Path: blob/main/crypto/openssl/ssl/quic/quic_rx_depack.c
48261 views
/*1* Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved.2*3* Licensed under the Apache License 2.0 (the "License"). You may not use4* this file except in compliance with the License. You can obtain a copy5* in the file LICENSE in the source distribution or at6* https://www.openssl.org/source/license.html7*/89#include "internal/packet_quic.h"10#include "internal/nelem.h"11#include "internal/quic_wire.h"12#include "internal/quic_record_rx.h"13#include "internal/quic_ackm.h"14#include "internal/quic_rx_depack.h"15#include "internal/quic_error.h"16#include "internal/quic_fc.h"17#include "internal/quic_channel.h"18#include "internal/sockets.h"1920#include "quic_local.h"21#include "quic_channel_local.h"22#include "../ssl_local.h"2324/*25* Helper functions to process different frame types.26*27* Typically, those that are ACK eliciting will take an OSSL_ACKM_RX_PKT28* pointer argument, the few that aren't ACK eliciting will not. This makes29* them a verifiable pattern against tables where this is specified.30*/31static int depack_do_implicit_stream_create(QUIC_CHANNEL *ch,32uint64_t stream_id,33uint64_t frame_type,34QUIC_STREAM **result);3536static int depack_do_frame_padding(PACKET *pkt)37{38/* We ignore this frame */39ossl_quic_wire_decode_padding(pkt);40return 1;41}4243static int depack_do_frame_ping(PACKET *pkt, QUIC_CHANNEL *ch,44uint32_t enc_level,45OSSL_ACKM_RX_PKT *ackm_data)46{47/* We ignore this frame, apart from eliciting an ACK */48if (!ossl_quic_wire_decode_frame_ping(pkt)) {49ossl_quic_channel_raise_protocol_error(ch,50OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,51OSSL_QUIC_FRAME_TYPE_PING,52"decode error");53return 0;54}5556ossl_quic_tx_packetiser_schedule_ack_eliciting(ch->txp, enc_level);57return 1;58}5960static int depack_do_frame_ack(PACKET *pkt, QUIC_CHANNEL *ch,61int packet_space, OSSL_TIME received,62uint64_t frame_type,63OSSL_QRX_PKT *qpacket)64{65OSSL_QUIC_FRAME_ACK ack;66OSSL_QUIC_ACK_RANGE *p;67uint64_t total_ranges = 0;68uint32_t ack_delay_exp = ch->rx_ack_delay_exp;6970if (!ossl_quic_wire_peek_frame_ack_num_ranges(pkt, &total_ranges)71/* In case sizeof(uint64_t) > sizeof(size_t) */72|| total_ranges > SIZE_MAX / sizeof(OSSL_QUIC_ACK_RANGE))73goto malformed;7475if (ch->num_ack_range_scratch < (size_t)total_ranges) {76if ((p = OPENSSL_realloc(ch->ack_range_scratch,77sizeof(OSSL_QUIC_ACK_RANGE)78* (size_t)total_ranges)) == NULL)79goto malformed;8081ch->ack_range_scratch = p;82ch->num_ack_range_scratch = (size_t)total_ranges;83}8485ack.ack_ranges = ch->ack_range_scratch;86ack.num_ack_ranges = (size_t)total_ranges;8788if (!ossl_quic_wire_decode_frame_ack(pkt, ack_delay_exp, &ack, NULL))89goto malformed;9091if (qpacket->hdr->type == QUIC_PKT_TYPE_1RTT92&& (qpacket->key_epoch < ossl_qrx_get_key_epoch(ch->qrx)93|| ch->rxku_expected)94&& ack.ack_ranges[0].end >= ch->txku_pn) {95/*96* RFC 9001 s. 6.2: An endpoint that receives an acknowledgment that is97* carried in a packet protected with old keys where any acknowledged98* packet was protected with newer keys MAY treat that as a connection99* error of type KEY_UPDATE_ERROR.100*101* Two cases to handle here:102*103* - We did spontaneous TXKU, the peer has responded in kind and we104* have detected RXKU; !ch->rxku_expected, but then it sent a packet105* with old keys acknowledging a packet in the new key epoch.106*107* This also covers the case where we got RXKU and triggered108* solicited TXKU, and then for some reason the peer sent an ACK of109* a PN in our new TX key epoch with old keys.110*111* - We did spontaneous TXKU; ch->txku_pn is the starting PN of our112* new TX key epoch; the peer has not initiated a solicited TXKU in113* response (so we have not detected RXKU); in this case the RX key114* epoch has not incremented and ch->rxku_expected is still 1.115*/116ossl_quic_channel_raise_protocol_error(ch,117OSSL_QUIC_ERR_KEY_UPDATE_ERROR,118frame_type,119"acked packet which initiated a "120"key update without a "121"corresponding key update");122return 0;123}124125if (!ossl_ackm_on_rx_ack_frame(ch->ackm, &ack,126packet_space, received))127goto malformed;128129++ch->diag_num_rx_ack;130return 1;131132malformed:133ossl_quic_channel_raise_protocol_error(ch,134OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,135frame_type,136"decode error");137return 0;138}139140static int depack_do_frame_reset_stream(PACKET *pkt,141QUIC_CHANNEL *ch,142OSSL_ACKM_RX_PKT *ackm_data)143{144OSSL_QUIC_FRAME_RESET_STREAM frame_data;145QUIC_STREAM *stream = NULL;146uint64_t fce;147148if (!ossl_quic_wire_decode_frame_reset_stream(pkt, &frame_data)) {149ossl_quic_channel_raise_protocol_error(ch,150OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,151OSSL_QUIC_FRAME_TYPE_RESET_STREAM,152"decode error");153return 0;154}155156if (!depack_do_implicit_stream_create(ch, frame_data.stream_id,157OSSL_QUIC_FRAME_TYPE_RESET_STREAM,158&stream))159return 0; /* error already raised for us */160161if (stream == NULL)162return 1; /* old deleted stream, not a protocol violation, ignore */163164if (!ossl_quic_stream_has_recv(stream)) {165ossl_quic_channel_raise_protocol_error(ch,166OSSL_QUIC_ERR_STREAM_STATE_ERROR,167OSSL_QUIC_FRAME_TYPE_RESET_STREAM,168"RESET_STREAM frame for "169"TX only stream");170return 0;171}172173/*174* The final size field of the RESET_STREAM frame must be used to determine175* how much flow control credit the aborted stream was considered to have176* consumed.177*178* We also need to ensure that if we already have a final size for the179* stream, the RESET_STREAM frame's Final Size field matches this; we SHOULD180* terminate the connection otherwise (RFC 9000 s. 4.5). The RXFC takes care181* of this for us.182*/183if (!ossl_quic_rxfc_on_rx_stream_frame(&stream->rxfc,184frame_data.final_size, /*is_fin=*/1)) {185ossl_quic_channel_raise_protocol_error(ch,186OSSL_QUIC_ERR_INTERNAL_ERROR,187OSSL_QUIC_FRAME_TYPE_RESET_STREAM,188"internal error (flow control)");189return 0;190}191192/* Has a flow control error occurred? */193fce = ossl_quic_rxfc_get_error(&stream->rxfc, 0);194if (fce != OSSL_QUIC_ERR_NO_ERROR) {195ossl_quic_channel_raise_protocol_error(ch,196fce,197OSSL_QUIC_FRAME_TYPE_RESET_STREAM,198"flow control violation");199return 0;200}201202/*203* Depending on the receive part state this is handled either as a reset204* transition or a no-op (e.g. if a reset has already been received before,205* or the application already retired a FIN). Best effort - there are no206* protocol error conditions we need to check for here.207*/208ossl_quic_stream_map_notify_reset_recv_part(&ch->qsm, stream,209frame_data.app_error_code,210frame_data.final_size);211212ossl_quic_stream_map_update_state(&ch->qsm, stream);213return 1;214}215216static int depack_do_frame_stop_sending(PACKET *pkt,217QUIC_CHANNEL *ch,218OSSL_ACKM_RX_PKT *ackm_data)219{220OSSL_QUIC_FRAME_STOP_SENDING frame_data;221QUIC_STREAM *stream = NULL;222223if (!ossl_quic_wire_decode_frame_stop_sending(pkt, &frame_data)) {224ossl_quic_channel_raise_protocol_error(ch,225OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,226OSSL_QUIC_FRAME_TYPE_STOP_SENDING,227"decode error");228return 0;229}230231if (!depack_do_implicit_stream_create(ch, frame_data.stream_id,232OSSL_QUIC_FRAME_TYPE_STOP_SENDING,233&stream))234return 0; /* error already raised for us */235236if (stream == NULL)237return 1; /* old deleted stream, not a protocol violation, ignore */238239if (!ossl_quic_stream_has_send(stream)) {240ossl_quic_channel_raise_protocol_error(ch,241OSSL_QUIC_ERR_STREAM_STATE_ERROR,242OSSL_QUIC_FRAME_TYPE_STOP_SENDING,243"STOP_SENDING frame for "244"RX only stream");245return 0;246}247248stream->peer_stop_sending = 1;249stream->peer_stop_sending_aec = frame_data.app_error_code;250251/*252* RFC 9000 s. 3.5: Receiving a STOP_SENDING frame means we must respond in253* turn with a RESET_STREAM frame for the same part of the stream. The other254* part is unaffected.255*/256ossl_quic_stream_map_reset_stream_send_part(&ch->qsm, stream,257frame_data.app_error_code);258return 1;259}260261static int depack_do_frame_crypto(PACKET *pkt, QUIC_CHANNEL *ch,262OSSL_QRX_PKT *parent_pkt,263OSSL_ACKM_RX_PKT *ackm_data,264uint64_t *datalen)265{266OSSL_QUIC_FRAME_CRYPTO f;267QUIC_RSTREAM *rstream;268QUIC_RXFC *rxfc;269270*datalen = 0;271272if (!ossl_quic_wire_decode_frame_crypto(pkt, 0, &f)) {273ossl_quic_channel_raise_protocol_error(ch,274OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,275OSSL_QUIC_FRAME_TYPE_CRYPTO,276"decode error");277return 0;278}279280if (f.len == 0)281return 1; /* nothing to do */282283rstream = ch->crypto_recv[ackm_data->pkt_space];284if (!ossl_assert(rstream != NULL))285/*286* This should not happen; we should only have a NULL stream here if287* the EL has been discarded, and if the EL has been discarded we288* shouldn't be here.289*/290return 0;291292rxfc = &ch->crypto_rxfc[ackm_data->pkt_space];293294if (!ossl_quic_rxfc_on_rx_stream_frame(rxfc, f.offset + f.len,295/*is_fin=*/0)) {296ossl_quic_channel_raise_protocol_error(ch,297OSSL_QUIC_ERR_INTERNAL_ERROR,298OSSL_QUIC_FRAME_TYPE_CRYPTO,299"internal error (crypto RXFC)");300return 0;301}302303if (ossl_quic_rxfc_get_error(rxfc, 0) != OSSL_QUIC_ERR_NO_ERROR) {304ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED,305OSSL_QUIC_FRAME_TYPE_CRYPTO,306"exceeded maximum crypto buffer");307return 0;308}309310if (!ossl_quic_rstream_queue_data(rstream, parent_pkt,311f.offset, f.data, f.len, 0)) {312ossl_quic_channel_raise_protocol_error(ch,313OSSL_QUIC_ERR_INTERNAL_ERROR,314OSSL_QUIC_FRAME_TYPE_CRYPTO,315"internal error (rstream queue)");316return 0;317}318319ch->did_crypto_frame = 1;320*datalen = f.len;321322return 1;323}324325static int depack_do_frame_new_token(PACKET *pkt, QUIC_CHANNEL *ch,326OSSL_ACKM_RX_PKT *ackm_data)327{328const uint8_t *token;329size_t token_len;330331if (!ossl_quic_wire_decode_frame_new_token(pkt, &token, &token_len)) {332ossl_quic_channel_raise_protocol_error(ch,333OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,334OSSL_QUIC_FRAME_TYPE_NEW_TOKEN,335"decode error");336return 0;337}338339if (token_len == 0) {340/*341* RFC 9000 s. 19.7: "A client MUST treat receipt of a NEW_TOKEN frame342* with an empty Token field as a connection error of type343* FRAME_ENCODING_ERROR."344*/345ossl_quic_channel_raise_protocol_error(ch,346OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,347OSSL_QUIC_FRAME_TYPE_NEW_TOKEN,348"zero-length NEW_TOKEN");349return 0;350}351352/* store the new token in our token cache */353if (!ossl_quic_set_peer_token(ossl_quic_port_get_channel_ctx(ch->port),354&ch->cur_peer_addr, token, token_len))355return 0;356357return 1;358}359360/*361* Returns 1 if no protocol violation has occurred. In this case *result will be362* non-NULL unless this is an old deleted stream and we should ignore the frame363* causing this function to be called. Returns 0 on protocol violation.364*/365static int depack_do_implicit_stream_create(QUIC_CHANNEL *ch,366uint64_t stream_id,367uint64_t frame_type,368QUIC_STREAM **result)369{370QUIC_STREAM *stream;371uint64_t peer_role, stream_ordinal;372uint64_t *p_next_ordinal_local, *p_next_ordinal_remote;373QUIC_RXFC *max_streams_fc;374int is_uni, is_remote_init;375376stream = ossl_quic_stream_map_get_by_id(&ch->qsm, stream_id);377if (stream != NULL) {378*result = stream;379return 1;380}381382/*383* If we do not yet have a stream with the given ID, there are three384* possibilities:385*386* (a) The stream ID is for a remotely-created stream and the peer387* is creating a stream.388*389* (b) The stream ID is for a locally-created stream which has390* previously been deleted.391*392* (c) The stream ID is for a locally-created stream which does393* not exist yet. This is a protocol violation and we must394* terminate the connection in this case.395*396* We distinguish between (b) and (c) using the stream ID allocator397* variable. Since stream ordinals are allocated monotonically, we398* simply determine if the stream ordinal is in the future.399*/400peer_role = ch->is_server401? QUIC_STREAM_INITIATOR_CLIENT402: QUIC_STREAM_INITIATOR_SERVER;403404is_remote_init = ((stream_id & QUIC_STREAM_INITIATOR_MASK) == peer_role);405is_uni = ((stream_id & QUIC_STREAM_DIR_MASK) == QUIC_STREAM_DIR_UNI);406407stream_ordinal = stream_id >> 2;408409if (is_remote_init) {410/*411* Peer-created stream which does not yet exist. Create it. QUIC stream412* ordinals within a given stream type MUST be used in sequence and413* receiving a STREAM frame for ordinal n must implicitly create streams414* with ordinals [0, n) within that stream type even if no explicit415* STREAM frames are received for those ordinals.416*/417p_next_ordinal_remote = is_uni418? &ch->next_remote_stream_ordinal_uni419: &ch->next_remote_stream_ordinal_bidi;420421/* Check this isn't violating stream count flow control. */422max_streams_fc = is_uni423? &ch->max_streams_uni_rxfc424: &ch->max_streams_bidi_rxfc;425426if (!ossl_quic_rxfc_on_rx_stream_frame(max_streams_fc,427stream_ordinal + 1,428/*is_fin=*/0)) {429ossl_quic_channel_raise_protocol_error(ch,430OSSL_QUIC_ERR_INTERNAL_ERROR,431frame_type,432"internal error (stream count RXFC)");433return 0;434}435436if (ossl_quic_rxfc_get_error(max_streams_fc, 0) != OSSL_QUIC_ERR_NO_ERROR) {437ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_STREAM_LIMIT_ERROR,438frame_type,439"exceeded maximum allowed streams");440return 0;441}442443/*444* Create the named stream and any streams coming before it yet to be445* created.446*/447while (*p_next_ordinal_remote <= stream_ordinal) {448uint64_t cur_stream_id = (*p_next_ordinal_remote << 2) |449(stream_id450& (QUIC_STREAM_DIR_MASK | QUIC_STREAM_INITIATOR_MASK));451452stream = ossl_quic_channel_new_stream_remote(ch, cur_stream_id);453if (stream == NULL) {454ossl_quic_channel_raise_protocol_error(ch,455OSSL_QUIC_ERR_INTERNAL_ERROR,456frame_type,457"internal error (stream allocation)");458return 0;459}460461++*p_next_ordinal_remote;462}463464*result = stream;465} else {466/* Locally-created stream which does not yet exist. */467p_next_ordinal_local = is_uni468? &ch->next_local_stream_ordinal_uni469: &ch->next_local_stream_ordinal_bidi;470471if (stream_ordinal >= *p_next_ordinal_local) {472/*473* We never created this stream yet, this is a protocol474* violation.475*/476ossl_quic_channel_raise_protocol_error(ch,477OSSL_QUIC_ERR_STREAM_STATE_ERROR,478frame_type,479"STREAM frame for nonexistent "480"stream");481return 0;482}483484/*485* Otherwise this is for an old locally-initiated stream which we486* have subsequently deleted. Ignore the data; it may simply be a487* retransmission. We already take care of notifying the peer of the488* termination of the stream during the stream deletion lifecycle.489*/490*result = NULL;491}492493return 1;494}495496static int depack_do_frame_stream(PACKET *pkt, QUIC_CHANNEL *ch,497OSSL_QRX_PKT *parent_pkt,498OSSL_ACKM_RX_PKT *ackm_data,499uint64_t frame_type,500uint64_t *datalen)501{502OSSL_QUIC_FRAME_STREAM frame_data;503QUIC_STREAM *stream;504uint64_t fce;505size_t rs_avail;506int rs_fin = 0;507508*datalen = 0;509510if (!ossl_quic_wire_decode_frame_stream(pkt, 0, &frame_data)) {511ossl_quic_channel_raise_protocol_error(ch,512OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,513frame_type,514"decode error");515return 0;516}517518if (!depack_do_implicit_stream_create(ch, frame_data.stream_id,519frame_type, &stream))520return 0; /* protocol error raised by above call */521522if (stream == NULL)523/*524* Data for old stream which is not a protocol violation but should be525* ignored, so stop here.526*/527return 1;528529if (!ossl_quic_stream_has_recv(stream)) {530ossl_quic_channel_raise_protocol_error(ch,531OSSL_QUIC_ERR_STREAM_STATE_ERROR,532frame_type,533"STREAM frame for TX only "534"stream");535return 0;536}537538/* Notify stream flow controller. */539if (!ossl_quic_rxfc_on_rx_stream_frame(&stream->rxfc,540frame_data.offset + frame_data.len,541frame_data.is_fin)) {542ossl_quic_channel_raise_protocol_error(ch,543OSSL_QUIC_ERR_INTERNAL_ERROR,544frame_type,545"internal error (flow control)");546return 0;547}548549/* Has a flow control error occurred? */550fce = ossl_quic_rxfc_get_error(&stream->rxfc, 0);551if (fce != OSSL_QUIC_ERR_NO_ERROR) {552ossl_quic_channel_raise_protocol_error(ch,553fce,554frame_type,555"flow control violation");556return 0;557}558559switch (stream->recv_state) {560case QUIC_RSTREAM_STATE_RECV:561case QUIC_RSTREAM_STATE_SIZE_KNOWN:562/*563* It only makes sense to process incoming STREAM frames in these564* states.565*/566break;567568case QUIC_RSTREAM_STATE_DATA_RECVD:569case QUIC_RSTREAM_STATE_DATA_READ:570case QUIC_RSTREAM_STATE_RESET_RECVD:571case QUIC_RSTREAM_STATE_RESET_READ:572default:573/*574* We have no use for STREAM frames once the receive part reaches any of575* these states, so just ignore.576*/577return 1;578}579580/* If we are in RECV, auto-transition to SIZE_KNOWN on FIN. */581if (frame_data.is_fin582&& !ossl_quic_stream_recv_get_final_size(stream, NULL)) {583584/* State was already checked above, so can't fail. */585ossl_quic_stream_map_notify_size_known_recv_part(&ch->qsm, stream,586frame_data.offset587+ frame_data.len);588}589590/*591* If we requested STOP_SENDING do not bother buffering the data. Note that592* this must happen after RXFC checks above as even if we sent STOP_SENDING593* we must still enforce correct flow control (RFC 9000 s. 3.5).594*/595if (stream->stop_sending)596return 1; /* not an error - packet reordering, etc. */597598/*599* The receive stream buffer may or may not choose to consume the data600* without copying by reffing the OSSL_QRX_PKT. In this case601* ossl_qrx_pkt_release() will be eventually called when the data is no602* longer needed.603*604* It is OK for the peer to send us a zero-length non-FIN STREAM frame,605* which is a no-op, aside from the fact that it ensures the stream exists.606* In this case we have nothing to report to the receive buffer.607*/608if ((frame_data.len > 0 || frame_data.is_fin)609&& !ossl_quic_rstream_queue_data(stream->rstream, parent_pkt,610frame_data.offset,611frame_data.data,612frame_data.len,613frame_data.is_fin)) {614ossl_quic_channel_raise_protocol_error(ch,615OSSL_QUIC_ERR_INTERNAL_ERROR,616frame_type,617"internal error (rstream queue)");618return 0;619}620621/*622* rs_fin will be 1 only if we can read all data up to and including the FIN623* without any gaps before it; this implies we have received all data. Avoid624* calling ossl_quic_rstream_available() where it is not necessary as it is625* more expensive.626*/627if (stream->recv_state == QUIC_RSTREAM_STATE_SIZE_KNOWN628&& !ossl_quic_rstream_available(stream->rstream, &rs_avail, &rs_fin)) {629ossl_quic_channel_raise_protocol_error(ch,630OSSL_QUIC_ERR_INTERNAL_ERROR,631frame_type,632"internal error (rstream available)");633return 0;634}635636if (rs_fin)637ossl_quic_stream_map_notify_totally_received(&ch->qsm, stream);638639*datalen = frame_data.len;640641return 1;642}643644static void update_streams(QUIC_STREAM *s, void *arg)645{646QUIC_CHANNEL *ch = arg;647648ossl_quic_stream_map_update_state(&ch->qsm, s);649}650651static void update_streams_bidi(QUIC_STREAM *s, void *arg)652{653QUIC_CHANNEL *ch = arg;654655if (!ossl_quic_stream_is_bidi(s))656return;657658ossl_quic_stream_map_update_state(&ch->qsm, s);659}660661static void update_streams_uni(QUIC_STREAM *s, void *arg)662{663QUIC_CHANNEL *ch = arg;664665if (ossl_quic_stream_is_bidi(s))666return;667668ossl_quic_stream_map_update_state(&ch->qsm, s);669}670671static int depack_do_frame_max_data(PACKET *pkt, QUIC_CHANNEL *ch,672OSSL_ACKM_RX_PKT *ackm_data)673{674uint64_t max_data = 0;675676if (!ossl_quic_wire_decode_frame_max_data(pkt, &max_data)) {677ossl_quic_channel_raise_protocol_error(ch,678OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,679OSSL_QUIC_FRAME_TYPE_MAX_DATA,680"decode error");681return 0;682}683684ossl_quic_txfc_bump_cwm(&ch->conn_txfc, max_data);685ossl_quic_stream_map_visit(&ch->qsm, update_streams, ch);686return 1;687}688689static int depack_do_frame_max_stream_data(PACKET *pkt,690QUIC_CHANNEL *ch,691OSSL_ACKM_RX_PKT *ackm_data)692{693uint64_t stream_id = 0;694uint64_t max_stream_data = 0;695QUIC_STREAM *stream;696697if (!ossl_quic_wire_decode_frame_max_stream_data(pkt, &stream_id,698&max_stream_data)) {699ossl_quic_channel_raise_protocol_error(ch,700OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,701OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA,702"decode error");703return 0;704}705706if (!depack_do_implicit_stream_create(ch, stream_id,707OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA,708&stream))709return 0; /* error already raised for us */710711if (stream == NULL)712return 1; /* old deleted stream, not a protocol violation, ignore */713714if (!ossl_quic_stream_has_send(stream)) {715ossl_quic_channel_raise_protocol_error(ch,716OSSL_QUIC_ERR_STREAM_STATE_ERROR,717OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA,718"MAX_STREAM_DATA for TX only "719"stream");720return 0;721}722723ossl_quic_txfc_bump_cwm(&stream->txfc, max_stream_data);724ossl_quic_stream_map_update_state(&ch->qsm, stream);725return 1;726}727728static int depack_do_frame_max_streams(PACKET *pkt,729QUIC_CHANNEL *ch,730OSSL_ACKM_RX_PKT *ackm_data,731uint64_t frame_type)732{733uint64_t max_streams = 0;734735if (!ossl_quic_wire_decode_frame_max_streams(pkt, &max_streams)) {736ossl_quic_channel_raise_protocol_error(ch,737OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,738frame_type,739"decode error");740return 0;741}742743if (max_streams > (((uint64_t)1) << 60)) {744ossl_quic_channel_raise_protocol_error(ch,745OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,746frame_type,747"invalid max streams value");748return 0;749}750751switch (frame_type) {752case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI:753if (max_streams > ch->max_local_streams_bidi)754ch->max_local_streams_bidi = max_streams;755756/* Some streams may now be able to send. */757ossl_quic_stream_map_visit(&ch->qsm, update_streams_bidi, ch);758break;759case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI:760if (max_streams > ch->max_local_streams_uni)761ch->max_local_streams_uni = max_streams;762763/* Some streams may now be able to send. */764ossl_quic_stream_map_visit(&ch->qsm, update_streams_uni, ch);765break;766default:767ossl_quic_channel_raise_protocol_error(ch,768OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,769frame_type,770"decode error");771return 0;772}773774return 1;775}776777static int depack_do_frame_data_blocked(PACKET *pkt,778QUIC_CHANNEL *ch,779OSSL_ACKM_RX_PKT *ackm_data)780{781uint64_t max_data = 0;782783if (!ossl_quic_wire_decode_frame_data_blocked(pkt, &max_data)) {784ossl_quic_channel_raise_protocol_error(ch,785OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,786OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED,787"decode error");788return 0;789}790791/* No-op - informative/debugging frame. */792return 1;793}794795static int depack_do_frame_stream_data_blocked(PACKET *pkt,796QUIC_CHANNEL *ch,797OSSL_ACKM_RX_PKT *ackm_data)798{799uint64_t stream_id = 0;800uint64_t max_data = 0;801QUIC_STREAM *stream;802803if (!ossl_quic_wire_decode_frame_stream_data_blocked(pkt, &stream_id,804&max_data)) {805ossl_quic_channel_raise_protocol_error(ch,806OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,807OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED,808"decode error");809return 0;810}811812/*813* This is an informative/debugging frame, so we don't have to do anything,814* but it does trigger stream creation.815*/816if (!depack_do_implicit_stream_create(ch, stream_id,817OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED,818&stream))819return 0; /* error already raised for us */820821if (stream == NULL)822return 1; /* old deleted stream, not a protocol violation, ignore */823824if (!ossl_quic_stream_has_recv(stream)) {825/*826* RFC 9000 s. 19.14: "An endpoint that receives a STREAM_DATA_BLOCKED827* frame for a send-only stream MUST terminate the connection with error828* STREAM_STATE_ERROR."829*/830ossl_quic_channel_raise_protocol_error(ch,831OSSL_QUIC_ERR_STREAM_STATE_ERROR,832OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED,833"STREAM_DATA_BLOCKED frame for "834"TX only stream");835return 0;836}837838/* No-op - informative/debugging frame. */839return 1;840}841842static int depack_do_frame_streams_blocked(PACKET *pkt,843QUIC_CHANNEL *ch,844OSSL_ACKM_RX_PKT *ackm_data,845uint64_t frame_type)846{847uint64_t max_data = 0;848849if (!ossl_quic_wire_decode_frame_streams_blocked(pkt, &max_data)) {850ossl_quic_channel_raise_protocol_error(ch,851OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,852frame_type,853"decode error");854return 0;855}856857if (max_data > (((uint64_t)1) << 60)) {858/*859* RFC 9000 s. 19.14: "This value cannot exceed 2**60, as it is not860* possible to encode stream IDs larger than 2**62 - 1. Receipt of a861* frame that encodes a larger stream ID MUST be treated as a connection862* error of type STREAM_LIMIT_ERROR or FRAME_ENCODING_ERROR."863*/864ossl_quic_channel_raise_protocol_error(ch,865OSSL_QUIC_ERR_STREAM_LIMIT_ERROR,866frame_type,867"invalid stream count limit");868return 0;869}870871/* No-op - informative/debugging frame. */872return 1;873}874875static int depack_do_frame_new_conn_id(PACKET *pkt,876QUIC_CHANNEL *ch,877OSSL_ACKM_RX_PKT *ackm_data)878{879OSSL_QUIC_FRAME_NEW_CONN_ID frame_data;880881if (!ossl_quic_wire_decode_frame_new_conn_id(pkt, &frame_data)) {882ossl_quic_channel_raise_protocol_error(ch,883OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,884OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID,885"decode error");886return 0;887}888889ossl_quic_channel_on_new_conn_id(ch, &frame_data);890891return 1;892}893894static int depack_do_frame_retire_conn_id(PACKET *pkt,895QUIC_CHANNEL *ch,896OSSL_ACKM_RX_PKT *ackm_data)897{898uint64_t seq_num;899900if (!ossl_quic_wire_decode_frame_retire_conn_id(pkt, &seq_num)) {901ossl_quic_channel_raise_protocol_error(ch,902OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,903OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID,904"decode error");905return 0;906}907908/*909* RFC 9000 s. 19.16: "An endpoint cannot send this frame if it was provided910* with a zero-length connection ID by its peer. An endpoint that provides a911* zero-length connection ID MUST treat receipt of a RETIRE_CONNECTION_ID912* frame as a connection error of type PROTOCOL_VIOLATION."913*914* Since we always use a zero-length SCID as a client, there is no case915* where it is valid for a server to send this. Our server support is916* currently non-conformant and for internal testing use; simply handle it917* as a no-op in this case.918*919* TODO(QUIC FUTURE): Revise and implement correctly for server support.920*/921if (!ch->is_server) {922ossl_quic_channel_raise_protocol_error(ch,923OSSL_QUIC_ERR_PROTOCOL_VIOLATION,924OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID,925"conn has zero-length CID");926return 0;927}928929return 1;930}931932static void free_path_response(unsigned char *buf, size_t buf_len, void *arg)933{934OPENSSL_free(buf);935}936937static int depack_do_frame_path_challenge(PACKET *pkt,938QUIC_CHANNEL *ch,939OSSL_ACKM_RX_PKT *ackm_data)940{941uint64_t frame_data = 0;942unsigned char *encoded = NULL;943size_t encoded_len;944WPACKET wpkt;945946if (!ossl_quic_wire_decode_frame_path_challenge(pkt, &frame_data)) {947ossl_quic_channel_raise_protocol_error(ch,948OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,949OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE,950"decode error");951return 0;952}953954/*955* RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint MUST956* respond by echoing the data contained in the PATH_CHALLENGE frame in a957* PATH_RESPONSE frame.958*959* TODO(QUIC FUTURE): We should try to avoid allocation here in the future.960*/961encoded_len = sizeof(uint64_t) + 1;962if ((encoded = OPENSSL_malloc(encoded_len)) == NULL)963goto err;964965if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0))966goto err;967968if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) {969WPACKET_cleanup(&wpkt);970goto err;971}972973WPACKET_finish(&wpkt);974975if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP,976OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE,977QUIC_CFQ_ITEM_FLAG_UNRELIABLE,978encoded, encoded_len,979free_path_response, NULL))980goto err;981982return 1;983984err:985OPENSSL_free(encoded);986ossl_quic_channel_raise_protocol_error(ch, OSSL_QUIC_ERR_INTERNAL_ERROR,987OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE,988"internal error");989return 0;990}991992static int depack_do_frame_path_response(PACKET *pkt,993QUIC_CHANNEL *ch,994OSSL_ACKM_RX_PKT *ackm_data)995{996uint64_t frame_data = 0;997998if (!ossl_quic_wire_decode_frame_path_response(pkt, &frame_data)) {999ossl_quic_channel_raise_protocol_error(ch,1000OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,1001OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE,1002"decode error");1003return 0;1004}10051006/* TODO(QUIC MULTIPATH): ADD CODE to send |frame_data| to the ch manager */10071008return 1;1009}10101011static int depack_do_frame_conn_close(PACKET *pkt, QUIC_CHANNEL *ch,1012uint64_t frame_type)1013{1014OSSL_QUIC_FRAME_CONN_CLOSE frame_data;10151016if (!ossl_quic_wire_decode_frame_conn_close(pkt, &frame_data)) {1017ossl_quic_channel_raise_protocol_error(ch,1018OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,1019frame_type,1020"decode error");1021return 0;1022}10231024ossl_quic_channel_on_remote_conn_close(ch, &frame_data);1025return 1;1026}10271028static int depack_do_frame_handshake_done(PACKET *pkt,1029QUIC_CHANNEL *ch,1030OSSL_ACKM_RX_PKT *ackm_data)1031{1032if (!ossl_quic_wire_decode_frame_handshake_done(pkt)) {1033/* This can fail only with an internal error. */1034ossl_quic_channel_raise_protocol_error(ch,1035OSSL_QUIC_ERR_INTERNAL_ERROR,1036OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE,1037"internal error (decode frame handshake done)");1038return 0;1039}10401041ossl_quic_channel_on_handshake_confirmed(ch);1042return 1;1043}10441045/* Main frame processor */10461047static int depack_process_frames(QUIC_CHANNEL *ch, PACKET *pkt,1048OSSL_QRX_PKT *parent_pkt, uint32_t enc_level,1049OSSL_TIME received, OSSL_ACKM_RX_PKT *ackm_data)1050{1051uint32_t pkt_type = parent_pkt->hdr->type;1052uint32_t packet_space = ossl_quic_enc_level_to_pn_space(enc_level);10531054if (PACKET_remaining(pkt) == 0) {1055/*1056* RFC 9000 s. 12.4: An endpoint MUST treat receipt of a packet1057* containing no frames as a connection error of type1058* PROTOCOL_VIOLATION.1059*/1060ossl_quic_channel_raise_protocol_error(ch,1061OSSL_QUIC_ERR_PROTOCOL_VIOLATION,10620,1063"empty packet payload");1064return 0;1065}10661067while (PACKET_remaining(pkt) > 0) {1068int was_minimal;1069uint64_t frame_type;1070const unsigned char *sof = NULL;1071uint64_t datalen = 0;10721073if (ch->msg_callback != NULL)1074sof = PACKET_data(pkt);10751076if (!ossl_quic_wire_peek_frame_header(pkt, &frame_type, &was_minimal)) {1077ossl_quic_channel_raise_protocol_error(ch,1078OSSL_QUIC_ERR_PROTOCOL_VIOLATION,10790,1080"malformed frame header");1081return 0;1082}10831084if (!was_minimal) {1085ossl_quic_channel_raise_protocol_error(ch,1086OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1087frame_type,1088"non-minimal frame type encoding");1089return 0;1090}10911092/*1093* There are only a few frame types which are not ACK-eliciting. Handle1094* these centrally to make error handling cases more resilient, as we1095* should tell the ACKM about an ACK-eliciting frame even if it was not1096* successfully handled.1097*/1098switch (frame_type) {1099case OSSL_QUIC_FRAME_TYPE_PADDING:1100case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN:1101case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN:1102case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT:1103case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP:1104break;1105default:1106ackm_data->is_ack_eliciting = 1;1107break;1108}11091110switch (frame_type) {1111case OSSL_QUIC_FRAME_TYPE_PING:1112/* Allowed in all packet types */1113if (!depack_do_frame_ping(pkt, ch, enc_level, ackm_data))1114return 0;1115break;1116case OSSL_QUIC_FRAME_TYPE_PADDING:1117/* Allowed in all packet types */1118if (!depack_do_frame_padding(pkt))1119return 0;1120break;11211122case OSSL_QUIC_FRAME_TYPE_ACK_WITHOUT_ECN:1123case OSSL_QUIC_FRAME_TYPE_ACK_WITH_ECN:1124/* ACK frames are valid everywhere except in 0RTT packets */1125if (pkt_type == QUIC_PKT_TYPE_0RTT) {1126ossl_quic_channel_raise_protocol_error(ch,1127OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1128frame_type,1129"ACK not valid in 0-RTT");1130return 0;1131}1132if (!depack_do_frame_ack(pkt, ch, packet_space, received,1133frame_type, parent_pkt))1134return 0;1135break;11361137case OSSL_QUIC_FRAME_TYPE_RESET_STREAM:1138/* RESET_STREAM frames are valid in 0RTT and 1RTT packets */1139if (pkt_type != QUIC_PKT_TYPE_0RTT1140&& pkt_type != QUIC_PKT_TYPE_1RTT) {1141ossl_quic_channel_raise_protocol_error(ch,1142OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1143frame_type,1144"RESET_STREAM not valid in "1145"INITIAL/HANDSHAKE");1146return 0;1147}1148if (!depack_do_frame_reset_stream(pkt, ch, ackm_data))1149return 0;1150break;1151case OSSL_QUIC_FRAME_TYPE_STOP_SENDING:1152/* STOP_SENDING frames are valid in 0RTT and 1RTT packets */1153if (pkt_type != QUIC_PKT_TYPE_0RTT1154&& pkt_type != QUIC_PKT_TYPE_1RTT) {1155ossl_quic_channel_raise_protocol_error(ch,1156OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1157frame_type,1158"STOP_SENDING not valid in "1159"INITIAL/HANDSHAKE");1160return 0;1161}1162if (!depack_do_frame_stop_sending(pkt, ch, ackm_data))1163return 0;1164break;1165case OSSL_QUIC_FRAME_TYPE_CRYPTO:1166/* CRYPTO frames are valid everywhere except in 0RTT packets */1167if (pkt_type == QUIC_PKT_TYPE_0RTT) {1168ossl_quic_channel_raise_protocol_error(ch,1169OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1170frame_type,1171"CRYPTO frame not valid in 0-RTT");1172return 0;1173}1174if (!depack_do_frame_crypto(pkt, ch, parent_pkt, ackm_data, &datalen))1175return 0;1176break;1177case OSSL_QUIC_FRAME_TYPE_NEW_TOKEN:1178/* NEW_TOKEN frames are valid in 1RTT packets */1179if (pkt_type != QUIC_PKT_TYPE_1RTT) {1180ossl_quic_channel_raise_protocol_error(ch,1181OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1182frame_type,1183"NEW_TOKEN valid only in 1-RTT");1184return 0;1185}11861187/*1188* RFC 9000 s. 19.7: "A server MUST treat receipt of a NEW_TOKEN1189* frame as a connection error of type PROTOCOL_VIOLATION."1190*/1191if (ch->is_server) {1192ossl_quic_channel_raise_protocol_error(ch,1193OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1194frame_type,1195"NEW_TOKEN can only be sent by a server");1196return 0;1197}11981199if (!depack_do_frame_new_token(pkt, ch, ackm_data))1200return 0;1201break;12021203case OSSL_QUIC_FRAME_TYPE_STREAM:1204case OSSL_QUIC_FRAME_TYPE_STREAM_FIN:1205case OSSL_QUIC_FRAME_TYPE_STREAM_LEN:1206case OSSL_QUIC_FRAME_TYPE_STREAM_LEN_FIN:1207case OSSL_QUIC_FRAME_TYPE_STREAM_OFF:1208case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_FIN:1209case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN:1210case OSSL_QUIC_FRAME_TYPE_STREAM_OFF_LEN_FIN:1211/* STREAM frames are valid in 0RTT and 1RTT packets */1212if (pkt_type != QUIC_PKT_TYPE_0RTT1213&& pkt_type != QUIC_PKT_TYPE_1RTT) {1214ossl_quic_channel_raise_protocol_error(ch,1215OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1216frame_type,1217"STREAM valid only in 0/1-RTT");1218return 0;1219}1220if (!depack_do_frame_stream(pkt, ch, parent_pkt, ackm_data,1221frame_type, &datalen))1222return 0;1223break;12241225case OSSL_QUIC_FRAME_TYPE_MAX_DATA:1226/* MAX_DATA frames are valid in 0RTT and 1RTT packets */1227if (pkt_type != QUIC_PKT_TYPE_0RTT1228&& pkt_type != QUIC_PKT_TYPE_1RTT) {1229ossl_quic_channel_raise_protocol_error(ch,1230OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1231frame_type,1232"MAX_DATA valid only in 0/1-RTT");1233return 0;1234}1235if (!depack_do_frame_max_data(pkt, ch, ackm_data))1236return 0;1237break;1238case OSSL_QUIC_FRAME_TYPE_MAX_STREAM_DATA:1239/* MAX_STREAM_DATA frames are valid in 0RTT and 1RTT packets */1240if (pkt_type != QUIC_PKT_TYPE_0RTT1241&& pkt_type != QUIC_PKT_TYPE_1RTT) {1242ossl_quic_channel_raise_protocol_error(ch,1243OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1244frame_type,1245"MAX_STREAM_DATA valid only in 0/1-RTT");1246return 0;1247}1248if (!depack_do_frame_max_stream_data(pkt, ch, ackm_data))1249return 0;1250break;12511252case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_BIDI:1253case OSSL_QUIC_FRAME_TYPE_MAX_STREAMS_UNI:1254/* MAX_STREAMS frames are valid in 0RTT and 1RTT packets */1255if (pkt_type != QUIC_PKT_TYPE_0RTT1256&& pkt_type != QUIC_PKT_TYPE_1RTT) {1257ossl_quic_channel_raise_protocol_error(ch,1258OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1259frame_type,1260"MAX_STREAMS valid only in 0/1-RTT");1261return 0;1262}1263if (!depack_do_frame_max_streams(pkt, ch, ackm_data,1264frame_type))1265return 0;1266break;12671268case OSSL_QUIC_FRAME_TYPE_DATA_BLOCKED:1269/* DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */1270if (pkt_type != QUIC_PKT_TYPE_0RTT1271&& pkt_type != QUIC_PKT_TYPE_1RTT) {1272ossl_quic_channel_raise_protocol_error(ch,1273OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1274frame_type,1275"DATA_BLOCKED valid only in 0/1-RTT");1276return 0;1277}1278if (!depack_do_frame_data_blocked(pkt, ch, ackm_data))1279return 0;1280break;1281case OSSL_QUIC_FRAME_TYPE_STREAM_DATA_BLOCKED:1282/* STREAM_DATA_BLOCKED frames are valid in 0RTT and 1RTT packets */1283if (pkt_type != QUIC_PKT_TYPE_0RTT1284&& pkt_type != QUIC_PKT_TYPE_1RTT) {1285ossl_quic_channel_raise_protocol_error(ch,1286OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1287frame_type,1288"STREAM_DATA_BLOCKED valid only in 0/1-RTT");1289return 0;1290}1291if (!depack_do_frame_stream_data_blocked(pkt, ch, ackm_data))1292return 0;1293break;12941295case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_BIDI:1296case OSSL_QUIC_FRAME_TYPE_STREAMS_BLOCKED_UNI:1297/* STREAMS_BLOCKED frames are valid in 0RTT and 1RTT packets */1298if (pkt_type != QUIC_PKT_TYPE_0RTT1299&& pkt_type != QUIC_PKT_TYPE_1RTT) {1300ossl_quic_channel_raise_protocol_error(ch,1301OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1302frame_type,1303"STREAMS valid only in 0/1-RTT");1304return 0;1305}1306if (!depack_do_frame_streams_blocked(pkt, ch, ackm_data,1307frame_type))1308return 0;1309break;13101311case OSSL_QUIC_FRAME_TYPE_NEW_CONN_ID:1312/* NEW_CONN_ID frames are valid in 0RTT and 1RTT packets */1313if (pkt_type != QUIC_PKT_TYPE_0RTT1314&& pkt_type != QUIC_PKT_TYPE_1RTT) {1315ossl_quic_channel_raise_protocol_error(ch,1316OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1317frame_type,1318"NEW_CONN_ID valid only in 0/1-RTT");1319}1320if (!depack_do_frame_new_conn_id(pkt, ch, ackm_data))1321return 0;1322break;1323case OSSL_QUIC_FRAME_TYPE_RETIRE_CONN_ID:1324/* RETIRE_CONN_ID frames are valid in 0RTT and 1RTT packets */1325if (pkt_type != QUIC_PKT_TYPE_0RTT1326&& pkt_type != QUIC_PKT_TYPE_1RTT) {1327ossl_quic_channel_raise_protocol_error(ch,1328OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1329frame_type,1330"RETIRE_CONN_ID valid only in 0/1-RTT");1331return 0;1332}1333if (!depack_do_frame_retire_conn_id(pkt, ch, ackm_data))1334return 0;1335break;1336case OSSL_QUIC_FRAME_TYPE_PATH_CHALLENGE:1337/* PATH_CHALLENGE frames are valid in 0RTT and 1RTT packets */1338if (pkt_type != QUIC_PKT_TYPE_0RTT1339&& pkt_type != QUIC_PKT_TYPE_1RTT) {1340ossl_quic_channel_raise_protocol_error(ch,1341OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1342frame_type,1343"PATH_CHALLENGE valid only in 0/1-RTT");1344return 0;1345}1346if (!depack_do_frame_path_challenge(pkt, ch, ackm_data))1347return 0;13481349break;1350case OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE:1351/* PATH_RESPONSE frames are valid in 1RTT packets */1352if (pkt_type != QUIC_PKT_TYPE_1RTT) {1353ossl_quic_channel_raise_protocol_error(ch,1354OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1355frame_type,1356"PATH_CHALLENGE valid only in 1-RTT");1357return 0;1358}1359if (!depack_do_frame_path_response(pkt, ch, ackm_data))1360return 0;1361break;13621363case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_APP:1364/* CONN_CLOSE_APP frames are valid in 0RTT and 1RTT packets */1365if (pkt_type != QUIC_PKT_TYPE_0RTT1366&& pkt_type != QUIC_PKT_TYPE_1RTT) {1367ossl_quic_channel_raise_protocol_error(ch,1368OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1369frame_type,1370"CONN_CLOSE (APP) valid only in 0/1-RTT");1371return 0;1372}1373/* FALLTHRU */1374case OSSL_QUIC_FRAME_TYPE_CONN_CLOSE_TRANSPORT:1375/* CONN_CLOSE_TRANSPORT frames are valid in all packets */1376if (!depack_do_frame_conn_close(pkt, ch, frame_type))1377return 0;1378break;13791380case OSSL_QUIC_FRAME_TYPE_HANDSHAKE_DONE:1381/* HANDSHAKE_DONE frames are valid in 1RTT packets */1382if (pkt_type != QUIC_PKT_TYPE_1RTT) {1383ossl_quic_channel_raise_protocol_error(ch,1384OSSL_QUIC_ERR_PROTOCOL_VIOLATION,1385frame_type,1386"HANDSHAKE_DONE valid only in 1-RTT");1387return 0;1388}1389if (!depack_do_frame_handshake_done(pkt, ch, ackm_data))1390return 0;1391break;13921393default:1394/* Unknown frame type */1395ossl_quic_channel_raise_protocol_error(ch,1396OSSL_QUIC_ERR_FRAME_ENCODING_ERROR,1397frame_type,1398"Unknown frame type received");1399return 0;1400}14011402if (ch->msg_callback != NULL) {1403int ctype = SSL3_RT_QUIC_FRAME_FULL;14041405size_t framelen = PACKET_data(pkt) - sof;14061407if (frame_type == OSSL_QUIC_FRAME_TYPE_PADDING) {1408ctype = SSL3_RT_QUIC_FRAME_PADDING;1409} else if (OSSL_QUIC_FRAME_TYPE_IS_STREAM(frame_type)1410|| frame_type == OSSL_QUIC_FRAME_TYPE_CRYPTO) {1411ctype = SSL3_RT_QUIC_FRAME_HEADER;1412framelen -= (size_t)datalen;1413}14141415ch->msg_callback(0, OSSL_QUIC1_VERSION, ctype, sof, framelen,1416ch->msg_callback_ssl, ch->msg_callback_arg);1417}1418}14191420return 1;1421}14221423QUIC_NEEDS_LOCK1424int ossl_quic_handle_frames(QUIC_CHANNEL *ch, OSSL_QRX_PKT *qpacket)1425{1426PACKET pkt;1427OSSL_ACKM_RX_PKT ackm_data;1428uint32_t enc_level;1429size_t dgram_len = qpacket->datagram_len;14301431if (ch == NULL)1432return 0;14331434ch->did_crypto_frame = 0;14351436/* Initialize |ackm_data| (and reinitialize |ok|)*/1437memset(&ackm_data, 0, sizeof(ackm_data));1438/*1439* ASSUMPTION: All packets that aren't special case have a1440* packet number.1441*/1442ackm_data.pkt_num = qpacket->pn;1443ackm_data.time = qpacket->time;1444enc_level = ossl_quic_pkt_type_to_enc_level(qpacket->hdr->type);1445if (enc_level >= QUIC_ENC_LEVEL_NUM)1446/*1447* Retry and Version Negotiation packets should not be passed to this1448* function.1449*/1450return 0;14511452ackm_data.pkt_space = ossl_quic_enc_level_to_pn_space(enc_level);14531454/*1455* RFC 9000 s. 8.11456* We can consider the connection to be validated, if we receive a packet1457* from the client protected via handshake keys, meaning that the1458* amplification limit no longer applies (i.e. we can set it as validated.1459* Otherwise, add the size of this packet to the unvalidated credit for1460* the connection.1461*/1462if (enc_level == QUIC_ENC_LEVEL_HANDSHAKE)1463ossl_quic_tx_packetiser_set_validated(ch->txp);1464else1465ossl_quic_tx_packetiser_add_unvalidated_credit(ch->txp, dgram_len);14661467/* Now that special cases are out of the way, parse frames */1468if (!PACKET_buf_init(&pkt, qpacket->hdr->data, qpacket->hdr->len)1469|| !depack_process_frames(ch, &pkt, qpacket,1470enc_level,1471qpacket->time,1472&ackm_data))1473return 0;14741475ossl_ackm_on_rx_packet(ch->ackm, &ackm_data);14761477return 1;1478}147914801481