Skip to content

Commit

Permalink
cspace -> epoch in args and vars
Browse files Browse the repository at this point in the history
  • Loading branch information
@larseggert
larseggert committed Feb 11, 2025
1 parent 227c1bd commit d4df4c1
Show file tree
Hide file tree
Showing 4 changed files with 42 additions and 42 deletions.
32 changes: 16 additions & 16 deletions neqo-transport/src/connection/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1277,9 +1277,9 @@ impl Connection {

/// Process any saved datagrams that might be available for processing.
fn process_saved(&mut self, now: Instant) {
while let Some(cspace) = self.saved_datagrams.available() {
qdebug!("[{self}] process saved for space {cspace:?}");
debug_assert!(self.crypto.states.rx_hp(self.version, cspace).is_some());
while let Some(epoch) = self.saved_datagrams.available() {
qdebug!("[{self}] process saved for epoch {epoch:?}");
debug_assert!(self.crypto.states.rx_hp(self.version, epoch).is_some());
for saved in self.saved_datagrams.take_saved() {
qtrace!("[{self}] input saved @{:?}: {:?}", saved.t, saved.d);
self.input(saved.d, saved.t, now);
Expand All @@ -1292,7 +1292,7 @@ impl Connection {
#[allow(clippy::needless_pass_by_value)] // To consume an owned datagram below.
fn save_datagram(
&mut self,
cspace: Epoch,
epoch: Epoch,
d: Datagram<impl AsRef<[u8]>>,
remaining: usize,
now: Instant,
Expand All @@ -1303,7 +1303,7 @@ impl Connection {
d.tos(),
d[d.len() - remaining..].to_vec(),
);
self.saved_datagrams.save(cspace, d, now);
self.saved_datagrams.save(epoch, d, now);
self.stats.borrow_mut().saved_datagrams += 1;
}

Expand Down Expand Up @@ -1658,22 +1658,22 @@ impl Connection {
}
Err(e) => {
match e {
Error::KeysPending(cspace) => {
Error::KeysPending(epoch) => {
// This packet can't be decrypted because we don't have the keys yet.
// Don't check this packet for a stateless reset, just return.
let remaining = slc_len;
self.save_datagram(cspace, d, remaining, now);
self.save_datagram(epoch, d, remaining, now);
return Ok(());
}
Error::KeysExhausted => {
// Exhausting read keys is fatal.
return Err(e);
}
Error::KeysDiscarded(cspace) => {
Error::KeysDiscarded(epoch) => {
// This was a valid-appearing Initial packet: maybe probe with
// a Handshake packet to keep the handshake moving.
self.received_untracked |=
self.role == Role::Client && cspace == Epoch::Initial;
self.role == Role::Client && epoch == Epoch::Initial;
}
_ => (),
}
Expand Down Expand Up @@ -2060,14 +2060,14 @@ impl Connection {

fn build_packet_header(
path: &Path,
cspace: Epoch,
epoch: Epoch,
encoder: Encoder,
tx: &CryptoDxState,
address_validation: &AddressValidationInfo,
version: Version,
grease_quic_bit: bool,
) -> (PacketType, PacketBuilder) {
let pt = PacketType::from(cspace);
let pt = PacketType::from(epoch);
let mut builder = if pt == PacketType::Short {
qdebug!("Building Short dcid {:?}", path.remote_cid());
PacketBuilder::short(encoder, tx.key_phase(), path.remote_cid())
Expand Down Expand Up @@ -2401,14 +2401,14 @@ impl Connection {
let mut encoder = Encoder::with_capacity(profile.limit());
for space in PacketNumberSpace::iter() {
// Ensure we have tx crypto state for this epoch, or skip it.
let Some((cspace, tx)) = self.crypto.states.select_tx_mut(self.version, *space) else {
let Some((epoch, tx)) = self.crypto.states.select_tx_mut(self.version, *space) else {
continue;
};

let header_start = encoder.len();
let (pt, mut builder) = Self::build_packet_header(
&path.borrow(),
cspace,
epoch,
encoder,
tx,
&self.address_validation,
Expand Down Expand Up @@ -2473,7 +2473,7 @@ impl Connection {
let tx = self
.crypto
.states
.tx_mut(self.version, cspace)
.tx_mut(self.version, epoch)
.ok_or(Error::InternalError)?;
encoder = builder.build(tx)?;
self.crypto.states.auto_update()?;
Expand Down Expand Up @@ -3517,7 +3517,7 @@ impl Connection {
return Err(Error::NotAvailable);
}
let version = self.version();
let Some((cspace, tx)) = self
let Some((epoch, tx)) = self
.crypto
.states
.select_tx(self.version, PacketNumberSpace::ApplicationData)
Expand All @@ -3530,7 +3530,7 @@ impl Connection {

let (_, mut builder) = Self::build_packet_header(
&path.borrow(),
cspace,
epoch,
encoder,
tx,
&self.address_validation,
Expand Down
20 changes: 10 additions & 10 deletions neqo-transport/src/connection/saved.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,16 +29,16 @@ pub struct SavedDatagrams {
}

impl SavedDatagrams {
fn store(&mut self, cspace: Epoch) -> &mut Vec<SavedDatagram> {
match cspace {
fn store(&mut self, epoch: Epoch) -> &mut Vec<SavedDatagram> {
match epoch {
Epoch::Handshake => &mut self.handshake,
Epoch::ApplicationData => &mut self.application_data,
_ => panic!("unexpected space"),
}
}

pub fn save(&mut self, cspace: Epoch, d: Datagram, t: Instant) {
let store = self.store(cspace);
pub fn save(&mut self, epoch: Epoch, d: Datagram, t: Instant) {
let store = self.store(epoch);

if store.len() < MAX_SAVED_DATAGRAMS {
qdebug!("saving datagram of {} bytes", d.len());
Expand All @@ -48,11 +48,11 @@ impl SavedDatagrams {
}
}

pub fn make_available(&mut self, cspace: Epoch) {
debug_assert_ne!(cspace, Epoch::ZeroRtt);
debug_assert_ne!(cspace, Epoch::Initial);
if !self.store(cspace).is_empty() {
self.available = Some(cspace);
pub fn make_available(&mut self, epoch: Epoch) {
debug_assert_ne!(epoch, Epoch::ZeroRtt);
debug_assert_ne!(epoch, Epoch::Initial);
if !self.store(epoch).is_empty() {
self.available = Some(epoch);
}
}

Expand All @@ -63,6 +63,6 @@ impl SavedDatagrams {
pub fn take_saved(&mut self) -> Vec<SavedDatagram> {
self.available
.take()
.map_or_else(Vec::new, |cspace| mem::take(self.store(cspace)))
.map_or_else(Vec::new, |epoch| mem::take(self.store(epoch)))
}
}
18 changes: 9 additions & 9 deletions neqo-transport/src/crypto.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -841,10 +841,10 @@ impl CryptoStates {
pub fn tx_mut<'a>(
&'a mut self,
version: Version,
cspace: Epoch,
epoch: Epoch,
) -> Option<&'a mut CryptoDxState> {
let tx = |k: Option<&'a mut CryptoState>| k.map(|dx| &mut dx.tx);
match cspace {
match epoch {
Epoch::Initial => tx(self.initials.get_mut(&version)),
Epoch::ZeroRtt => self
.zero_rtt
Expand All @@ -855,9 +855,9 @@ impl CryptoStates {
}
}

pub fn tx<'a>(&'a self, version: Version, cspace: Epoch) -> Option<&'a CryptoDxState> {
pub fn tx<'a>(&'a self, version: Version, epoch: Epoch) -> Option<&'a CryptoDxState> {
let tx = |k: Option<&'a CryptoState>| k.map(|dx| &dx.tx);
match cspace {
match epoch {
Epoch::Initial => tx(self.initials.get(&version)),
Epoch::ZeroRtt => self
.zero_rtt
Expand Down Expand Up @@ -887,22 +887,22 @@ impl CryptoStates {
}
}

pub fn rx_hp(&mut self, version: Version, cspace: Epoch) -> Option<&mut CryptoDxState> {
if cspace == Epoch::ApplicationData {
pub fn rx_hp(&mut self, version: Version, epoch: Epoch) -> Option<&mut CryptoDxState> {
if epoch == Epoch::ApplicationData {
self.app_read.as_mut().map(|ar| &mut ar.dx)
} else {
self.rx(version, cspace, false)
self.rx(version, epoch, false)
}
}

pub fn rx<'a>(
&'a mut self,
version: Version,
cspace: Epoch,
epoch: Epoch,
key_phase: bool,
) -> Option<&'a mut CryptoDxState> {
let rx = |x: Option<&'a mut CryptoState>| x.map(|dx| &mut dx.rx);
match cspace {
match epoch {
Epoch::Initial => rx(self.initials.get_mut(&version)),
Epoch::ZeroRtt => self
.zero_rtt
Expand Down
14 changes: 7 additions & 7 deletions neqo-transport/src/packet/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -864,20 +864,20 @@ impl<'a> PublicPacket<'a> {
crypto: &mut CryptoStates,
release_at: Instant,
) -> Res<DecryptedPacket> {
let cspace: Epoch = self.packet_type.into();
let epoch: Epoch = self.packet_type.into();
// When we don't have a version, the crypto code doesn't need a version
// for lookup, so use the default, but fix it up if decryption succeeds.
let version = self.version().unwrap_or_default();
// This has to work in two stages because we need to remove header protection
// before picking the keys to use.
if let Some(rx) = crypto.rx_hp(version, cspace) {
if let Some(rx) = crypto.rx_hp(version, epoch) {
// Note that this will dump early, which creates a side-channel.
// This is OK in this case because we the only reason this can
// fail is if the cryptographic module is bad or the packet is
// too small (which is public information).
let (key_phase, pn, header) = self.decrypt_header(rx)?;
qtrace!("[{rx}] decoded header: {header:?}");
let Some(rx) = crypto.rx(version, cspace, key_phase) else {
let Some(rx) = crypto.rx(version, epoch, key_phase) else {
return Err(Error::DecryptError);
};
let version = rx.version(); // Version fixup; see above.
Expand All @@ -894,11 +894,11 @@ impl<'a> PublicPacket<'a> {
pn,
data: d,
})
} else if crypto.rx_pending(cspace) {
Err(Error::KeysPending(cspace))
} else if crypto.rx_pending(epoch) {
Err(Error::KeysPending(epoch))
} else {
qtrace!("keys for {cspace:?} already discarded");
Err(Error::KeysDiscarded(cspace))
qtrace!("keys for {epoch:?} already discarded");
Err(Error::KeysDiscarded(epoch))
}
}

Expand Down

0 comments on commit d4df4c1

Please sign in to comment.