Skip to content

Commit 875c94c

Browse files
authored
Merge pull request #399 from Tencent/release/v1.3.0
Release/v1.3.0
2 parents 50ed3c5 + 3d87c37 commit 875c94c

18 files changed

+256
-34
lines changed
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
#!/bin/sh
2+
3+
exec ${OHOS_NDK_HOME}/native/llvm/bin/clang \
4+
-target aarch64-linux-ohos \
5+
--sysroot=${OHOS_NDK_HOME}/native/sysroot \
6+
-D__MUSL__ \
7+
"$@"

.cargo/config.toml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
[target.aarch64-unknown-linux-ohos]
2+
ar = "${OHOS_NDK_HOME}/native/llvm/bin/llvm-ar"
3+
linker = ".cargo/aarch64-unknown-linux-ohos-clang.sh"

.github/workflows/rust.yml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -123,6 +123,30 @@ jobs:
123123
env:
124124
ANDROID_NDK_HOME: ${{ github.workspace }}/android-ndk-r${{ env.NDK_LTS_VER }}
125125

126+
build_harmony:
127+
name: Build for Harmony
128+
runs-on: ubuntu-latest
129+
env:
130+
TARGET: "aarch64-unknown-linux-ohos"
131+
steps:
132+
- uses: actions/checkout@v3
133+
with:
134+
submodules: 'recursive'
135+
- name: Install rust toolchain
136+
run: rustup target add ${{ env.TARGET }}
137+
- name: Download OHOS NDK
138+
run: |
139+
wget https://repo.huaweicloud.com/openharmony/os/4.0-Release/ohos-sdk-windows_linux-public.tar.gz
140+
tar -xvzf ohos-sdk-windows_linux-public.tar.gz
141+
cd ohos-sdk/linux/
142+
unzip -q native-linux-x64-4.0.10.13-Release.zip
143+
- name: Run cargo build
144+
run: |
145+
OHOS_NDK_HOME=${{ github.workspace }}/ohos-sdk/linux/ \
146+
CC_aarch64_unknown_linux_ohos=${OHOS_NDK_HOME}/native/llvm/bin/clang \
147+
AR_aarch64_unknown_linux_ohos=${OHOS_NDK_HOME}/native/llvm/bin/llvm-ar \
148+
cargo build --target ${{ env.TARGET }} --verbose --features ffi --release
149+
126150
static_analysis:
127151
name: Static analysis
128152
runs-on: ubuntu-latest

.github/workflows/tquic-integration.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,4 +23,8 @@ jobs:
2323
run: |
2424
cd tools/tests/
2525
bash ./tquic_tools_test.sh -b ../../target/release/ -t multipath_redundant,multipath_minrtt,multipath_roundrobin -f 1000M -p 5
26+
- name: Run integration tests for disable_1rtt_encryption
27+
run: |
28+
cd tools/tests/
29+
bash ./tquic_tools_test.sh -b ../../target/debug/ -t multipath_roundrobin -c '~~disable-encryption' -s '~~disable-encryption'
2630

CHANGELOG.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
1111
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
1212

1313

14+
## [v1.3.0] - 2024-10-10
15+
16+
### Added
17+
- Support building for HarmonyOS
18+
- Support disable_1rtt_encryption transport parameter
19+
- Support sending 1-RTT packets on the server before handshake completion
20+
- Resolve new issues found by cargo clippy
21+
22+
1423
## [v1.2.0] - 2024-09-26
1524

1625
### Added
@@ -310,6 +319,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
310319
- Provide example clients and servers.
311320

312321

322+
[v1.3.0]: https://github.com/tencent/tquic/compare/v1.2.0...v1.3.0
313323
[v1.2.0]: https://github.com/tencent/tquic/compare/v1.1.0...v1.2.0
314324
[v1.1.0]: https://github.com/tencent/tquic/compare/v1.0.0...v1.1.0
315325
[v1.0.0]: https://github.com/tencent/tquic/compare/v0.15.0...v1.0.0

Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "tquic"
3-
version = "1.2.0"
3+
version = "1.3.0"
44
edition = "2021"
55
rust-version = "1.70.0"
66
license = "Apache-2.0"

include/tquic.h

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -753,6 +753,14 @@ void quic_config_set_zerortt_buffer_size(struct quic_config_t *config, uint16_t
753753
*/
754754
void quic_config_set_max_undecryptable_packets(struct quic_config_t *config, uint16_t v);
755755

756+
/**
757+
* Enable or disable encryption on 1-RTT packets. (Experimental)
758+
* The default value is true.
759+
* WARN: The The disable_1rtt_encryption extension is not meant to be used
760+
* for any practical application protocol on the open internet.
761+
*/
762+
void quic_config_enable_encryption(struct quic_config_t *config, bool v);
763+
756764
/**
757765
* Create a new TlsConfig.
758766
* The caller is responsible for the memory of the TlsConfig and should properly

src/build.rs

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,10 @@ const CMAKE_PARAMS_IOS: &[(&str, &[(&str, &str)])] = &[
5757
),
5858
];
5959

60+
/// Additional parameters for Ohos
61+
const CMAKE_PARAMS_OHOS_NDK: &[(&str, &[(&str, &str)])] =
62+
&[("aarch64", &[("OHOS_ARCH", "arm64-v8a")])];
63+
6064
/// Create a cmake::Config for building BoringSSL.
6165
fn new_boringssl_cmake_config() -> cmake::Config {
6266
let target = std::env::var("TARGET").unwrap();
@@ -101,6 +105,26 @@ fn new_boringssl_cmake_config() -> cmake::Config {
101105
}
102106
}
103107

108+
"linux" => {
109+
if target.ends_with("ohos") {
110+
for (ohos_arch, params) in CMAKE_PARAMS_OHOS_NDK {
111+
if *ohos_arch == arch {
112+
for (name, value) in *params {
113+
boringssl_cmake.define(name, value);
114+
}
115+
break;
116+
}
117+
}
118+
119+
let ohos_ndk_home = std::env::var("OHOS_NDK_HOME")
120+
.expect("Please set OHOS_NDK_HOME for Harmony build");
121+
let ohos_ndk_home = std::path::Path::new(&ohos_ndk_home);
122+
let toolchain_file = ohos_ndk_home.join("native/build/cmake/ohos.toolchain.cmake");
123+
let toolchain_file = toolchain_file.to_str().unwrap();
124+
boringssl_cmake.define("CMAKE_TOOLCHAIN_FILE", toolchain_file);
125+
}
126+
}
127+
104128
_ => (),
105129
};
106130

src/connection/connection.rs

Lines changed: 73 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -527,7 +527,9 @@ impl Connection {
527527
return Ok(read + length);
528528
}
529529
};
530-
packet::decrypt_header(buf, pkt_num_offset, &mut hdr, key).map_err(|_| Error::Done)?;
530+
let is_encryption_disabled = self.is_encryption_disabled(hdr.pkt_type);
531+
packet::decrypt_header(buf, pkt_num_offset, &mut hdr, key, is_encryption_disabled)
532+
.map_err(|_| Error::Done)?;
531533

532534
// Decode packet sequence number
533535
let handshake_confirmed = self.is_confirmed();
@@ -564,9 +566,12 @@ impl Connection {
564566
&hdr,
565567
space,
566568
)?;
567-
let mut payload =
569+
let mut payload = if !is_encryption_disabled {
568570
packet::decrypt_payload(buf, payload_offset, payload_len, cid_seq, pkt_num, key)
569-
.map_err(|_| Error::Done)?;
571+
.map_err(|_| Error::Done)?
572+
} else {
573+
bytes::Bytes::copy_from_slice(&buf[payload_offset..payload_offset + payload_len])
574+
};
570575
if payload.is_empty() {
571576
// An endpoint MUST treat receipt of a packet containing no frames as a connection error
572577
// of type PROTOCOL_VIOLATION.
@@ -1187,6 +1192,15 @@ impl Connection {
11871192
self.events.add(Event::ResetTokenAdvertised(reset_token));
11881193
}
11891194

1195+
// The connection enters disable_1rtt_encryption mode
1196+
if peer_params.disable_encryption && self.local_transport_params.disable_encryption {
1197+
self.flags.insert(DisableEncryption);
1198+
debug!(
1199+
"{} encryption on 1-RTT packets has been negotiated to be disabled",
1200+
self.trace_id
1201+
);
1202+
}
1203+
11901204
self.set_peer_trans_params(peer_params)?;
11911205
self.flags.insert(AppliedPeerTransportParams);
11921206

@@ -1729,16 +1743,20 @@ impl Connection {
17291743
cid_seq = Some(dcid_seq as u32);
17301744
}
17311745

1732-
let written = packet::encrypt_packet(
1733-
out,
1734-
cid_seq,
1735-
pkt_num,
1736-
pkt_num_len,
1737-
payload_len,
1738-
payload_offset,
1739-
None,
1740-
key,
1741-
)?;
1746+
let written = if !self.is_encryption_disabled(hdr.pkt_type) {
1747+
packet::encrypt_packet(
1748+
out,
1749+
cid_seq,
1750+
pkt_num,
1751+
pkt_num_len,
1752+
payload_len,
1753+
payload_offset,
1754+
None,
1755+
key,
1756+
)?
1757+
} else {
1758+
payload_offset + payload_len
1759+
};
17421760

17431761
let sent_pkt = space::SentPacket {
17441762
pkt_type,
@@ -3022,7 +3040,13 @@ impl Connection {
30223040
// If there are sendable, reset, stopped, almost full, blocked streams,
30233041
// or need to update concurrency limits, use the 0RTT/1RTT packet.
30243042
let path = self.paths.get(pid)?;
3025-
if (self.is_established() || self.tls_session.is_in_early_data())
3043+
if (self.is_established()
3044+
// Note: The server's use of 1-RTT keys before the handshake is
3045+
// complete is limited to sending data. BoringSSL will provide 1-RTT
3046+
// write secret until the handshake is complete.
3047+
// See RFC 9001 Section 5.7
3048+
|| self.tls_session.get_keys(Level::OneRTT).seal.is_some()
3049+
|| self.tls_session.is_in_early_data())
30263050
&& (self.need_send_handshake_done_frame()
30273051
|| self.need_send_new_token_frame()
30283052
|| self.local_error.as_ref().map_or(false, |e| e.is_app)
@@ -3299,6 +3323,11 @@ impl Connection {
32993323
Some(idle_timeout)
33003324
}
33013325

3326+
/// Whether encryption on the specified packet type should be disabled
3327+
fn is_encryption_disabled(&self, pkt_type: PacketType) -> bool {
3328+
pkt_type == PacketType::OneRTT && self.flags.contains(DisableEncryption)
3329+
}
3330+
33023331
/// Check whether the connection is a server connection.
33033332
pub fn is_server(&self) -> bool {
33043333
self.is_server
@@ -4366,6 +4395,9 @@ enum ConnectionFlags {
43664395

43674396
/// The multipath extension is successfully negotiated.
43684397
EnableMultipath = 1 << 20,
4398+
4399+
/// The disable_1rtt_encryption is successfully negotiated.
4400+
DisableEncryption = 1 << 21,
43694401
}
43704402

43714403
/// Statistics about a QUIC connection.
@@ -5668,6 +5700,33 @@ pub(crate) mod tests {
56685700
Ok(())
56695701
}
56705702

5703+
#[test]
5704+
fn handshake_with_disable_encryption_negotiated() -> Result<()> {
5705+
let cases = [
5706+
// The items in each case are as following:
5707+
// - client disable_encryption
5708+
// - server disable_encryption
5709+
// - disable_encryption negotiation result
5710+
//(true, false, false),
5711+
//(false,false, false),
5712+
//(false, true, false),
5713+
(true, true, true),
5714+
];
5715+
for case in cases {
5716+
let mut client_config = TestPair::new_test_config(false)?;
5717+
client_config.enable_encryption(!case.0);
5718+
let mut server_config = TestPair::new_test_config(true)?;
5719+
server_config.enable_encryption(!case.1);
5720+
5721+
let mut test_pair = TestPair::new(&mut client_config, &mut server_config)?;
5722+
assert_eq!(test_pair.handshake(), Ok(()));
5723+
assert_eq!(test_pair.client.flags.contains(DisableEncryption), case.2);
5724+
assert_eq!(test_pair.server.flags.contains(DisableEncryption), case.2);
5725+
}
5726+
5727+
Ok(())
5728+
}
5729+
56715730
#[test]
56725731
fn max_datagram_size() -> Result<()> {
56735732
let mut client_config = TestPair::new_test_config(false)?;

src/endpoint.rs

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2719,6 +2719,26 @@ mod tests {
27192719
Ok(())
27202720
}
27212721

2722+
#[test]
2723+
fn transfer_single_stream_disable_encryption() -> Result<()> {
2724+
let mut t = TestPair::new();
2725+
2726+
let mut cli_conf = TestPair::new_test_config(false)?;
2727+
cli_conf.enable_encryption(false);
2728+
let mut srv_conf = TestPair::new_test_config(true)?;
2729+
srv_conf.enable_encryption(false);
2730+
2731+
let mut case_conf = CaseConf::default();
2732+
case_conf.session = Some(TestPair::new_test_session_state());
2733+
case_conf.client_0rtt_expected = true;
2734+
case_conf.resumption_expected = true;
2735+
case_conf.request_num = 1;
2736+
case_conf.request_size = 1024 * 16;
2737+
2738+
t.run(cli_conf, srv_conf, case_conf)?;
2739+
Ok(())
2740+
}
2741+
27222742
#[test]
27232743
fn transfer_multi_stream_normal() -> Result<()> {
27242744
let mut t = TestPair::new();

0 commit comments

Comments
 (0)