@@ -1851,166 +1851,6 @@ int picoquic_incoming_0rtt(
18511851 return ret ;
18521852}
18531853
1854- /*
1855- Find path of incoming packet
1856-
1857- A path is defined by a pair of addresses. The path is created by the client
1858- when it learns about a new local or remote address. It is created by the
1859- server when it receives data from a not yet identified address pair.
1860-
1861- We associate a local CID with a path. This is the CID that the peer uses
1862- to send packet. This is a loose association. When a packet is received, the
1863- packet is associated with a path based on the address tuple. If this is a
1864- new tuple, a new path should be created, unless too many paths have been
1865- created already (some heuristics needed there).
1866-
1867- Different scenarios play here:
1868-
1869- - If the incoming CID has not yet been seen, we treat arrival as a
1870- migration attempt and pursue the validation sequence.
1871-
1872- - If this is the same incoming CID as an existing path, we treat it
1873- as an indication of NAT rebinding. We may need some heuristic to
1874- decide whether this is legit or an attack. If this may be legit, we
1875- create a new path and send challenges on both the new and the old path.
1876-
1877- - If this is the same tuple and a different incoming CID, we treat that
1878- as an attempt by the peer to change the CID for privacy reason. On this
1879- event, the server picks a new CID for the path if available. (May need
1880- some safety there, e.g. only pick a new CID if the incoming CID sequence
1881- is higher than the old one.)
1882-
1883- NAT rebinding should only happen if the address was changed in the
1884- network, either by a NAT or by an attacker. NATs are:
1885-
1886- - rare but not unheard of in front of servers
1887-
1888- - rare with IPv6
1889-
1890- - rare if the connection is sustained
1891-
1892- A small problem here is that the QUIC test suite include some pretty
1893- unrealistic NAT rebinding simulations, so we cannot be too strict. In
1894- order to pass the test suites, we will accept the first rebinding
1895- attempt as genuine, and be more picky with the next ones. They may have
1896- to wait until validation timers expire.
1897-
1898- Local CID are kept in a list, and are associated with paths by a reference.
1899- If a local CID is retired, the reference is zeroed. When a new packet arrives
1900- on path with a new CID, the reference is reset.
1901-
1902- If we cannot associate an existing path with a packet and also
1903- cannot create a new path, we treat the packet as arriving on the
1904- default path.
1905- */
1906-
1907- int picoquic_find_incoming_path (picoquic_cnx_t * cnx , picoquic_packet_header * ph ,
1908- struct sockaddr * addr_from ,
1909- struct sockaddr * addr_to ,
1910- int if_index_to ,
1911- uint64_t current_time ,
1912- int * p_path_id ,
1913- int * path_is_not_allocated )
1914- {
1915- int ret = 0 ;
1916- picoquic_path_t * path_x = NULL ;
1917- picoquic_tuple_t * tuple = NULL ;
1918- int path_id = (ph -> l_cid == NULL )?0 :picoquic_find_path_by_unique_id (cnx , ph -> l_cid -> path_id );
1919-
1920- if (path_id < 0 ) {
1921- /* Either this path has not yet been created, or it was already destroyed.
1922- * The packet decryption was successful, which means that the CID is valid,
1923- * but on the server side we might have a "probe".
1924- */
1925- if (cnx -> nb_paths < PICOQUIC_NB_PATH_TARGET &&
1926- (cnx -> quic -> is_port_blocking_disabled || !picoquic_check_addr_blocked (addr_from )) &&
1927- picoquic_create_path (cnx , current_time , addr_to , addr_from , if_index_to , ph -> l_cid -> path_id ) > 0 ) {
1928- /* if we do create a new path, it should have the right path_id. We cannot
1929- * assume that paths will be created in the full order, so that means we may
1930- * have to create "empty" paths in invalid state. Or, more simply,
1931- * create a path and override the unique path id, which should be OK
1932- * as that unique ID does not exist.
1933- * TODO: modify path creation to force path_id, return error if impossible.
1934- */
1935- path_id = cnx -> nb_paths - 1 ;
1936- path_x = cnx -> path [path_id ];
1937-
1938- /* when creating the path, we need to copy the dest CID and chose
1939- * destination CID with the matching path ID.
1940- */
1941- path_x -> first_tuple -> p_local_cnxid = picoquic_find_local_cnxid (cnx , path_x -> unique_path_id , & ph -> dest_cnx_id );
1942- picoquic_assign_peer_cnxid_to_tuple (cnx , path_x , path_x -> first_tuple );
1943- }
1944- }
1945- else
1946- {
1947- path_x = cnx -> path [path_id ];
1948- tuple = path_x -> first_tuple ;
1949-
1950- /* If the local CID is not set, set it */
1951- if (path_x -> first_tuple -> p_local_cnxid == NULL ) {
1952- path_x -> first_tuple -> p_local_cnxid = picoquic_find_local_cnxid (cnx , path_x -> unique_path_id , & ph -> dest_cnx_id );
1953- if (!cnx -> client_mode && cnx -> is_multipath_enabled && path_x -> first_tuple -> challenge_verified ) {
1954- /* If the peer renewed its connection id, the retire connection ID frame may already
1955- * have arrived on a separate path. If the server noticed that, it should also renew
1956- * its "remote path" ID */
1957- (void )picoquic_renew_connection_id (cnx , path_id );
1958- }
1959- }
1960-
1961- /* Treat the special case of the unkown local address, which should only happen
1962- * for clients and for the first tuple. */
1963- if (path_x -> first_tuple -> local_addr .ss_family == AF_UNSPEC ) {
1964- picoquic_store_addr (& cnx -> path [path_id ]-> first_tuple -> local_addr , addr_to );
1965- }
1966-
1967- /* Look for the best match among existing tuples */
1968- while (tuple != NULL ) {
1969- /* If the addresses match, we are good. */
1970- if (picoquic_compare_addr (addr_from , (struct sockaddr * )& tuple -> peer_addr ) == 0 &&
1971- picoquic_compare_addr (addr_to , (struct sockaddr * )& tuple -> local_addr ) == 0 ) {
1972- break ;
1973- }
1974- else
1975- {
1976- tuple = tuple -> next_tuple ;
1977- }
1978- }
1979- if (tuple == NULL ) {
1980- /* If the addresses do not match, we have two possibilities:
1981- * either the creation of a new tuple, or a NAT rebinding on an existing tuple.
1982- * In all cases, we need to create a new tuple. In the NAt rebinding cases, we
1983- * may be a bit more agressive, i.e., immediately promote the new tuple
1984- * as the default.
1985- */
1986-
1987- if (picoquic_check_cid_for_new_tuple (cnx , path_x -> unique_path_id ) == 0 &&
1988- (tuple = picoquic_create_tuple (path_x , addr_to , addr_from , if_index_to )) != NULL ){
1989- if (picoquic_assign_peer_cnxid_to_tuple (cnx , path_x , tuple ) == 0 ) {
1990- picoquic_set_tuple_challenge (tuple , current_time , cnx -> quic -> use_constant_challenges );
1991- tuple -> challenge_required = 1 ;
1992- }
1993- }
1994- /* TODO: clean up in case of failure. */
1995- }
1996- else {
1997- /* If the addresses do match, but the CID do not, we have a case of NAT rebinding.
1998- */
1999- if (tuple == path_x -> first_tuple &&
2000- picoquic_compare_connection_id (& path_x -> first_tuple -> p_local_cnxid -> cnx_id , & ph -> dest_cnx_id ) != 0 ) {
2001- path_x -> first_tuple -> p_local_cnxid = picoquic_find_local_cnxid (cnx , path_x -> unique_path_id , & ph -> dest_cnx_id );
2002- if (cnx -> client_mode == 0 ) {
2003- (void )picoquic_renew_connection_id (cnx , path_id );
2004- }
2005- }
2006- }
2007- }
2008- * p_path_id = path_id ;
2009- cnx -> path [path_id ]-> last_packet_received_at = current_time ;
2010-
2011- return ret ;
2012- }
2013-
20141854
20151855/*
20161856 * ECN Accounting. This is only called if the packet was processed successfully.
0 commit comments