commits into from

Conversation

dr7ana
Copy link
Collaborator

@dr7ana dr7ana commented Dec 4, 2024

Scope:

  • 0rtt/early data: Can be enabled with opt::enable_0rtt_ticketing at the endpoint level, and will apply for all connections in/out of that endpoint.
  • Session ticketing storage mode: Enabled through the same struct by passing the optional verify/put/get callbacks. The default mode is internal storage managed by libquic, but the application can take responsibility by providing all of the callbacks
  • Key verification on/off: Can be disabled with opt::disable_key_verification at the connection level by passing the struct to calls to Endpoint::{listen,connect}(...)
  • Stateless reset can be disabled with opt::disable_stateless_verification at the endpoint level

@dr7ana dr7ana mentioned this pull request Dec 4, 2024
Closed
dr7ana and others added 16 commits December 11, 2024 06:25
@dr7ana
about time we finished 0rtt
6d37099
@dr7ana
gtls session ticketing straightened out, defaulted through callbacks
9a6be7a
@dr7ana
Key verification directionally toggled
0e4b23b 
- By passing `opt::disable_key_verification` in calls to `Endpoint::{listen,connect}(...)` the application can decide whether to use key verification for inbound or outbound connections.
@dr7ana
Stateless reset layout
5f7ff8a 
- can be toggled on/off, bespoke types for handling generation and storage
- improvements, better handling, callbacks
@dr7ana
stream revert on early data rejected, instead of close
74c56c6
@dr7ana
stateless reset default on, opt toggles off
e628fa1
@dr7ana
associate all ngtcp2 cids to token, not ref id
9393c28
@dr7ana
Opt configuration under the hood
c6ea4e0 
- ping binaries added to test timing
- more thoughtful compile time checking
@dr7ana
unit test bt chaining and serialization
a72c2eb
@dr7ana
do not store token on unknown packet
12334e1
@dr7ana
downgrade logs, btlogger to regular logger
6aa6bee
@dr7ana
log downgrade, misc cleanup
0a58234
@jagerman @dr7ana
Make gtls_session_ticket always go through unique_ptr
f93ee8e 
The copy and move constructors/operators are a decent amount of
complexity keeping track of pointers that really isn't needed because we
nearly always want these held inside a unique_ptr, and so it simplifies
things to just enforce that everywhere and fix the two occurances that
held in a value and then sort of mutated into a unique_ptr.

This also lets us make the key data const, which gives us better safety
assurances for using it as the key of a map (as we currently are).

Also makes the private fields actually private, along with the
constructors (to enforce all usage now go through make).

Also dropped some unused comparison & hashing functions.
@dr7ana
Review fixes:
1b859ef 
- added RAII gnutls_datum object, used where needed. Must be careful, can double free if the memory is owned by another object or held within ngtcp2
- misc fixes from oxen-io#147
@dr7ana
return ptr to promise, not promise by ref
39ad7fd
@dr7ana
testing out stateless reset token lifetime
a28621a
@dr7ana dr7ana force-pushed the 0rtt branch 3 times, most recently from 2028283 to c87754e Compare December 11, 2024 14:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dr7ana @jagerman