[pull] main from mozilla:main #5

The `net.rs` file is not declared as a module in `src/sim/mod.rs` and thus unused.

* fix(http3): always qlog on send_buffer() `neqo_http3::SendMessage` calls `qlog::h3_data_moved_down()` whenever it moves data down to the QUIC layer. `SendMessage` moves data down to the QUIC layer either directly via `self.stream.send_atomic` or indirectly buffered through `self.stream.send_buffer`. Previously only one of the 3 calls to `self.stream.send_buffer` would thereafter call `qlog::h3_data_moved_down()`. This commit moves the `h3_data_moved_down` call into `self.stream.send_buffer`, thus ensuring the function is always called when data is moved. In addition, `self.stream.send_atomic` now as well does the qlog call, thus containing all qlog logic in `buffered_send_stream.rs` instead of `send_message.rs`. * Trigger benchmark run * Don't qlog if buffer is empty * Fix typo * Use early return to keep indentation short * Don't qlog if sent is 0

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.0 to 4.3.1. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@8450866...5ecb98a) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump actions/download-artifact from 4.1.6 to 4.1.7 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@9c19ed7...65a9edc) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Addition --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

* build(deps): bump actions/checkout from 4.1.3 to 4.1.4 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@1d96c77...0ad4b8f) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Additions --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

…e is lost (#1882)

It's too complex, and we should instead just fix the interop issues.

* ci: Build Firefox with current neqo * --application-choice browser * Allow qlog dupes * Typo * Get Firefox source from GitHub * Again * Again * Again * Again * Again * Debug * Again * Again * Again * Again * Again * Again * qlog * Fix * Again * Again * Again * Fingers crossed... * Try and prevent running out of disk space * Again * Again * Set CARGO_HOME and use sccache * actionlint * Use matrix * Again * Again * Upload binaries * Identify what to upload * Push * Naming * Again * Again * Again * Again * Again * Don't disable tests for debug builds * Work around https://bugzilla.mozilla.org/show_bug.cgi?id=1894031 * Prepare to comment on PR * Again * Again * Undo * Again * Again * Try and comment * cargo update * Again * Again * Again * Again * Again * Consolidate PR reporting * Fix actionlint --------- Signed-off-by: Lars Eggert <lars@eggert.org>

…1838) * fix(SendMessage): use SendStream::set_writable_event_low_watermark Previously `SendMessage::send_data` could stall, if less than the minimum message size is available to be sent. See #1819 for details. This commit implements solution (3) proposed in #1819. This commit introduces `SendStream::set_writable_event_low_watermark` which is then used in `SendMessage::send_data` to signal to `SendStream` the minimum required send space (low watermark) for the next send. Once reached, `SendStream` emits a `SendStreamWritable` eventually triggering another `SendMessage::send_data`. Alternative to #1835. Compared to #1835, this fix does not utilize the `SendMessage` buffer, thus does not introduce an indirection to the send path. In addition, under the assumption that available send space is increased in larger batches, this fix does not send tiny data frames (2 byte header, 1 byte goodput). Downside, compared to #1835, is that it requires both changes in `neqo-transport` and `neqo-http3`. Secondarily, this fixes #1821 as well. * Move const * Add documentation * Add SendStream test * Fix intra doc links * Add neqo-http3 test * Replace goodput with payload * Re-trigger benchmarks Let's see whether the "Download" benchmark is consistent. * Rename emit_writable_event to maybe_emit_writable_event * Replace expect with unwrap * Use NonZeroUsize::get * Replace expect with unwrap * %s/Actually sending/Sending * Typo * Have update() return available amount * Document setting once would suffice * Reduce verbosity * fix: drop RefCell mutable borrow early

Fixes #1887

* chore: Fix new clippy lints in cargo 1.80.0-nightly (05364cb2f 2024-05-03) * No need for `#[allow(clippy::mutable_key_type)]` * No need for `build = "build.rs"`

The QUIC Interop Runner requires an http3 and http09 implementation for both client and server. The client code is already structured into an http3 and an http09 implementation since #1727. This commit does the same for the server side, i.e. splits the http3 and http09 implementation into separate Rust modules.

* fix: Resurrect #1662 Botched the "merge from main" on #1662. Reverted the merge. This PS has the changes in #1662, rebased to main. Sorry for the mess. * Fix * One-liner * Merge main * Merge main * Move back to BTreeMap * Tweak ordering * More simplification/performance * Test expectation fixup * Update neqo-transport/src/cc/classic_cc.rs Signed-off-by: Lars Eggert <lars@eggert.org> * Apply suggestions from code review Signed-off-by: Lars Eggert <lars@eggert.org> --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Lars Eggert <lars@eggert.org>

* ci: Only build Fx for PRs And not when landing a PR in `main`. Signed-off-by: Lars Eggert <lars@eggert.org> * Add `workflow_dispatch` Signed-off-by: Lars Eggert <lars@eggert.org> --------- Signed-off-by: Lars Eggert <lars@eggert.org>

* refactor(bin): introduce server/http3.rs and server/http09.rs The QUIC Interop Runner requires an http3 and http09 implementation for both client and server. The client code is already structured into an http3 and an http09 implementation since #1727. This commit does the same for the server side, i.e. splits the http3 and http09 implementation into separate Rust modules. * refactor: merge mozilla-central http3 server into neqo-bin There are two server implementations based on neqo: 1. https://github.com/mozilla/neqo/tree/main/neqo-bin/src/server - http3 and http09 implementation - used for manual testing and QUIC Interop 2. https://searchfox.org/mozilla-central/source/netwerk/test/http3server/src/main.rs - used to test Firefox I assume one was once an exact copy of the other. Both implement their own I/O, event loop, ... Since then, the two implementations diverged significantly. Especially (1) saw a lot of improvements in recent months: - #1564 - #1569 - #1578 - #1581 - #1604 - #1612 - #1676 - #1692 - #1707 - #1708 - #1727 - #1753 - #1756 - #1766 - #1772 - #1786 - #1787 - #1788 - #1794 - #1806 - #1808 - #1848 - #1866 At this point, bugs in (2) are hard to fix, see e.g. #1801. This commit merges (2) into (1), thus removing all duplicate logic and having (2) benefit from all the recent improvements to (1). * Move firefox.rs to mozilla-central * Reduce HttpServer trait functions * Extract constructor * Remove unused deps * Remove clap color feature Nice to have. Adds multiple dependencies. Hard to justify for mozilla-central.

* ci: Try and fix CI Fx build * Again * Again * Remove commented code * Remove more comments

* build(deps): bump actions/checkout from 4.1.3 to 4.1.5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.3...44c2b7a) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add more --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

…ns (#1896) Bumps martenseemann/quic-network-simulator-endpoint from `1259654` to `91b21d4`. --- updated-dependencies: - dependency-name: martenseemann/quic-network-simulator-endpoint dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v4.1.6...65a9edc) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(bin): use quinn-udp crates.io release instead of git ref `neqo-bin` has been importing `quinn-udp` as a git reference, in order to include quinn-rs/quinn#1765. The quinn project has since released `quinn-udp` `v0.5.0`. This commit upgrades `neqo-bin` to use `quinn-udp` `v0.5.0`. `quinn-udp` now takes a data reference (`&[u8]`) instead of owned data (`bytes::Bytes`) on its send path, thus no longer requiring `neqo-bin` to convert, but simply pass a reference. See quinn-rs/quinn#1729 (comment) for details. `quinn-udp` has dropped `sendmmsg` support in the `v0.5.0` release (quinn-rs/quinn@ee08826). `neqo-bin` does not (yet) use `sendmmsg`. This might change in the future (#1693). * remove impl From<Datagram> for Vec<u8>

This reverts commit 342e4e7. With #1878 merged and https://bugzilla.mozilla.org/show_bug.cgi?id=1895319 available, one can now reapply the patch removing `Server::timers`. More specifically, the actual bug fix on mozilla-central side: ``` rust let output = if self.response_to_send.is_empty() { output } else { // In case there are pending responses to send, make sure a reasonable // callback is returned. const MIN_INTERVAL: Duration = Duration::from_millis(100); match output { Output::None => Output::Callback(MIN_INTERVAL), o @ Output::Datagram(_) => o, Output::Callback(d) => Output::Callback(min(d, MIN_INTERVAL)), } }; ``` See https://phabricator.services.mozilla.com/D209574.

* make expiry return longer timeout * fix tests * again * address comments * only compare pto * address comments

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.1 to 4.4.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@5ecb98a...6d79887) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci: Only show performance improvements and regressions details By default. Makes the perf PR comment a bit more concise. * Add newline

* build(deps): bump actions/checkout from 4.1.5 to 4.1.6 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@44c2b7a...a5ac7e5) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Additions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

Because I've also limited the loopback MTU to 1500.

* ci: Set `RUST_LOG` during coverage tests So that logging-related code is being included in the coverage check. * Bump codecov version, to see if that makes it post comments again * Back to 4.4.0 * 4.3.1 * 4.4.1 * verbose

Each call takes ~1ms.

EcnInfo::on_packet_sent may update the ECN state and can hence change it. Also throw in some unrelated fixes to make the ECN log output more quiet, and to test/test.sh.

* Enable Xyber768d00 on servers by default * Fix clippy Signed-off-by: Lars Eggert <lars@eggert.org> * Add xyber connection test * rustfmt --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Lars Eggert <lars@eggert.org>

Bumps [docker/login-action](https://github.com/docker/login-action) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@e92390c...0d4c9c5) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@2cdde99...ca052bb) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.4.1 to 4.5.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@125fc84...e28ff12) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump actions/checkout from 4.1.6 to 4.1.7 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@a5ac7e5...692973e) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add actions * Oops --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

* ci: Hook up Taskcluster * Move directory

Signed-off-by: Lars Eggert <lars@eggert.org>

* ci: Use cargo-quickinstall instead of cargo-binstall Since latter just bumped its MSRV way beyond what is reasonable for us. * Remove flags

Until someone who understands it can debug.

Since binstall is having issues on macOS it seems. Signed-off-by: Lars Eggert <lars@eggert.org>

…1936)

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.4.0 to 6.1.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@ca052bb...31159d4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

#1568 introduced TTL information to datagrams. On the input path it would take the ttl information, but not act on it. On the output path it would set only "the default TTL on many OSes". https://github.com/mozilla/neqo/blob/66504908e5fa070a8a5fa67d8b5a201d2c9a5cc5/neqo-transport/src/path.rs#L576 This commit removes the ttl information from `Datagram`, thus reverting a subset of #1568. This is partially motivated by #1920, introducing `quinn-udp` as the IO library of choice, which does not support reading and writing TTL. See also discussion in #1920 (comment).

They seem to have a race condition that makes them crash. I wasn't able to figure out why they crash, this seems to happen inside NSS: ``` Process 47677 stopped * thread #2, name = 'init_twice_withdb', stop reason = EXC_BAD_ACCESS (code=1, address=0x0) frame #0: 0x000000019b4994f8 libsystem_pthread.dylib`pthread_mutex_lock + 12 libsystem_pthread.dylib`pthread_mutex_lock: -> 0x19b4994f8 <+12>: ldr x8, [x0] 0x19b4994fc <+16>: mov w9, #0x545a ; =21594 0x19b499500 <+20>: movk w9, #0x4d55, lsl #16 0x19b499504 <+24>: cmp x8, x9 (lldb) up frame #1: 0x0000000100802f58 libnspr4.dylib`PR_Lock + 20 libnspr4.dylib`PR_Lock: -> 0x100802f58 <+20>: bl 0x10080c0c0 ; symbol stub for: pthread_self 0x100802f5c <+24>: str x0, [x19, #0xb8] 0x100802f60 <+28>: mov w8, #0x1 ; =1 0x100802f64 <+32>: str w8, [x19, #0xb0] (lldb) up frame #2: 0x00000001007fc188 libnspr4.dylib`PR_CallOnce + 56 libnspr4.dylib`PR_CallOnce: -> 0x1007fc188 <+56>: ldr w23, [x19] 0x1007fc18c <+60>: ldr w20, [x19, #0x8] 0x1007fc190 <+64>: ldr x0, [x22, #0x430] 0x1007fc194 <+68>: bl 0x100802f74 ; PR_Unlock (lldb) up frame #3: 0x000000010066f634 libnss3.dylib`nss_Init + 112 libnss3.dylib`nss_Init: -> 0x10066f634 <+112>: cbz w0, 0x10066f640 ; <+124> 0x10066f638 <+116>: mov w19, #-0x1 ; =-1 0x10066f63c <+120>: b 0x10066f968 ; <+932> 0x10066f640 <+124>: stp x21, x22, [x29, #-0x80] (lldb) up frame #4: 0x000000010066ff44 libnss3.dylib`NSS_Initialize + 100 libnss3.dylib`NSS_Initialize: -> 0x10066ff44 <+100>: ldp x29, x30, [sp, #0x40] 0x10066ff48 <+104>: add sp, sp, #0x50 0x10066ff4c <+108>: ret libnss3.dylib`NSS_InitContext: 0x10066ff50 <+0>: sub sp, sp, #0x60 (lldb) up frame #5: 0x00000001000035fc init-d4e9f02b33e50e46`init::init_twice_withdb::h34013f715e9b4f6e at init.rs:65:9 62 let pathstr = path.to_str().unwrap(); 63 let dircstr = CString::new(pathstr).unwrap(); 64 unsafe { -> 65 nss::NSS_Initialize( 66 dircstr.as_ptr(), 67 empty.as_ptr(), 68 empty.as_ptr(), ```

* ci: rename .taskcluster to taskcluster While we'd like to keep the CI configuration files hidden in this repo, I came across a bug in Taskgraph triggered by changing the root Taskgraph directory to a non standard location. This bug will require a new release to fix (and I suspect there will be other bugs revealed afterwards). In the meantime, we can move the files to the standard place while this is fixed. I filed taskcluster/taskgraph#522 to track the fix. * ci: use Decision docker image with Taskgraph included * ci: re-enable Taskcluster

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@31159d4...1556069) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Until someone who understands it can debug. #1935 didn't fix it.

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>

* refactor(transport/server): always iterate each connection Say a `neqo_transport::Server` is managing a single `neqo_transport::Connection` in `Server::connections`. Assume the following chain of events: 1. A user (e.g. `neqo-http3`) calls `Server::process`. ``` rust pub fn process(&mut self, dgram: Option<&Datagram>, now: Instant) -> Output { if self.wake_at.map_or(false, |c| c <= now) { self.wake_at = None; } dgram .and_then(|d| self.process_input(d, now)) .or_else(|| self.process_next_output(now)) .map(|d| { qtrace!([self], "Send packet: {:?}", d); Output::Datagram(d) }) .or_else(|| self.wake_at.take().map(|c| Output::Callback(c - now))) .unwrap_or_else(|| { qtrace!([self], "Go dormant"); Output::None }) } ``` https://github.com/mozilla/neqo/blob/6664452e2ba25f028ebf07c404fff3d0193c0ef4/neqo-transport/src/server.rs#L660-L677 2. `self.wake_at` is `None`. 3. `dgram` is `None`, thus `self.process_input` is never called. 4. `self.process_next_output(now)` is called. ``` rust fn process_next_output(&mut self, now: Instant) -> Option<Datagram> { qtrace!([self], "No packet to send, look at waiting connections"); while let Some(c) = self.waiting.pop_front() { if let Some(d) = self.process_connection(&c, None, now) { return Some(d); } } ``` https://github.com/mozilla/neqo/blob/6664452e2ba25f028ebf07c404fff3d0193c0ef4/neqo-transport/src/server.rs#L636-L642 1. It attains a reference to the one `Connection` through `self.waiting.pop_front()`. 2. It calls self.process_connection which in turn calls `Connection::process`, returning a `Output::Callback(_)`, which is stored in `self.wake_at`. 5. `self.wake_at.take()` takes the callback and returns it to the user as `Output::Callback`. 6. The user calls `Server::process` again. 1. `self.wake_at` is `None`. 2. `dgram` is `None`, thus `self.process_input` isn't called. 3. `Server::process` calls `Server::process_next_output`. 1. `Server::process_next_output` finds no connection reference in `self.waiting` and thus returns `None`. 4. `self.wake_at.take()` is `None` 5. `Server::process` returns `None` Result is that the user received an `Output::None` even though the one `Connection` managed by the `Server` is waiting for a callback. Thus the server stalls. The single source of truth of whether a `Connection` needs a callback or not is the `Connection` itself. Instead of duplicating this information in `Server::wake_at`, `Server::waiting`, `ServerConnectionState::wake_at`, always ask the single source of truth, i.e. the `Connection`. More concretely, with this patch `Server::process` always calls `Connection::process` for each of its `Connection`s. It does not try to be smart on whether a `Connection` needs `process`ing or not. * Don't duplicate active state * Don't duplicate attempt state * Simplify process_connection call * Deduplicate active connections * Attempt fix for zerortt * clippy * Attempt fix for same_initial_after_connected * Address minor TODOs * Remove Server::add_to_waiting It is no longer needed as each connection is always processed. * Allow connected_server with more than one connection * Remove unnecessary TODO * Simplify closed connection clean up

* [StepSecurity] Update Dependabot configuration Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> * weekly Signed-off-by: Lars Eggert <lars@eggert.org> --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Lars Eggert <lars@eggert.org>

This commit adds a basic test, passing a short header packet to a fresh server, expecting the server to drop the packet for the unknown connection.

So the `<details>` stuff works properly. Hopefully.

See corresponding lints: - https://rust-lang.github.io/rust-clippy/master/index.html#/mutable_key_type - https://rust-lang.github.io/rust-clippy/master/index.html#/manual_inspect See recent CI failure: https://github.com/mozilla/neqo/actions/runs/9759065486/job/26934981259 ``` error: --> neqo-transport/src/path.rs:214:62 | 214 | let old_path = self.primary.replace(Rc::clone(path)).map(|old| { | ^^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#manual_inspect = note: `-D clippy::manual-inspect` implied by `-D warnings` = help: to override `-D warnings` add `#[allow(clippy::manual_inspect)]` help: try | 214 ~ let old_path = self.primary.replace(Rc::clone(path)).inspect(|old| { 215 ~ old.borrow_mut().set_primary(false); | error: mutable key type --> neqo-transport/src/server.rs:603:45 | 603 | pub fn active_connections(&mut self) -> HashSet<ActiveConnectionRef> { | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#mutable_key_type = note: `-D clippy::mutable-key-type` implied by `-D warnings` = help: to override `-D warnings` add `#[allow(clippy::mutable_key_type)]` error: could not compile `neqo-transport` (lib) due to 2 previous errors error: process didn't exit successfully: `/home/runner/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/bin/cargo clippy --all-targets --manifest-path fuzz/Cargo.toml -- -D warnings` (exit status: 101) ```

* feat(bin): enable Firefox to use quinn-udp through neqo-bin * Move udp to separate crate * Remove misleading log * Reduce tokio feature set * Use thread_local for receive buffer * Add windows support * Cleanup send_inner and recv_inner * Move WouldBlock handling to Firefox * Feature flag tests using tokio * fmt * Undo unrelated change * EOL * Rename socket field to inner * Use qtrace * Short to RECV_BUF and move meta into closure * Udate documentation * Add TODO to experiment with different buffer sizes * Remove private doc link --------- Co-authored-by: Lars Eggert <lars@eggert.org>

* [StepSecurity] Add Dependency review Workflow Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> * unharden Signed-off-by: Lars Eggert <lars@eggert.org> --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Lars Eggert <lars@eggert.org>

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>

Set `bench = false`. By default cargo will use `libtest` for benchmarking. Executing a `cargo bench` with criterion specific command line flags at the workspace level will thus trigger an error when executing the `neqo-udp` benchmarks.

Not needed, and install fails on macOS for me.

Otherwise merges stall.

So the `merge_group` trigger works.

See actions/dependency-review-action#456 (comment)

@martinthomson

* chore: Turn on more clippy lints, and fix the warnings * Fixes * Fixes * Fixes * Update neqo-transport/src/addr_valid.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Suggestions from @martinthomson * More from @martinthomson * More from @martinthomson * And more * Fixes after rebase * Better Cubic fix * let _ -> _ * Add reason to `#[allow(clippy::mutable_key_type)]` * fmt --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net>

* build(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.3 to 4.3.4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...0b2256b) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add actions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.2.0 to 6.3.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@1556069...1a16264) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.7 to 4.1.8. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@65a9edc...fa0a91b) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@6882732...5927c83) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@d70bba7...4fd8129) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* WIP * Fixes * Minimize diff * Progress * Fix clippy * Reduce diff to main * Use RefCell * Make Pacer use PmtudState * Renamings * Fix tests broken by changing PATH_MTU_V6 * WIP * Finalize * Update neqo-transport/src/path.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Address comments * Update neqo-transport/src/pmtud.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Remove PmtudRef from ClassicCongestionControl * Disable PMTUD by default, except for demo client and server, and simulator * Fix clippy * Make Pmtud part of Pacer only * These are now `const_assert`s * Cleanups * Address more comments * Cleanups * Add some initial tests * Fix clippy * Minimize diff * Probe with non-padding data * Search table based on TMA paper * Deal with PMTU reductions * Fix crypto invocation limits * Fix comment * More comments * Add PMTU_RAISE_TIMER * Lost PMTUD probes do not elicit a congestion control reaction * Update pacer when MTU changes * Better way to update pacer * Fix last commit * Potential fix for bench * Update neqo-transport/src/pmtud.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/pmtud.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/pmtud.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/cc/classic_cc.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Undo * Simplifications * rustfmt * Disarm raise timer when it fired * test script that triggers the bug * Revert test.sh (modulo bug fix) * Increase coverage * Better test * Another test * let Some(...) instead of testing Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Martin Thomson <mt@lowentropy.net> * Fix * static_assertions to dev-dependencies * Panic on failure * Fixes after merge * Make test-only plpmtu() panic on error * set_confirmed * invocations_base -> largest_packet_len * Simplify * Set builder limit in output_path() * fmt * A bunch of changes based on Martin's review * Avoid spurious PMTUD restarts better. Possible perf. optimizations. * Improve coverage * Enable PMTUD for simulator * Update neqo-transport/src/connection/mod.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/mod.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/mod.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/packet/mod.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/stats.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Suggestions from Max * Update neqo-transport/src/pmtud.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Suggestions from Martin * More suggestions * Add TODO * Use filter fn Follow-up on #1903 (comment) * clippy * Fixes * doc fix * refactor(pmtud): implement Copy for Probe `Probe` is a small simple enum on the stack, thus convention is to implement `Copy` instead of only `Clone` with a call to `clone()`. The following helped me in the past: > When should my type be Copy? > > Generally speaking, if your type can implement Copy, it should. Keep in mind, > though, that implementing Copy is part of the public API of your type. If the > type might become non-Copy in the future, it could be prudent to omit the Copy > implementation now, to avoid a breaking API change. https://doc.rust-lang.org/std/marker/trait.Copy.html#when-should-my-type-be-copy * Make search_tables identical length, and deal with the fallout * More --------- Signed-off-by: Lars Eggert <lars@eggert.org> Signed-off-by: Martin Thomson <mt@lowentropy.net> Co-authored-by: Martin Thomson <mt@lowentropy.net> Co-authored-by: Max Inden <mail@max-inden.de>

* ci: Fix the fuzz targets And check them during CI, so they keep building. * Fix * Fix * Add cargo-fuzz * Fix the fuzzers * Fix two clippy nightly things while I'm here

The use of `Vec` here is unnecessary. We can use a fixed sized array instead. The performance gain here is negligible, but the code becomes cleaner, so that's a win.

* ci: Use cargo-machete to check for unused dependencies And remove the ones it found. * --with-metadata has false positives * Remove --no-fallback --------- Signed-off-by: Lars Eggert <lars@eggert.org>

#1983) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.3.3 to 4.3.4. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@72eb03d...5a2ce3f) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci: Trigger secondary checks off `check.yml` Might save some trees. * quotes?

This reverts commit 735be28.

* ci: Bump Linux CI runners to `ubuntu-24.04` Which is still being rolled out, but has a bunch of advantages for us. * Try libnss3-dev deb * See if updating fixes it * Just upgrade * NEEDRESTART_MODE * sudo apt remove needrestart * Again * Again * Omit `python-version` * 3.8 -> 3.12 * ldd * ~/.pki * CHACHA20 * rm test-fixture/db/pkcs11.txt * Minimize diff * Print APT info * Again * Use libnss3-dev * Cleanup * Try and avoid azure mirror * Again * Again * Again * Again * Again * Again * Again * Again * Again * Hunch * Try * Minimize * 24.04 -> latest

* ci: Cache NSS build This should speed up CI. * steps * !boolean * Minimize * path * arch * Fix * Fix * Fix * More optimizations * Again * Again * Again

* Again * ci: Try and drop more permissions * Again

So we get an indication of which test might be hanging/slow.

* refactor(server): remove ServerConnectionIdGenerator A `neqo_transport::Server` manages multiple `neqo_transport::Connection`s. A `Server` keeps a `HashMap` of all `Connection`s, indexed by `ConnectionId`. Indexing by `ConnectionId` is difficult as: - The `ConnectionId` is not known before constructing the connection. - The `ConnectionId` might change throughout the lifetime of a connection. Previously the index was kept up-to-date through a wrapper around the `ConnectionIdGenerator` provided to a `Connection` by a `Server`. This wrapper would be provided a shared reference to the `Server`s `HashMap` of `Connection`s. Whenever the `Server` would `process` a `Connection` and that `Connection` would generate a new `ConnectionId` via `ConnectionIdGenerator::generate_cid`, the wrapped `ConnectionIdGenerator` would also insert the `Connection` keyed by the new `ConnectionId` into the `Server`'s `HashMap` of `Connection`s. This has two problems: - Complexity through indirection where a `Connection` owned by a `Server` can indirectly mutate the `Server` through the provided wrapped `ConnectionIdGenerator` having access to the `Server`'s set of `Connection`s. - Double `RefCell` borrow e.g. when a `Server` would iterate its `Connection`s, process each, where one of them might generate a new `ConnectionId` via the provided `ConnectionIdGenerator`, which in turn would insert the `Connection` into the currently iterated set of `Connection`s of the `Server`. This commit replaces the `HashMap<ConnectionId, Connection>` of the `Server` with a simple `Vec<Connection>`. Given the removal of the index, the `ConnectionIdGenerator` wrapper (i.e. `ServerConnectionIdGenerator`) is no longer needed and removed and thus the shared reference to the `Server`s `Connection` `HashMap` is no longer needed and thus the above mentioned double borrow is made impossible. Downside to the removal of the index by `ConnectionId` is a potential performance hit. When the `Server` manages a large set of `Connection`s, finding the `Connection` corresponding to a `ConnectionId` (e.g. from an incoming `Datagram`) is `O(n)` (`n` equal the number of connections). * A server SHOULD ignore a packet with the same destination conn id * Remove unused and re-introduce `[self]` * Remove AttemptKey Two packets with the same connection id but different source addresses are assigned to the same connection. Thus there is no need to use the remote address to disambiguate the packets. Thus there is no need for `AttemptKey`.

@mxinden

* chore(neqo-udp): drop tokio dependency `neqo-udp` is used in Firefox. Firefox uses `cargo vet` to audit its dependencies. `tokio`, the dependency of `neqo-udp`, is not audited as `safe-to-deploy`. `cargo vet` will require `safe-to-deploy` for `tokio` even when behind a feature flag. To work around this limitation in `cargo vet`, drop `tokio` dependency in `neqo-udp`, moving `tokio` specific logic into `neqo-bin`. See details in: - mozilla/cargo-vet#626 - https://bugzilla.mozilla.org/show_bug.cgi?id=1907810 - https://phabricator.services.mozilla.com/D212959#inline-1194604 * Fix clippy & doc @mxinden please double-check --------- Co-authored-by: Lars Eggert <lars@eggert.org>

* ci: Fail QNS run on Rust panic So we hopefully catch interop panics in CI earlier. * Fix condition * check logs * where * Again * Again * Again * Done * if: always() --------- Signed-off-by: Lars Eggert <lars@eggert.org>

* ci: Report QNS results by client and server separately * Fix * Tweak

* fix(udp): test blocking Socket `quinn_udp::UdpSocketState` sets the the OS socket to non-blocking in order to be used by poll based runtimes like `tokio`. For basic unit tests, this might result in race conditions, e.g. where one socket tries to receive before the other is done sending, thus returning `WouldBlock`. This commit sets the OS sockets back to blocking on `neqo-udp` unit tests. * Trigger CI

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.3.0 to 6.4.1. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@1a16264...1ca370b) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* deps(quinn-udp): move to workspace dependency * deps(quinn-udp): bump to latest version * deps(quinn-udp): enable direct-log feature quinn-rs/quinn#1923 made the `tracing` dependency optional. In addition, when `direct-log` is enabled, it allows using `log` instead of `tracing` for logging.

* bench(transfer): run with and without pacing * Fix for benchmark comment format * More regex fixing --------- Co-authored-by: Lars Eggert <lars@eggert.org>

* fix: Log `rttvar` in qlog * Update neqo-transport/src/qlog.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Revert "Update neqo-transport/src/qlog.rs" This reverts commit cf986bb. `as_millis_f32` is nightly experimental. --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Max Inden <mail@max-inden.de>

* chore: Remove superfluous clippy allows Now that nightly has experimental support for https://rust-lang.github.io/rfcs/2383-lint-reasons.html, use that to identify superfluous clippy allows and remove them. * Minimize diff * fmt * Minimize diff * Fixes

…`91b21d4` to `5114afe` in /qns (#2013) * build(deps): bump martenseemann/quic-network-simulator-endpoint in /qns Bumps martenseemann/quic-network-simulator-endpoint from `91b21d4` to `5114afe`. --- updated-dependencies: - dependency-name: martenseemann/quic-network-simulator-endpoint dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Fixes, and update to Rust 1.80 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

* ci: Don't install unneeded rust components by default Should speed up some CI checks. * components -> tools * Commas * Quote * Pipe * Optimize * Fix * Fix * rustup

Bumps [docker/login-action](https://github.com/docker/login-action) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@0d4c9c5...9780b0c) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@5927c83...49b3bc8) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.4.1 to 6.5.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@1ca370b...5176d81) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps alpine from `b89d9c9` to `0a4eaa0`. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@4fd8129...aa33708) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* bench(bin): remove sample-size override Have criterion determine the sample size based on warum-up run time instead. * Trigger benchmarks

In the following regex there are 6 capture groups. ``` perl -p -0777 -e 's/(.*?)\n(.*?)(((No change|Change within|Performance has).*?)(\nFound .*?)?)?\n\n/<details><summary>$1: $4<\/summary><pre>\n$2$4$6<\/pre><\/details>\n/gs' |\ ``` Capture group 5 is nested within capture group 4: ``` ((No change|Change within|Performance has).*?) ``` Capture group 5 is already printed as part of capture group 4 in the first line. This commit drops capture group 5.

* ci: Fix building NSS from source * Add shell * Fix pip * Fix deps * no-deps * No hashes * cache key * Fix * Fix * gyp * Try * Again * Again * Again * req * Path * rustup * Fix * link * Again * Again * Again * Again * Again * msvc * Again * msvc * indent * shell * Fix * bash * gyp * path * true * Cache * Fix * Again * Again * ninja * no ninja * Remove comment * Back to 3.98 * Add `minimum-version` action parameter * no rustup * Fix --------- Signed-off-by: Lars Eggert <lars@eggert.org>

* fix(benches/transfer): remove throughput The `neqo-transport/benches/transfer.rs` benchmarks use the `test-fixture/src/sim` simulator. The simulator can travel in time, i.e. it simulates time. The _wall-clock time_ of a single benchmark run is not the amount of time it took to transfer `TRANSFER_AMOUNT`. The _simulated time_ is the amount of time it took to transfer `TRANSFER_AMOUNT`. `criterion` will use the _wall-clock time_, not the _simulated time_ to calculate the throughput based on `TRANSFER_AMOUNT`. The resulting throughput number is not meaningful. This commit removes the call to `group.throughput`, thus removing the misleading `criterion` throughput reporting. * Add comment --------- Co-authored-by: Lars Eggert <lars@eggert.org>

* ci: Skip `sudo` runner steps on self-hosted runner Because the script runs without `sudo` permissions. Deps must be installed by admin. * rustfmt

Now that we're sorting by role, no need to underline. Also fix issue when there are no results.

@martinthomson

To make @martinthomson happy :-)

* test(transport): handshake delay with ecn blackhole This commit adds a test where a client connects to a server over a connection dropping all ECN marked datagrams (ECN blackhole) in both directions, asserting 43 RTT to detect ECN blackhole, disable ECN and eventually establish connection. * Bail out of ECN validation after three failed Initials * Update neqo-transport/src/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Fixes * clean-up tests --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Lars Eggert <lars@eggert.org>

@KershawChang

Discussed yesterday with @KershawChang. @martinthomson, are you OK with this? @mxinden is pretty actively reviewing, so it might unblock getting PRs merged when both of you are busy. Signed-off-by: Lars Eggert <lars@eggert.org>

@martinthomson

* fix: Make neqo pass `amplificationlimit` QNS test Fixes #1183 * Fix some tests * Update neqo-transport/src/connection/tests/handshake.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Address code review * Fix idle_timeout_crazy_rtt * Clarify test * Restore * Hopefully, a fix * Nit * Tweak * Fix tests * Fix * Minimize diff * Minimize more * Fix? * Fix? * Fix? * Deal with cancelled runs * Try * Roll back * Again * fmt * Suggestion from @martinthomson --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net>

* neqo-crypto: use SSL_PeerCertificateChainDER The SSL_PeerCertificateChainDER function was added in NSS 3.103 to allow an application to retrieve the peer's presented certificate chain without constructing CERTCertificates. This is expected to improve performance, as constructing a CERTCertificate will typically involve querying the NSS certificate database. * make null_safe_slice generic over pointer type * handle len == 0 case in null_safe_slice * use slice::Iter as SliceIter * use into_iter in test for better code coverage --------- Co-authored-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net>

Instead, pass an error up. Fixes #1675 (again, hopefully)

* build(deps): bump docker/setup-buildx-action from 3.5.0 to 3.6.1 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.5.0 to 3.6.1. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@aa33708...988b5a0) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Pass CODECOV_TOKEN also as env, to check if that fixes upload --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

* build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.4 to 4.3.5. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@0b2256b...89ef406) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add actions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

In the `path_forwarding_attack` unit test ``` rust /// This simulates an attack where a valid packet is forwarded on /// a different path. This shows how both paths are probed and the /// server eventually returns to the original path. fn path_forwarding_attack() { ``` data is send on two paths, a IPv6 path (aka. "old") and an IPv4 path (aka. "new"). Towards the end of the test it asserts one path, but mentions the other in the doc comment. This commit fixes the mix-up in the doc comment.

@mxinden

* chore: Remove some `unwrap`s where it is straightforward This will hopefully include fixes for this issue: ``` core::result::unwrap_failed | neqo_transport::crypto::CryptoDxState::new_initial ``` https://crash-stats.mozilla.org/signature/?product=Firefox&signature=core%3A%3Aresult%3A%3Aunwrap_failed%20%7C%20neqo_transport%3A%3Acrypto%3A%3ACryptoDxState%3A%3Anew_initial&date=%3E%3D2024-01-01T12%3A31%3A00.000Z&date=%3C2024-08-02T12%3A31%3A00.000Z&_columns=date&_columns=product&_columns=version&_columns=build_id&_columns=platform&_columns=reason&_columns=address&_columns=install_time&_columns=startup_crash&_sort=-date&page=1#reports * Suggestion from @mxinden * fmt * More

* ci: Fix QNS reporting WIP * Skip when file is not there * Remove ls

`null` happens when a client or server is deemed "not compliant" by QNS

…1992) Co-authored-by: Lars Eggert <lars@eggert.org>

* test(udp): assert ignoring of empty datagram * fix(udp): ignore empty datagram When receiving an emtpy datagram `meta.len` and `meta.stride` would be `0`. Chunking the receive buffer via `.chunks(0)` would panic with: ``` chunk size must be non-zero ``` See also panic docs on `slice::chunks`: https://doc.rust-lang.org/std/primitive.slice.html#method.chunks With this commit `recv_inner` ignores the empty datagram. In addition, under the assumption that an empty datagram is not a faulty event, `recv_inner` attempts another receive call on the socket. This ensures that the socket eventually returns `WouldBlock` and is thus registered for the next wake-up with the corresponding event loop (e.g. tokio`).

* fix(transport): don't pace below timer granularity Neqo assumes a timer granularity of 1ms: https://github.com/mozilla/neqo/blob/0eb9174d7a67b250607f0c3ea056fe056bcf91f5/neqo-transport/src/rtt.rs#L25-L27 but `neqo_transport::Pacer::next()` might return values `< GRANULARITY`. https://github.com/mozilla/neqo/blob/0eb9174d7a67b250607f0c3ea056fe056bcf91f5/neqo-transport/src/pace.rs#L71-L90 Under the assumption that a timer implementation rounds small values up to its granularity (e.g. 1ms), packets can be delayed significantly more than intended by `Pacer`. With this commit `Pacer` does not delay packets that would previously be delayed by less than `GRANULARITY`. The downside is loss in pacing granularity. See also: - google/quiche - https://github.com/google/quiche/blob/60aec87316d24392b2ea37c391ecf406ef183074/quiche/quic/core/congestion_control/pacing_sender.cc#L167 - https://github.com/google/quiche/blob/60aec87316d24392b2ea37c391ecf406ef183074/quiche/quic/core/quic_constants.h#L304 - quic-go - https://github.com/quic-go/quic-go/blob/d1f9af4cc6b13c96dc302ac9ec5f061ed294d36b/internal/protocol/params.go#L137 - `kGranularity` in RFC 9002 https://datatracker.ietf.org/doc/html/rfc9002#name-constants-of-interest * Address suggestions * Add test * Fix path_forwarding_attack test Pacing on new path is now below granularity and thus packet on new path is send immediately. Calling `skip_pacing` will instead fast forward to the PTO of the old path to expire, thus leading to an unexpected probe packet on the old path. ``` thread 'connection::tests::migration::path_forwarding_attack' panicked at test-fixture/src/assertions.rs:153:5: assertion `left == right` failed left: [fe80::1]:443 right: 192.0.2.1:443 ``` This commit simply removes the no longer needed `skip_pacing` step, thus reverting to the previous behavior. * clippy --------- Co-authored-by: Lars Eggert <lars@eggert.org>

Revert 21e9782 Doh!

* refactor: consolidate NeqoQlog instantiation Previously `neqo_transport::Server`, `neqo_bin::Client` and [`neqo_glue`](https://searchfox.org/mozilla-central/rev/7279a1df13a819be254fd4649e07c4ff93e4bd45/netwerk/socket/neqo_glue/src/lib.rs#283-315) had each their own but very similar way of instantiating `NeqoQlog`. This commit consolidates the instantiation logic into a single function in `neqo_common`. * Add simple test for client and server to write qlog file * clippy * Replace : with _ in filename on Windows --------- Co-authored-by: Lars Eggert <lars@eggert.org>

Instead of writing to a file directly, buffer writes through a `BufWriter`.

@martinthomson

* fix: Check whether CIDs are empty WIP Fixes #1429 * Update neqo-transport/src/path.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Suggestion from @martinthomson * Update neqo-transport/src/qlog.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Suggestion from @mxinden @mxinden, is `take()` the way to go here? * Log error * Fix test * Simplify test --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net> Co-authored-by: Max Inden <mail@max-inden.de>

…ts (#2049) See cargo-bins/cargo-quickinstall#267 (comment)

* test: Prep env for custom NSS build * Update test/test.sh Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net>

* build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.5 to 4.3.6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@89ef406...834a144) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add actions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

@martinthomson

* feat: Use `EnumMap` for `AckTracker` Hopefully addresses @martinthomson's `TODO` about this. * Minimize diff * Fix * More * Add test * Suggestions from @martinthomson * More

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.5.0 to 6.6.1. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@5176d81...16ebe77) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

@martinthomson

* fix: Handle H3 grease stream types Doesn't work yet, since it stops reading from the stream afterwards. Fixes #1991 * Add test and fix bug * Handle non-HEADERS first frames * Update neqo-http3/src/stream_type_reader.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Suggestion from @martinthomson * In debug builds, add a grease frame before the headers. * Revert "In debug builds, add a grease frame before the headers." This is breaking too many tests. This reverts commit 7b9ea7f. * Simplify * HFrameType is a struct now * Bump coverage --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net>

* refactor(bin): use 32k stream IO buffer Firefox by default uses a 32k IO buffer for streams. https://searchfox.org/mozilla-central/rev/f6e3b81aac49e602f06c204f9278da30993cdc8a/modules/libpref/init/all.js#3212 This commit makes `neqo-bin` use the same buffer size across http09/3 and client/server. Along the way it consolidates various buffer logic and reuses buffers whereever feasible. * Trigger benchmarks

* fix: Check for error when looking up packet number space The crash signatures don't really give much of an indication of where exactly the issue is. Am kinda guessing it's this `unwrap` of the packet number space which was based on unverified network input (via `PacketNumberSpace::from`). Possible fix for #1363. * Fewer `unwrap`s with `AckTracker::get_mut` * Log error

@mxinden

* fix: Send ACKs during handshake after they are lost This is not yet complete. It works for the first RTX of a lost server Initial, which now contains the same data as the original transmission. A third RTX only contains pings. Something is off about our probe logic. Will continue investigating, but want to see what the bench and QNS impacts of this change are. * Improvements * Remove debug output * Suggestion from @mxinden * doc comment * Check if `L1`/`C1` improve if this is also done in the Handshake space * Update comment * ACK more aggressively during the handshake * Undo * Update neqo-transport/src/tracking.rs Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/recovery/mod.rs Signed-off-by: Lars Eggert <lars@eggert.org> --------- Signed-off-by: Lars Eggert <lars@eggert.org>

* fix: qlog `reference_time` should be in msec https://datatracker.ietf.org/doc/html/draft-ietf-quic-qlog-main-schema#section-7.1 * Update neqo-common/src/qlog.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Undo --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Max Inden <mail@max-inden.de>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.6.1 to 6.7.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@16ebe77...5cd11c3) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

@martinthomson

* fix: Don't process timers during Closing or Draining This doesn't seem to cause any packets to go out, but is a bit wasteful (and also confused me when I saw timers fire in the logs...) * Suggestion from @martinthomson

* test: Add a test case for 0-RTT loss This currently fails, because we have a bug where the server does not accept retransmitted 0-RTT packets when it should. * Fixed * Cleanup * Keep the larger anti-replay window to just one test * Update neqo-transport/src/connection/tests/zerortt.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/tests/zerortt.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/tests/zerortt.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net>

* refactor: drop time crate in favor of std::time::SystemTime * use as_secs_f64 * don't panic, but return None

PMTUD probes inflate what we sent in 1-RTT, causing QNS to fail the test. See ptrd/kwik#46 (comment)

* fix: Lower log level for "Closing, not processing other timers" It's too noisy. * More

@mxinden

* test: Check for RTX of lost 0-RTT data on reject This is currently failing. * Fix merge * Attempt to RTX requests when 0-RTT was rejected Look OK, @mxinden? Let's see what the CI says. * Reinit on `ZeroRttRejected` * Remove test * Fix * Reinit files * Suggestions from @mxinden --------- Signed-off-by: Lars Eggert <lars@eggert.org>

s2n-quic doesn't send a resumption token for the second connection in the QNS `resumption` test, and this caused us to fail.

* ci: Delete all QNS logs >10MB before artifact upload Because these artifacts are huge and those logs are not useful for debugging. * 5M * Leave a note

Signed-off-by: Lars Eggert <lars@eggert.org>

Add test coverage for validation failing on `Ect1`. https://github.com/mozilla/neqo/blob/15cae9be1529e327e575fb7c799acc7521691337/neqo-transport/src/ecn.rs#L244-L246

* chore: Switch to the `windows` crate The `winapi` isn't being updated anymore, and the `windows` crate is a more modern alternative maintained by Microsoft. * Fix

) Previously `send_something_paced_with_modifier` would only apply the `modifier` if `sender.process_output` returned a `Output::Datagram` right away, but not when `sender.process_ouput` returned a datagram after returning a `Output::Callback`. With this commit, `modifier` is always applied.

It's been having weird failures.

* feat(transport): add ecn metrics to Stats * clippy * Document NotEct 0 * clippy * fix doc links

…ns (#2084) Bumps martenseemann/quic-network-simulator-endpoint from `5114afe` to `5177120`. --- updated-dependencies: - dependency-name: martenseemann/quic-network-simulator-endpoint dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump actions/upload-artifact from 4.3.6 to 4.4.0 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.6 to 4.4.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@834a144...5076954) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Add actions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

* fix: Handle migrating to a path that is an ECN blackhole * Fix tests * Update neqo-transport/src/connection/tests/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/path.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/tests/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/path.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/tests/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/tests/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/tests/ecn.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Fixes --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Max Inden <mail@max-inden.de>

Save some trees

* ci: Try and speed up QNS docker build Via https://github.com/LukeMathWalker/cargo-chef * Update qns/Dockerfile Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Max Inden <mail@max-inden.de>

* chore: Trim unused features Courtesy of https://github.com/ToBinio/cargo-features-manager. * More * Again * More * Fixes * Needed? * Again * Do not encode long RTT guesses in resumption tokens * Oops

Bumps alpine from `0a4eaa0` to `beefdbd`. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ns (#2094) Bumps martenseemann/quic-network-simulator-endpoint from `5177120` to `f65a034`. --- updated-dependencies: - dependency-name: martenseemann/quic-network-simulator-endpoint dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci: Only remove QNS logs for successful tests * Strip quotes * Fix log location * Fixes * Finalize

See https://bugzilla.mozilla.org/show_bug.cgi?id=1917407

Needed for mozilla/mtu#21.

Until rust-lang/rustup#4019 is fixed.

* ci: Try and fix NSS build on Windows * Again * Older NSS * Path * Next rev * Pin

* fix: Allow turning off greasing * Add `disable_migration` * fmt * Update neqo-transport/src/connection/tests/mod.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/src/connection/tests/mod.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * clippy --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Max Inden <mail@max-inden.de>

And just compute it on the fly. It wasn't consistently updated anyway and is only used in tests.

Co-authored-by: Lars Eggert <lars@eggert.org>

* ci: Unpin nss Verbose, single-threaded build * Fix * Finalize

* ci: Fix Firefox build on Windows * Exit * Check * WindowsSdkDir * Finalize * Also only PR-comment if we tried to build

* Replace xyber768 with mlkem768x25519 * rustfmt --------- Co-authored-by: Lars Eggert <lars@eggert.org>

…ns (#2111) Bumps martenseemann/quic-network-simulator-endpoint from `f65a034` to `42d79cc`. --- updated-dependencies: - dependency-name: martenseemann/quic-network-simulator-endpoint dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(qpack): typo * typo

If we pace, we might get the initial server flight before sending sufficient 0-RTT data to pass the QNS check. Broken out of #1998

Funtion is only used internally. Broken out of #1998

* ci: Speed up NSS build with `sccache` Maybe? * Again * No Windows * Fix cmake * Fixes * Fixes * echo * Again * exe * No Windows * No Windows * Finalize * Only set compiler env for the NSS build --------- Signed-off-by: Lars Eggert <lars@eggert.org>

* ci: Disable sccache on Windows again Because for some reason today, the action doesn't install: ``` Error: Error: File was unable to be removed Error: EBUSY: resource busy or locked, rmdir 'C:\hostedtoolcache\windows\sccache\0.8.1\x64' Error: File was unable to be removed Error: EBUSY: resource busy or locked, rmdir 'C:\hostedtoolcache\windows\sccache\0.8.1\x64' ``` * Check if it's installed already * Fix

@mxinden

* fix: Don't encode large RTT guesses in tickets Because under lossy conditions (e.g., QNS `handshakeloss` test), the guess can be multiple times the actual RTT, which when encoded in the resumption ticket will cause an extremely slow second handshake, often causing the test to time out. Broken out of #1998 Fixes #2088 * Fixes & tests * Suggestion from @mxinden * Fix

* `cargo machete` * `cargo fmt` * `cargo clippy`

* ci: Try and use artifacts to cache prebuilt NSS * needs * actions/cache * Fix * Fix * no sccache * sccache is killing our cache * Set env * Env * NSS_PREBUILT * Check if set * Cache on self-hosted runner * Fixes * Fixes * Fixes * Run fuzz in parallel * Invert * fuzz-bench * SCCACHE_INSTALLED && build -> check * Fixes * Fixes * Don't update rustup * Compile less

We don't track which packets are coalesced with others, so when we detect a loss in one packet number space, we cannot resend any coalesced packets in other packet number space. This PR tries to approximate this behavior by scheduling un-ACKed Handshake and 0-RTT packets for RTX when packets are lost in the Initial space. Broken out of #1998

`add_datagram` takes a Quic datagram and adds it to the queue of datagrams to be sent out. Previously it would take a reference (i.e. `&[u8]`) and would allocate it into a new `Vec<u8>` before enqueuing. At the call-site the original allocation (referenced by the `&[u8]`) would go out-of-scope and thus be de-allocated. This is a wasted allocation for each Quic datagram to be send. This commit has the call-site pass the owned `Vec<u8>` down right away. Co-authored-by: Lars Eggert <lars@eggert.org>

@martinthomson

This caused some test failures, and @martinthomson discovered this as the reason at the IETF 120 hackathon. Broken out of #1998

So that we get issues for platform-specific code. Also change `macos-14` -> `macos-latest` everywhere.

Nightly might have performance regressions.

The `neqo_transport::Connection::max_datagram_size` creates an `Encoder`, writes a packet header and a packet number and determines how many bytes of the mtu are left. https://github.com/mozilla/neqo/blob/28f60bd0ba3209ecba4102eec123859a3a8afd45/neqo-transport/src/connection/mod.rs#L3408-L3427 The `Encoder` only has to hold the packet header and the packet number. Yet it is initialized with `Encoder::with_capacity(mtu)`. https://github.com/mozilla/neqo/blob/28f60bd0ba3209ecba4102eec123859a3a8afd45/neqo-transport/src/connection/mod.rs#L3408 Note that `PacketBuilder::short` and `PacketBuilder::long` read the `Encoder::capacity` through `PacketBuilder::infer_limit`. But `PacketBuilder::infer_limit` falls back to `2048` if the capacity is below `64`, which will be the case when using `Encoder::default()` instead of `Encoder::with_capacity(mtu)`. `2048` should be plenty enough for the packet header and the packet number. https://github.com/mozilla/neqo/blob/28f60bd0ba3209ecba4102eec123859a3a8afd45/neqo-transport/src/packet/mod.rs#L152-L180 https://github.com/mozilla/neqo/blob/28f60bd0ba3209ecba4102eec123859a3a8afd45/neqo-transport/src/packet/mod.rs#L188-L225 https://github.com/mozilla/neqo/blob/28f60bd0ba3209ecba4102eec123859a3a8afd45/neqo-transport/src/packet/mod.rs#L135-L141 This commit prevents the wasted allocation by using `Encoder::default()` instead of `Encoder::with_capacity(mtu)`. Co-authored-by: Lars Eggert <lars@eggert.org>

`Connection::add_packet_number -> PacketBuilder::pn -> Encoder::encode_uint` panics when `pn_len` is `0`. These panics are seen in Firefox crash reports. To be able to find the root cause of the panic, add additional metadata. See #2132 for details.

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.7.0 to 6.8.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@5cd11c3...32945a3) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* ci(nss): don't set environment variables on BUILD_NSS 0 * Differentiate in system-nss, cached-nss, and nss-to-be-build

* fix: Add `confirmed` parameter to PTO calculation Rather than having the caller determine for which space a PTO should be calculated for. Broken out of #1998 I'm ambivalent if we want this change - thoughts? * More from #1998 * More from #1998

This is simpler code overall. It might even be faster. It certainly avoids an allocation.

* make process_output be able to return keep_alive timeout * address comments * address more comments

* ci(bench): don't run on draft PRs * Add workflow_dispatch input

* ci: run tests with sanitizers on Linux and MacOS * Try combined syntax Co-authored-by: Lars Eggert <lars@eggert.org> Signed-off-by: Max Inden <mail@max-inden.de> --------- Signed-off-by: Max Inden <mail@max-inden.de> Co-authored-by: Lars Eggert <lars@eggert.org>

* build(deps): bump actions/checkout from 4.1.7 to 4.2.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...d632683) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update actions --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.5.0 to 4.6.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@e28ff12...b9fd7d1) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.8.0 to 6.9.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@32945a3...4f58ea7) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.6.1 to 3.7.1. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@988b5a0...c47758b) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Test written while debugging https://bugzilla.mozilla.org/show_bug.cgi?id=1919678.

* build(deps): bump actions/cache from 4.0.2 to 4.1.0 Bumps [actions/cache](https://github.com/actions/cache) from 4.0.2 to 4.1.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0c45773...2cdf405) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Do actions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

And simplify the per-step conditions accordingly.

@mxinden

* fix: Check that the largest_acked was sent This is a test and fix for the issue we're discussing with Avast. CC @mxinden * Fix * Do not use untrusted largest_ack * Return Error::AckedUnsentPacket * Tweaks * Typo * Tweaks * Tweaks * Update neqo-transport/src/connection/mod.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/tests/connection.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-transport/tests/connection.rs Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Nit * Simplify test --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Max Inden <mail@max-inden.de>

This reduces boilerplate and encapsulates a good pattern of usage. I wasn't able to make `test_frame_writer` private, but this is close enough.

* ci: Try to pin more deps To get our OSSF score up a bit. * Can't use actionlint docker image

@mxinden

* ci: Don't run QNS when a PR is merged Also don't run it on a schedule anymore. * Suggestion from @mxinden

* ci: Run the sanitizers in parallel * Fixes * Again * Again * Again * Again * Finalize * Update .github/workflows/check.yml Co-authored-by: Max Inden <mail@max-inden.de> Signed-off-by: Lars Eggert <lars@eggert.org> * Refactor into separate workflow * Again * Again * llvm * memory * No memory * ASAN_OPTIONS: detect_leaks=1:detect_stack_use_after_return=1 * actionlint * Suppress * LSAN_OPTIONS * Remove comment * Again * pwd --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Max Inden <mail@max-inden.de>

* test: Dump simulator RNG seeds Into the directory given in the `DUMP_SIMULATION_SEEDS` environment variable. Also, export them as artifacts from the CI runs. Fixes #1645 * mkdir * Print leading zeros * TypoPrint leading zeros * Fixes * Conditional * Separate out sanitizer runs * Per sanitizer * Update test-fixture/src/sim/rng.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Update .github/workflows/check.yml Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Update test-fixture/src/sim/mod.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Prefix seed with test name * Merge --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net>

And a small bit of cleanup to avoid repetition.

Bumps lukemathwalker/cargo-chef from `f50231b` to `acfab68`. --- updated-dependencies: - dependency-name: lukemathwalker/cargo-chef dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump actions/cache from 4.1.0 to 4.1.1 Bumps [actions/cache](https://github.com/actions/cache) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@2cdf405...3624ceb) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add actions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

* build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@5076954...b4b15b8) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add actions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

* build(deps): bump actions/checkout from 4.2.0 to 4.2.1 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@d632683...eef6144) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add actions --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lars Eggert <lars@eggert.org>

So panic stack traces are useful.

According to the actions/cache docs an empty string represents a cache miss: > cache-hit - A string value to indicate an exact match was found for the key. > - If there's a cache hit, this will be 'true' or 'false' to indicate if there's an exact match for key. > - If there's a cache miss, this will be an empty string. https://github.com/actions/cache?tab=readme-ov-file#outputs Previously Neqo's CI would check for `"false"`, now it checks for `""`.

`SocketAddr` implements `Copy`. https://doc.rust-lang.org/std/net/enum.SocketAddr.html#impl-Copy-for-SocketAddr Thus there is no need to pass by reference instead of by value.

* ci: Run benchmarks with Ethernet and max MTUs * Fixes * Export * Try with len that is multiple of 8 * 2000 * 1600 * Try more values * Again * 1488 * 1504 it is for now

* ci: Terminate `nextest` after a test runs for five minutes Terminating it ourselves means that later CI steps run (like exporting the simulator seeds), which doesn't happen when GitHub terminates the entire runner. * Fix seed export on Windows * Fix quoting * Fix

Sometimes, you have to tell it to be quiet. And sometimes, it misses an obvious improvement.

* feat: Support QNS `connectionmigration` test * Address review comments * Update neqo-bin/src/client/http09.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-bin/src/client/http09.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-bin/src/client/http09.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Update neqo-bin/src/client/http09.rs Co-authored-by: Martin Thomson <mt@lowentropy.net> Signed-off-by: Lars Eggert <lars@eggert.org> * Fix --------- Signed-off-by: Lars Eggert <lars@eggert.org> Co-authored-by: Martin Thomson <mt@lowentropy.net>

Signed-off-by: Max Inden <mail@max-inden.de>

Commits on May 17, 2024

remove trailing comma (#1907 )

KershawChang authored May 17, 2024

Configuration menu

View commit details

Copy full SHA for 590940b

Browse repository at this point

Copy the full SHA

590940b View commit details

Browse the repository at this point in the history

Commits on May 30, 2024

neqo_0.7.9 (#1916 )

KershawChang authored May 30, 2024

Configuration menu

View commit details

Copy full SHA for 121fe68

Browse repository at this point

Copy the full SHA

121fe68 View commit details

Browse the repository at this point in the history

Commits on Jul 11, 2024

neqo 0.8.0 (#1973 )

KershawChang authored Jul 11, 2024

Configuration menu

View commit details

Copy full SHA for 9f0a86d

Browse repository at this point

Copy the full SHA

9f0a86d View commit details

Browse the repository at this point in the history

Commits on Aug 15, 2024

Refactor NSS initialization (#2050 )

martinthomson authored Aug 15, 2024

Configuration menu

View commit details

Copy full SHA for 165fff6

Browse repository at this point

Copy the full SHA

165fff6 View commit details

Browse the repository at this point in the history

Commits on Sep 3, 2024

chore: prepare v0.9.0 release (#2082 )

mxinden authored Sep 3, 2024

Configuration menu

View commit details

Copy full SHA for 28f60bd

Browse repository at this point

Copy the full SHA

28f60bd View commit details

Browse the repository at this point in the history

[pull] main from mozilla:main #5

Are you sure you want to change the base?

[pull] main from mozilla:main #5

Commits on May 6, 2024

Commits on May 7, 2024

Commits on May 8, 2024

Commits on May 13, 2024

Commits on May 15, 2024

Commits on May 16, 2024

Commits on May 17, 2024

Commits on May 21, 2024

Commits on May 22, 2024

Commits on May 23, 2024

Commits on May 27, 2024

Commits on May 29, 2024

Commits on May 30, 2024

Commits on Jun 10, 2024

Commits on Jun 17, 2024

Commits on Jun 18, 2024

Commits on Jun 19, 2024

Commits on Jun 25, 2024

Commits on Jun 26, 2024

Commits on Jun 27, 2024

Commits on Jul 1, 2024

Commits on Jul 2, 2024

Commits on Jul 3, 2024

Commits on Jul 4, 2024

Commits on Jul 8, 2024

Commits on Jul 10, 2024

Commits on Jul 11, 2024

Commits on Jul 12, 2024

Commits on Jul 15, 2024

Commits on Jul 16, 2024

Commits on Jul 17, 2024

Commits on Jul 19, 2024

Commits on Jul 22, 2024

Commits on Jul 23, 2024

Commits on Jul 24, 2024

Commits on Jul 25, 2024

Commits on Jul 29, 2024

Commits on Jul 30, 2024

Commits on Jul 31, 2024

Commits on Aug 1, 2024

Commits on Aug 2, 2024

Commits on Aug 5, 2024

Commits on Aug 6, 2024

Commits on Aug 7, 2024

Commits on Aug 8, 2024

Commits on Aug 9, 2024

Commits on Aug 12, 2024

Commits on Aug 13, 2024

Commits on Aug 15, 2024

Commits on Aug 19, 2024

Commits on Aug 20, 2024

Commits on Aug 21, 2024

Commits on Aug 22, 2024

Commits on Aug 26, 2024

Commits on Aug 28, 2024

Commits on Aug 29, 2024

Commits on Sep 2, 2024

Commits on Sep 3, 2024

Commits on Sep 9, 2024

Commits on Sep 10, 2024

Commits on Sep 11, 2024

Commits on Sep 12, 2024

Commits on Sep 13, 2024

Commits on Sep 16, 2024

Commits on Sep 17, 2024

Commits on Sep 18, 2024

Commits on Sep 20, 2024

Commits on Sep 25, 2024

Commits on Oct 1, 2024

Commits on Oct 2, 2024

Commits on Oct 3, 2024

Commits on Oct 4, 2024

Commits on Oct 7, 2024

Commits on Oct 8, 2024

Commits on Oct 9, 2024

Commits on Oct 11, 2024

Commits on Oct 14, 2024