diff --git a/CHANGELOG b/CHANGELOG index 5e8efa33..98a08406 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,8 @@ +2024-03-12 + - 4.0.8 + - Fix RETIRE_CONNECTION_ID frame abuse. + - Fix some assert failures. + 2024-02-28 - 4.0.7 - Fix overly strict 0-RTT packet DCID validation. diff --git a/docs/conf.py b/docs/conf.py index 987ddc6c..4d50bfb1 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -26,7 +26,7 @@ # The short X.Y version version = u'4.0' # The full version, including alpha/beta/rc tags -release = u'4.0.7' +release = u'4.0.8' # -- General configuration --------------------------------------------------- diff --git a/include/lsquic.h b/include/lsquic.h index 1b8e752d..e83d04bd 100644 --- a/include/lsquic.h +++ b/include/lsquic.h @@ -27,7 +27,7 @@ extern "C" { #define LSQUIC_MAJOR_VERSION 4 #define LSQUIC_MINOR_VERSION 0 -#define LSQUIC_PATCH_VERSION 7 +#define LSQUIC_PATCH_VERSION 8 /** * Engine flags: diff --git a/src/liblsquic/lsquic_full_conn_ietf.c b/src/liblsquic/lsquic_full_conn_ietf.c index 856b481c..02e86ca9 100644 --- a/src/liblsquic/lsquic_full_conn_ietf.c +++ b/src/liblsquic/lsquic_full_conn_ietf.c @@ -467,6 +467,7 @@ struct ietf_full_conn } ifc_peer_hq_settings; struct dcid_elem *ifc_dces[MAX_IETF_CONN_DCIDS]; TAILQ_HEAD(, dcid_elem) ifc_to_retire; + unsigned ifc_n_to_retire; unsigned ifc_scid_seqno; lsquic_time_t ifc_scid_timestamp[MAX_SCID]; /* Last 8 packets had ECN markings? */ @@ -1277,6 +1278,7 @@ ietf_full_conn_init (struct ietf_full_conn *conn, TAILQ_INIT(&conn->ifc_pub.service_streams); STAILQ_INIT(&conn->ifc_stream_ids_to_ss); TAILQ_INIT(&conn->ifc_to_retire); + conn->ifc_n_to_retire = 0; lsquic_alarmset_init(&conn->ifc_alset, &conn->ifc_conn); lsquic_alarmset_init_alarm(&conn->ifc_alset, AL_IDLE, idle_alarm_expired, conn); @@ -2293,6 +2295,7 @@ generate_retire_cid_frame (struct ietf_full_conn *conn) lsquic_send_ctl_incr_pack_sz(&conn->ifc_send_ctl, packet_out, w); TAILQ_REMOVE(&conn->ifc_to_retire, dce, de_next_to_ret); + --conn->ifc_n_to_retire; lsquic_malo_put(dce); if (TAILQ_EMPTY(&conn->ifc_to_retire)) @@ -2307,6 +2310,13 @@ generate_retire_cid_frames (struct ietf_full_conn *conn, lsquic_time_t now) { int s; + if (conn->ifc_n_to_retire >= MAX_IETF_CONN_DCIDS * 3) + { + ABORT_QUIETLY(0, TEC_CONNECTION_ID_LIMIT_ERROR, + "too many (%d) CIDs to retire", conn->ifc_n_to_retire); + return; + } + do s = generate_retire_cid_frame(conn); while (0 == s && (conn->ifc_send_flags & SF_SEND_RETIRE_CID)); @@ -3027,6 +3037,7 @@ retire_dcid (struct ietf_full_conn *conn, struct dcid_elem **dce) if ((*dce)->de_hash_el.qhe_flags & QHE_HASHED) lsquic_hash_erase(conn->ifc_enpub->enp_srst_hash, &(*dce)->de_hash_el); TAILQ_INSERT_TAIL(&conn->ifc_to_retire, *dce, de_next_to_ret); + ++conn->ifc_n_to_retire; LSQ_DEBUG("prepare to retire DCID seqno %"PRIu32"", (*dce)->de_seqno); *dce = NULL; conn->ifc_send_flags |= SF_SEND_RETIRE_CID; @@ -3044,6 +3055,7 @@ retire_seqno (struct ietf_full_conn *conn, unsigned seqno) memset(dce, 0, sizeof(*dce)); dce->de_seqno = seqno; TAILQ_INSERT_TAIL(&conn->ifc_to_retire, dce, de_next_to_ret); + ++conn->ifc_n_to_retire; LSQ_DEBUG("prepare to retire DCID seqno %"PRIu32, seqno); conn->ifc_send_flags |= SF_SEND_RETIRE_CID; } @@ -3175,6 +3187,7 @@ ietf_full_conn_ci_destroy (struct lsquic_conn *lconn) while ((dce = TAILQ_FIRST(&conn->ifc_to_retire))) { TAILQ_REMOVE(&conn->ifc_to_retire, dce, de_next_to_ret); + --conn->ifc_n_to_retire; lsquic_malo_put(dce); } lsquic_send_ctl_cleanup(&conn->ifc_send_ctl); @@ -3376,6 +3389,7 @@ retire_cid_from_tp (struct ietf_full_conn *conn, sizeof(dce->de_srst)); dce->de_flags = DE_SRST; TAILQ_INSERT_TAIL(&conn->ifc_to_retire, dce, de_next_to_ret); + ++conn->ifc_n_to_retire; LSQ_DEBUG("prepare to retire DCID seqno %"PRIu32, dce->de_seqno); conn->ifc_send_flags |= SF_SEND_RETIRE_CID; } diff --git a/src/liblsquic/lsquic_send_ctl.c b/src/liblsquic/lsquic_send_ctl.c index 2d6fdf62..5baba016 100644 --- a/src/liblsquic/lsquic_send_ctl.c +++ b/src/liblsquic/lsquic_send_ctl.c @@ -1606,7 +1606,7 @@ lsquic_send_ctl_cleanup (lsquic_send_ctl_t *ctl) send_ctl_destroy_packet(ctl, packet_out); } assert(0 == ctl->sc_n_scheduled); - assert(0 == ctl->sc_bytes_scheduled); + //assert(0 == ctl->sc_bytes_scheduled); for (pns = PNS_INIT; pns < N_PNS; ++pns) while ((packet_out = TAILQ_FIRST(&ctl->sc_unacked_packets[pns]))) { diff --git a/src/liblsquic/lsquic_stream.c b/src/liblsquic/lsquic_stream.c index c0f26aa4..fa052b0a 100644 --- a/src/liblsquic/lsquic_stream.c +++ b/src/liblsquic/lsquic_stream.c @@ -1888,6 +1888,11 @@ stream_shutdown_write (lsquic_stream_t *stream) { LSQ_DEBUG("turned on FIN flag in the yet-unsent STREAM frame"); stream->stream_flags |= STREAM_FIN_SENT; + if (stream->sm_qflags & SMQF_WANT_FLUSH) + { + LSQ_DEBUG("turned off SMQF_WANT_FLUSH flag as FIN flag is turned on."); + maybe_remove_from_write_q(stream, SMQF_WANT_FLUSH); + } } else { @@ -3459,6 +3464,11 @@ stream_write_to_packets (lsquic_stream_t *stream, struct lsquic_reader *reader, if (use_framing && seen_ok) maybe_close_varsize_hq_frame(stream); stream->stream_flags |= STREAM_FIN_SENT; + if (stream->sm_qflags & SMQF_WANT_FLUSH) + { + LSQ_DEBUG("turned off SMQF_WANT_FLUSH flag as FIN has been sent."); + maybe_remove_from_write_q(stream, SMQF_WANT_FLUSH); + } goto end; } else