Tags: alibaba/xquic
Tags
[~] fix issue #717: validate all RFC 9000 Section 7.4.1 transport par… …ameters for 0-RTT (#792) * [~] fix issue #717: validate all RFC 9000 Section 7.4.1 transport parameters for 0-RTT RFC 9000 Section 7.4.1 requires that when a client attempts 0-RTT, the server MUST NOT reduce 7 specific transport parameters below the remembered values. Only max_datagram_frame_size was checked, leaving core flow-control and stream-limit parameters unvalidated. Add validation for all 7 MUST parameters in xqc_conn_tls_transport_params_cb, guarded by conn_type == CLIENT && HAS_0RTT. Add WARN-level logging for 3 SHOULD parameters. Persist active_connection_id_limit in session ticket storage so the comparison uses the actual remembered value. * [~] fix 0-RTT transport param validation: check early_data accepted, unify error codes Address review feedback on the 0-RTT transport parameter validation: 1. Guard condition: add xqc_tls_is_early_data_accepted() check so the validation only fires when the server actually accepted 0-RTT. Previously the guard checked HAS_0RTT (attempted), which would incorrectly reject servers that legitimately reduced params after rejecting 0-RTT. 2. Error codes: unify all 8 parameter checks to use TRA_0RTT_TRANS_PARAMS_ERROR so xqc_conn_should_clear_0rtt_ticket() matches and clears the cached session ticket, preventing reconnection loops. 3. Fix log format specifier for max_datagram_frame_size: %ud -> %ui with (uint64_t) cast to match the other 7 checks. 4. Add 5 new unit tests: individual reduction tests for the 4 remaining MUST parameters, plus a test that verifies parameter reduction is allowed when 0-RTT is rejected. * [+] add e2e case tests for RFC 9000 Section 7.4.1 0-RTT transport param validation test 700: server reduces max_streams_bidi after first connection; client detects the reduction on 0-RTT resumption and closes with TRANSPORT_PARAMETER_ERROR (0x0E). test 701: server restarts with reduced params so the session ticket is invalid; client's 0-RTT is rejected and the param validation is skipped, verifying the connection succeeds despite the reduction. * [~] fix 0-RTT validation: restore max_datagram_frame_size reduction check The RFC 9000 Section 7.4.1 validation refactor accidentally removed the existing max_datagram_frame_size reduction check (RFC 9221). Restore it inside the unified 0-RTT validation block and add a corresponding unit test. Fixes CI regressions: - 0RTT max_datagram_frame_size is invalid - check_clear_0rtt_ticket_flag_in_close_notify (x3) * [~] trim redundant 0-RTT unit tests, keep 3 representative cases Remove 10 per-parameter reduction tests that all exercise the same if (X < Y) pattern. Keep: all_equal (positive baseline), all_increased (positive), initial_max_data_reduced (negative). The 2 e2e case tests (700/701) cover real-world behavior. * [~] replace single-param reduction test with loop covering all 8 fields One test function iterates each MUST parameter (7 from RFC 9000 Section 7.4.1 + max_datagram_frame_size), reducing it individually and verifying TRA_0RTT_TRANS_PARAMS_ERROR is triggered. * [~] rename case test IDs to 701/702 to avoid collision with existing 700 ID 700 is already used by FEC frame_type_bit and crypto_error tests on main. Move 0-RTT param validation e2e tests to 701/702.
[!] fix bugs and building error on ubuntu and macOS, add initial rtt (#… …407) [-] deprecate XQC_NO_PID_PACKET_PROCESS; [=] optimize connection transport parameters; [!] fix CC frame packet error; [+] add initial_rtt; [!] fix loss, retransmission, and spurious loss counting; [!] optimize 0-RTT sending; [!] add protection for zero-length header value; [=] reduce http3 body read notify; [!] retransmit PING frame sent by app layer; [!] fix building boringssl on ubuntu and macOS;
PreviousNext