diff --git a/src/quic/endpoint.cc b/src/quic/endpoint.cc index b70429f42a884b..a9b401d18fdb6c 100644 --- a/src/quic/endpoint.cc +++ b/src/quic/endpoint.cc @@ -565,13 +565,17 @@ int Endpoint::UDP::Send(Packet* packet) { // which we don't want. We call ClearWeak here just to be doubly sure. packet->ClearWeak(); packet->Dispatched(); - int err = uv_udp_send(packet->req(), &impl_->handle_, &buf, 1, packet->destination().data(), - uv_udp_send_cb{[](uv_udp_send_t* req, int status) { - auto ptr = - static_cast(ReqWrap::from_req(req)); - ptr->env()->DecreaseWaitingRequestCounter(); - ptr->Done(status); - }}); + int err = uv_udp_send( + packet->req(), + &impl_->handle_, + &buf, + 1, + packet->destination().data(), + uv_udp_send_cb{[](uv_udp_send_t* req, int status) { + auto ptr = static_cast(ReqWrap::from_req(req)); + ptr->env()->DecreaseWaitingRequestCounter(); + ptr->Done(status); + }}); if (err < 0) { // The packet failed. packet->Done(err); @@ -1108,7 +1112,10 @@ void Endpoint::Receive(const uv_buf_t& buf, const SocketAddress& local_address, const SocketAddress& remote_address) { // Conditionally accept an initial packet to create a new session. - Debug(this, "Trying to accept initial packet for %s from %s", dcid, remote_address); + Debug(this, + "Trying to accept initial packet for %s from %s", + dcid, + remote_address); // If we're not listening as a server, do not accept an initial packet. if (state_->listening == 0) return; @@ -1156,7 +1163,8 @@ void Endpoint::Receive(const uv_buf_t& buf, Debug(this, "Packet was not accepted because the endpoint is busy or the " "remote address %s has exceeded their maximum number of concurrent " - "connections", remote_address); + "connections", + remote_address); // Endpoint is busy or the connection count is exceeded. The connection is // refused. For the purpose of stats collection, we'll count both of these // the same. @@ -1213,7 +1221,8 @@ void Endpoint::Receive(const uv_buf_t& buf, if (hd.tokenlen == 0) { Debug(this, "Initial packet has no token. Sending retry to %s to start " - "validation", remote_address); + "validation", + remote_address); SendRetry(PathDescriptor{ version, dcid, @@ -1232,7 +1241,10 @@ void Endpoint::Receive(const uv_buf_t& buf, switch (hd.token[0]) { case RetryToken::kTokenMagic: { RetryToken token(hd.token, hd.tokenlen); - Debug(this, "Initial packet from %s has retry token %s", remote_address, token); + Debug(this, + "Initial packet from %s has retry token %s", + remote_address, + token); auto ocid = token.Validate( version, remote_address, @@ -1240,7 +1252,8 @@ void Endpoint::Receive(const uv_buf_t& buf, options_.token_secret, options_.retry_token_expiration * NGTCP2_SECONDS); if (!ocid.has_value()) { - Debug(this, "Retry token from %s is invalid.", remote_address); + Debug( + this, "Retry token from %s is invalid.", remote_address); // Invalid retry token was detected. Close the connection. SendImmediateConnectionClose( PathDescriptor{ @@ -1257,7 +1270,8 @@ void Endpoint::Receive(const uv_buf_t& buf, // validation. Debug(this, "Retry token from %s is valid. Original dcid %s", - remote_address, ocid.value()); + remote_address, + ocid.value()); config.ocid = ocid.value(); config.retry_scid = dcid; config.set_token(token); @@ -1265,14 +1279,18 @@ void Endpoint::Receive(const uv_buf_t& buf, } case RegularToken::kTokenMagic: { RegularToken token(hd.token, hd.tokenlen); - Debug(this, "Initial packet from %s has regular token %s", - remote_address, token); + Debug(this, + "Initial packet from %s has regular token %s", + remote_address, + token); if (!token.Validate( version, remote_address, options_.token_secret, options_.token_expiration * NGTCP2_SECONDS)) { - Debug(this, "Regular token from %s is invalid.", remote_address); + Debug(this, + "Regular token from %s is invalid.", + remote_address); // If the regular token is invalid, let's send a retry to be // lenient. There's a small risk that a malicious peer is // trying to make us do some work but the risk is fairly low @@ -1294,7 +1312,9 @@ void Endpoint::Receive(const uv_buf_t& buf, break; } default: { - Debug(this, "Initial packet from %s has unknown token type", remote_address); + Debug(this, + "Initial packet from %s has unknown token type", + remote_address); // If our prefix bit does not match anything we know about, // let's send a retry to be lenient. There's a small risk that a // malicious peer is trying to make us do some work but the risk @@ -1318,7 +1338,8 @@ void Endpoint::Receive(const uv_buf_t& buf, Debug(this, "Remote address %s is validated", remote_address); addrLRU_.Upsert(remote_address)->validated = true; } else if (hd.tokenlen > 0) { - Debug(this, "Ignoring initial packet from %s with unexpected token", + Debug(this, + "Ignoring initial packet from %s with unexpected token", remote_address); // If validation is turned off and there is a token, that's weird. // The peer should only have a token if we sent it to them and we @@ -1329,7 +1350,9 @@ void Endpoint::Receive(const uv_buf_t& buf, } break; case NGTCP2_PKT_0RTT: - Debug(this, "Sending retry to %s due to initial 0RTT packet", remote_address); + Debug(this, + "Sending retry to %s due to initial 0RTT packet", + remote_address); // If it's a 0RTT packet, we're always going to perform path // validation no matter what. This is a bit unfortunate since // ORTT is supposed to be, you know, 0RTT, but sending a retry diff --git a/src/quic/http3.cc b/src/quic/http3.cc index 439bb666ef6ba5..fb6c9bc4aef1f4 100644 --- a/src/quic/http3.cc +++ b/src/quic/http3.cc @@ -1,5 +1,6 @@ #if HAVE_OPENSSL && NODE_OPENSSL_HAS_QUIC +#include "http3.h" #include #include #include @@ -13,7 +14,6 @@ #include "application.h" #include "bindingdata.h" #include "defs.h" -#include "http3.h" #include "session.h" #include "sessionticket.h" @@ -383,9 +383,9 @@ class Http3Application final : public Session::Application { return data.id > -1 && !is_control_stream(data.id) && data.fin == 1; } - SET_NO_MEMORY_INFO(); - SET_MEMORY_INFO_NAME(Http3Application); - SET_SELF_SIZE(Http3Application); + SET_NO_MEMORY_INFO() + SET_MEMORY_INFO_NAME(Http3Application) + SET_SELF_SIZE(Http3Application) private: inline operator nghttp3_conn*() const { diff --git a/src/quic/packet.cc b/src/quic/packet.cc index ad5efac70fb909..dad5b59ad3cbe5 100644 --- a/src/quic/packet.cc +++ b/src/quic/packet.cc @@ -223,11 +223,10 @@ void Packet::MemoryInfo(MemoryTracker* tracker) const { tracker->TrackField("data", data_); } -Packet* Packet::CreateRetryPacket( - Environment* env, - Listener* listener, - const PathDescriptor& path_descriptor, - const TokenSecret& token_secret) { +Packet* Packet::CreateRetryPacket(Environment* env, + Listener* listener, + const PathDescriptor& path_descriptor, + const TokenSecret& token_secret) { auto& random = CID::Factory::random(); CID cid = random.Generate(); RetryToken token(path_descriptor.version, @@ -264,12 +263,11 @@ Packet* Packet::CreateRetryPacket( return packet; } -Packet* Packet::CreateConnectionClosePacket( - Environment* env, - Listener* listener, - const SocketAddress& destination, - ngtcp2_conn* conn, - const QuicError& error) { +Packet* Packet::CreateConnectionClosePacket(Environment* env, + Listener* listener, + const SocketAddress& destination, + ngtcp2_conn* conn, + const QuicError& error) { auto packet = Create( env, listener, destination, kDefaultMaxPacketLength, "connection close"); if (packet == nullptr) return nullptr; diff --git a/src/quic/packet.h b/src/quic/packet.h index da30fca133c2ce..c92f2fd4a60f82 100644 --- a/src/quic/packet.h +++ b/src/quic/packet.h @@ -92,12 +92,11 @@ class Packet final : public ReqWrap { // tells us how many of the packets bytes were used. void Truncate(size_t len); - static Packet* Create( - Environment* env, - Listener* listener, - const SocketAddress& destination, - size_t length = kDefaultMaxPacketLength, - const char* diagnostic_label = ""); + static Packet* Create(Environment* env, + Listener* listener, + const SocketAddress& destination, + size_t length = kDefaultMaxPacketLength, + const char* diagnostic_label = ""); Packet* Clone() const; @@ -107,18 +106,16 @@ class Packet final : public ReqWrap { std::string ToString() const; - static Packet* CreateRetryPacket( - Environment* env, - Listener* listener, - const PathDescriptor& path_descriptor, - const TokenSecret& token_secret); + static Packet* CreateRetryPacket(Environment* env, + Listener* listener, + const PathDescriptor& path_descriptor, + const TokenSecret& token_secret); - static Packet* CreateConnectionClosePacket( - Environment* env, - Listener* listener, - const SocketAddress& destination, - ngtcp2_conn* conn, - const QuicError& error); + static Packet* CreateConnectionClosePacket(Environment* env, + Listener* listener, + const SocketAddress& destination, + ngtcp2_conn* conn, + const QuicError& error); static Packet* CreateImmediateConnectionClosePacket( Environment* env, diff --git a/src/quic/session.cc b/src/quic/session.cc index 56d88896755ed0..4c9aad191ad650 100644 --- a/src/quic/session.cc +++ b/src/quic/session.cc @@ -187,10 +187,14 @@ namespace { inline const char* getEncryptionLevelName(ngtcp2_encryption_level level) { switch (level) { - case NGTCP2_ENCRYPTION_LEVEL_1RTT: return "1rtt"; - case NGTCP2_ENCRYPTION_LEVEL_0RTT: return "0rtt"; - case NGTCP2_ENCRYPTION_LEVEL_HANDSHAKE: return "handshake"; - case NGTCP2_ENCRYPTION_LEVEL_INITIAL: return "initial"; + case NGTCP2_ENCRYPTION_LEVEL_1RTT: + return "1rtt"; + case NGTCP2_ENCRYPTION_LEVEL_0RTT: + return "0rtt"; + case NGTCP2_ENCRYPTION_LEVEL_HANDSHAKE: + return "handshake"; + case NGTCP2_ENCRYPTION_LEVEL_INITIAL: + return "initial"; } return ""; } @@ -2019,8 +2023,10 @@ struct Session::Impl { auto session = Impl::From(conn, user_data); if (UNLIKELY(session->is_destroyed())) return NGTCP2_ERR_CALLBACK_FAILURE; - Debug(session, "Receiving RX key for level %d for dcid %s", - getEncryptionLevelName(level), session->config().dcid); + Debug(session, + "Receiving RX key for level %d for dcid %s", + getEncryptionLevelName(level), + session->config().dcid); if (!session->is_server() && (level == NGTCP2_ENCRYPTION_LEVEL_0RTT || level == NGTCP2_ENCRYPTION_LEVEL_1RTT)) { @@ -2076,8 +2082,10 @@ struct Session::Impl { auto session = Impl::From(conn, user_data); if (UNLIKELY(session->is_destroyed())) return NGTCP2_ERR_CALLBACK_FAILURE; - Debug(session, "Receiving TX key for level %d for dcid %s", - getEncryptionLevelName(level), session->config().dcid); + Debug(session, + "Receiving TX key for level %d for dcid %s", + getEncryptionLevelName(level), + session->config().dcid); if (session->is_server() && (level == NGTCP2_ENCRYPTION_LEVEL_0RTT || level == NGTCP2_ENCRYPTION_LEVEL_1RTT)) { diff --git a/src/quic/tlscontext.cc b/src/quic/tlscontext.cc index 6f08a91c98d8df..33fffbd585db14 100644 --- a/src/quic/tlscontext.cc +++ b/src/quic/tlscontext.cc @@ -6,10 +6,10 @@ #include #include #include -#include #include #include #include +#include #include #include #include @@ -93,7 +93,10 @@ int AlpnSelectionCallback(SSL* ssl, } BaseObjectPtr InitializeSecureContext( - Session* session, Side side, Environment* env, const TLSContext::Options& options) { + Session* session, + Side side, + Environment* env, + const TLSContext::Options& options) { auto context = crypto::SecureContext::Create(env); auto& ctx = context->ctx(); @@ -292,7 +295,8 @@ bool SetOption(Environment* env, (options->*member).push_back(handle->Data()); } else { Utf8Value namestr(env->isolate(), name); - THROW_ERR_INVALID_ARG_TYPE(env, "%s value must be a key object", *namestr); + THROW_ERR_INVALID_ARG_TYPE( + env, "%s value must be a key object", *namestr); return false; } } else if constexpr (std::is_same::value) { @@ -302,7 +306,8 @@ bool SetOption(Environment* env, (options->*member).emplace_back(item.As()); } else { Utf8Value namestr(env->isolate(), name); - THROW_ERR_INVALID_ARG_TYPE(env, "%s value must be an array buffer", *namestr); + THROW_ERR_INVALID_ARG_TYPE( + env, "%s value must be an array buffer", *namestr); return false; } } @@ -316,7 +321,8 @@ bool SetOption(Environment* env, (options->*member).push_back(handle->Data()); } else { Utf8Value namestr(env->isolate(), name); - THROW_ERR_INVALID_ARG_TYPE(env, "%s value must be a key object", *namestr); + THROW_ERR_INVALID_ARG_TYPE( + env, "%s value must be a key object", *namestr); return false; } } else if constexpr (std::is_same::value) { @@ -326,7 +332,8 @@ bool SetOption(Environment* env, (options->*member).emplace_back(value.As()); } else { Utf8Value namestr(env->isolate(), name); - THROW_ERR_INVALID_ARG_TYPE(env, "%s value must be an array buffer", *namestr); + THROW_ERR_INVALID_ARG_TYPE( + env, "%s value must be an array buffer", *namestr); return false; } } @@ -556,7 +563,9 @@ Maybe TLSContext::Options::From(Environment* env, // We need at least one key and one cert to complete the tls handshake. // Why not make this an error? We could but it's not strictly necessary. env->EmitProcessEnvWarning(); - ProcessEmitWarning(env, "The default QUIC TLS options are being used. " + ProcessEmitWarning( + env, + "The default QUIC TLS options are being used. " "This means there is no key or certificate configured and the " "TLS handshake will fail. This is likely not what you want."); return Just(options); @@ -591,8 +600,10 @@ Maybe TLSContext::Options::From(Environment* env, // Why not make this an error? We could but it's not strictly necessary. if (options.keys.empty() || options.certs.empty()) { env->EmitProcessEnvWarning(); - ProcessEmitWarning(env, "The QUIC TLS options did not include a key or cert. " - "This means the TLS handshake will fail. This is likely not what you want."); + ProcessEmitWarning(env, + "The QUIC TLS options did not include a key or cert. " + "This means the TLS handshake will fail. This is likely " + "not what you want."); } return Just(options);