Sync Latest - 12/6/19 (#27)

- miTLS support (Windows)
- Tools fixes
- Tests fixes

Author: nibanks

.azure/run_linux.sh .azure/test_linux.sh.azure/run_linux.sh renamed to .azure/test_linux.sh

@@ -13,6 +13,7 @@ cd artifacts/dumps
 
 # Run the tests.
 ../bin/msquictest \
+    --gtest_filter=$1 \
     --gtest_output=xml:../logs/linux-test-results.xml
 
 # Copy logs to log folder (with correct permsissions).

.azure/run_windows.cmd .azure/test_windows.cmd.azure/run_windows.cmd renamed to .azure/test_windows.cmd

@@ -1,6 +1,12 @@
 
 :: Install ProcDump if not already installed.
-PowerShell test\get_procdump.ps1
+PowerShell .azure\get_procdump.ps1
+
+:: Enable SChannel TLS 1.3 for client and server.
+reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Server" /v DisabledByDefault /t REG_DWORD /d 1 /f
+reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Server" /v Enabled /t REG_DWORD /d 1 /f
+reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client" /v DisabledByDefault /t REG_DWORD /d 1 /f
+reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client" /v Enabled /t REG_DWORD /d 1 /f
 
 :: Start ProcDump
 mkdir artifacts\dumps
@@ -19,6 +25,7 @@ netsh trace start sessionname=quic ^
 
 :: Run the tests.
 artifacts\bin\Release\msquictest.exe ^
+    --gtest_filter=%1 ^
     --gtest_output=xml:artifacts\logs\windows-test-results.xml
 
 :: Stop log collection.

.gitmodules

@@ -5,3 +5,7 @@
 	path = submodules/openssl
 	url = https://github.com/tatsuhiro-t/openssl.git
 	branch = openssl-quic-draft-24
+[submodule "submodules/everest"]
+	path = submodules/everest
+	url = https://github.com/nibanks/everest-dist.git
+	branch = pr/msquic

CMakeLists.txt

@@ -100,6 +100,8 @@ else()
     set(QUIC_CXX_FLAGS "${QUIC_COMMON_FLAGS} --std=c++17 -g -Wno-reorder -Wno-sign-compare -Wno-format")
 endif()
 
+include_directories(${CMAKE_SOURCE_DIR}/inc)
+
 if(QUIC_TLS STREQUAL "openssl")
     # Configure and build OpenSSL.
     add_custom_command(
@@ -116,7 +118,13 @@ if(QUIC_TLS STREQUAL "openssl")
         DEPENDS ${CMAKE_SOURCE_DIR}/bld/openssl/lib/libssl.so)
 endif()
 
-include_directories(${CMAKE_SOURCE_DIR}/inc)
+if (QUIC_TLS STREQUAL "mitls")
+    # Build Everest.
+    add_subdirectory(submodules/everest/msquic/msvc/kremlib)
+    add_subdirectory(submodules/everest/msquic/msvc/evercrypt)
+    add_subdirectory(submodules/everest/msquic/msvc/mitls)
+    add_subdirectory(submodules/everest/msquic/msvc/quiccrypto)
+endif()
 
 # Product code
 add_subdirectory(core)

azure-pipelines.yml

@@ -10,22 +10,32 @@ strategy:
       platform: 'Linux-Stub'
       imageName: 'ubuntu-latest'
       cmakeArgs: '-g ''Linux Makefiles'' -DQUIC_TLS=stub -DQUIC_ENABLE_LOGGING=off'
-      testCmd: 'bash ./.azure/run_linux.sh'
+      testCmd: 'bash ./.azure/test_linux.sh ''*'''
+    linux-stub-sanitize:
+      platform: 'Linux-Stub-Sanitize'
+      imageName: 'ubuntu-latest'
+      cmakeArgs: '-g ''Linux Makefiles'' -DQUIC_TLS=stub -DQUIC_ENABLE_LOGGING=off -DQUIC_SANITIZE_ADDRESS=on'
+      testCmd: 'bash ./.azure/test_linux.sh AppData/WithSendArgs2.SendLarge/0'
     linux-openssl:
       platform: 'Linux-OpenSSL'
       imageName: 'ubuntu-latest'
       cmakeArgs: '-g ''Linux Makefiles'' -DQUIC_TLS=openssl -DQUIC_ENABLE_LOGGING=off'
-      testCmd: 'bash ./.azure/run_linux.sh'
+      testCmd: 'bash ./.azure/test_linux.sh ''*'''
     windows-x64-stub:
       platform: 'Windows-x64-Stub'
       imageName: 'windows-latest'
       cmakeArgs: '-g ''Visual Studio 16 2019'' -A x64 -DQUIC_TLS=stub'
-      testCmd: '.\.azure\run_windows.cmd'
+      testCmd: '.\.azure\test_windows.cmd *'
+    windows-x64-mitls:
+      platform: 'Windows-x64-miTLS'
+      imageName: 'windows-latest'
+      cmakeArgs: '-g ''Visual Studio 16 2019'' -A x64 -DQUIC_TLS=mitls'
+      testCmd: '.\.azure\test_windows.cmd *'
     windows-x64-schannel:
       platform: 'Windows-x64-Schannel'
       imageName: 'windows-latest'
       cmakeArgs: '-g ''Visual Studio 16 2019'' -A x64 -DQUIC_TLS=schannel'
-      testCmd: 'echo Not supported yet'
+      testCmd: '.\.azure\test_windows.cmd ParameterValidation.*'
 
 pool:
   vmImage: $(imageName)

docs/BUILD.md

@@ -44,7 +44,7 @@ reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\S
 - To decode the `quic.etl` file, run **TODO**
 
 ## Building on Linux (or [WSL](https://docs.microsoft.com/en-us/windows/wsl/wsl2-install))
-- Install tooling (WSL2 or Ubuntu)
+- Install tooling
     - `sudo apt-get install cmake`
     - `sudo apt-get install build-essentials`
 - Run `mkdir bld && cd bld`

inc/quic_trace.h

@@ -374,9 +374,8 @@ QuicSysLogWrite(
     QUIC_WRITE_EVENT(QUIC_TRACE_LEVEL_ERROR, "[ tls][%p] ERROR, %s", Connection, ErrStr)
 #define EventWriteQuicTlsErrorStatus(Connection, Status, ErrStr) \
     QUIC_WRITE_EVENT(QUIC_TRACE_LEVEL_ERROR, "[ tls][%p] ERROR, %u, %s", Connection, Status, ErrStr)
-
-#define EventWriteMiTLSTrace(Message) \
-    QUIC_WRITE_EVENT(QUIC_TRACE_LEVEL_ERROR, "[mitls] %s", Message)
+#define EventWriteQuicTlsMessage(Connection, Message) \
+    QUIC_WRITE_EVENT(QUIC_TRACE_LEVEL_VERBOSE, "[ tls][%p] %s", Connection, Message)
 
 #define EventWriteQuicDatapathSendTo(Binding, TotalSize, BufferCount, SegmentSize, RemoteAddrLen, RemoteAddr) \
     QUIC_WRITE_EVENT(QUIC_TRACE_LEVEL_VERBOSE, "[ udp][%p] Send %u bytes in %u buffers (segment=%u) Dst=TODO", Binding, TotalSize, BufferCount, SegmentSize)

manifest/MsQuicEtw.man

@@ -732,6 +732,16 @@
                 name="Connection"
                 />
           </template>
+          <template tid="tid_CONN_MESSAGE">
+            <data
+                inType="win:Pointer"
+                name="Connection"
+                />
+            <data
+                inType="win:AnsiString"
+                name="Message"
+                />
+          </template>
           <template tid="tid_CONN_UINT32">
             <data
                 inType="win:Pointer"
@@ -2539,11 +2549,11 @@
           <event
               keywords="ut:TLS"
               level="win:Verbose"
-              message="$(string.Etw.miTLS)"
+              message="$(string.Etw.TlsMessage)"
               opcode="win:Info"
-              symbol="MiTLSTrace"
-              template="tid_MESSAGE"
-              value="9215"
+              symbol="QuicTlsMessage"
+              template="tid_CONN_MESSAGE"
+              value="8194"
               />
           <!-- 9216 - 10239 | Datapath Events -->
           <event
@@ -3093,8 +3103,8 @@
             value="[ tls][%1] ERROR, %2, %3."
             />
         <string
-            id="Etw.miTLS"
-            value="[mitls] %1"
+            id="Etw.TlsMessage"
+            value="[ tls] %1"
             />
         <string
             id="Etw.DatapathSendTo"

platform/CMakeLists.txt

@@ -28,6 +28,7 @@ elseif(QUIC_TLS STREQUAL "openssl")
 elseif(QUIC_TLS STREQUAL "mitls")
     message(STATUS "Configuring for miTLS")
     set(SOURCES ${SOURCES} cert_capi.c selfsign_capi.c tls_mitls.c)
+    include_directories(${CMAKE_SOURCE_DIR}/submodules/everest/msquic/msvc/include)
 else()
     message(STATUS "Configuring for stub TLS")
     set(SOURCES ${SOURCES} cert_stub.c selfsign_stub.c tls_stub.c)
@@ -46,4 +47,6 @@ if(QUIC_TLS STREQUAL "openssl")
     target_link_libraries(platform
         ${CMAKE_SOURCE_DIR}/bld/openssl/lib/libcrypto.so
         ${CMAKE_SOURCE_DIR}/bld/openssl/lib/libssl.so)
+elseif(QUIC_TLS STREQUAL "mitls")
+    target_link_libraries(platform kremlib evercrypt mitls quiccrypto)
 endif()

platform/platform_internal.h

@@ -53,6 +53,9 @@ typedef struct QUIC_PLATFORM {
 #include <ws2tcpip.h>
 #include <mswsock.h>
 #include <mstcpip.h>
+#if DBG
+#include <crtdbg.h>
+#endif
 
 #define QUIC_BASE_REG_PATH "System\\CurrentControlSet\\Services\\MsQuic\\Parameters\\"