blob: bfc8cdf5c98371777635428260b83fe7f9c18bcf [file] [log] [blame]
// Copyright 2019 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "quiche/quic/masque/masque_server_session.h"
#include <netdb.h>
#include <cstddef>
#include <limits>
#include "absl/strings/str_cat.h"
#include "absl/strings/str_split.h"
#include "absl/strings/string_view.h"
#include "absl/types/optional.h"
#include "quiche/quic/core/http/spdy_utils.h"
#include "quiche/quic/core/quic_data_reader.h"
#include "quiche/quic/core/quic_udp_socket.h"
#include "quiche/quic/tools/quic_url.h"
#include "quiche/common/platform/api/quiche_url_utils.h"
namespace quic {
namespace {
// RAII wrapper for QuicUdpSocketFd.
class FdWrapper {
public:
// Takes ownership of |fd| and closes the file descriptor on destruction.
explicit FdWrapper(int address_family) {
QuicUdpSocketApi socket_api;
fd_ =
socket_api.Create(address_family,
/*receive_buffer_size =*/kDefaultSocketReceiveBuffer,
/*send_buffer_size =*/kDefaultSocketReceiveBuffer);
}
~FdWrapper() {
if (fd_ == kQuicInvalidSocketFd) {
return;
}
QuicUdpSocketApi socket_api;
socket_api.Destroy(fd_);
}
// Hands ownership of the file descriptor to the caller.
QuicUdpSocketFd extract_fd() {
QuicUdpSocketFd fd = fd_;
fd_ = kQuicInvalidSocketFd;
return fd;
}
// Keeps ownership of the file descriptor.
QuicUdpSocketFd fd() { return fd_; }
// Disallow copy and move.
FdWrapper(const FdWrapper&) = delete;
FdWrapper(FdWrapper&&) = delete;
FdWrapper& operator=(const FdWrapper&) = delete;
FdWrapper& operator=(FdWrapper&&) = delete;
private:
QuicUdpSocketFd fd_;
};
std::unique_ptr<QuicBackendResponse> CreateBackendErrorResponse(
absl::string_view status, absl::string_view error_details) {
spdy::Http2HeaderBlock response_headers;
response_headers[":status"] = status;
response_headers["masque-debug-info"] = error_details;
auto response = std::make_unique<QuicBackendResponse>();
response->set_response_type(QuicBackendResponse::REGULAR_RESPONSE);
response->set_headers(std::move(response_headers));
return response;
}
} // namespace
MasqueServerSession::MasqueServerSession(
MasqueMode masque_mode, const QuicConfig& config,
const ParsedQuicVersionVector& supported_versions,
QuicConnection* connection, QuicSession::Visitor* visitor,
QuicEpollServer* epoll_server, QuicCryptoServerStreamBase::Helper* helper,
const QuicCryptoServerConfig* crypto_config,
QuicCompressedCertsCache* compressed_certs_cache,
MasqueServerBackend* masque_server_backend)
: QuicSimpleServerSession(config, supported_versions, connection, visitor,
helper, crypto_config, compressed_certs_cache,
masque_server_backend),
masque_server_backend_(masque_server_backend),
epoll_server_(epoll_server),
masque_mode_(masque_mode) {
// Artificially increase the max packet length to 1350 to ensure we can fit
// QUIC packets inside DATAGRAM frames.
// TODO(b/181606597) Remove this workaround once we use PMTUD.
connection->SetMaxPacketLength(kDefaultMaxPacketSize);
masque_server_backend_->RegisterBackendClient(connection_id(), this);
QUICHE_DCHECK_NE(epoll_server_, nullptr);
}
void MasqueServerSession::OnMessageAcked(QuicMessageId message_id,
QuicTime /*receive_timestamp*/) {
QUIC_DVLOG(1) << "Received ack for DATAGRAM frame " << message_id;
}
void MasqueServerSession::OnMessageLost(QuicMessageId message_id) {
QUIC_DVLOG(1) << "We believe DATAGRAM frame " << message_id << " was lost";
}
void MasqueServerSession::OnConnectionClosed(
const QuicConnectionCloseFrame& frame, ConnectionCloseSource source) {
QuicSimpleServerSession::OnConnectionClosed(frame, source);
QUIC_DLOG(INFO) << "Closing connection for " << connection_id();
masque_server_backend_->RemoveBackendClient(connection_id());
// Clearing this state will close all sockets.
connect_udp_server_states_.clear();
}
void MasqueServerSession::OnStreamClosed(QuicStreamId stream_id) {
connect_udp_server_states_.remove_if(
[stream_id](const ConnectUdpServerState& connect_udp) {
return connect_udp.stream()->id() == stream_id;
});
QuicSimpleServerSession::OnStreamClosed(stream_id);
}
std::unique_ptr<QuicBackendResponse> MasqueServerSession::HandleMasqueRequest(
const spdy::Http2HeaderBlock& request_headers,
QuicSimpleServerBackend::RequestHandler* request_handler) {
auto path_pair = request_headers.find(":path");
auto scheme_pair = request_headers.find(":scheme");
auto method_pair = request_headers.find(":method");
auto protocol_pair = request_headers.find(":protocol");
auto authority_pair = request_headers.find(":authority");
if (path_pair == request_headers.end()) {
QUIC_DLOG(ERROR) << "MASQUE request is missing :path";
return CreateBackendErrorResponse("400", "Missing :path");
}
if (scheme_pair == request_headers.end()) {
QUIC_DLOG(ERROR) << "MASQUE request is missing :scheme";
return CreateBackendErrorResponse("400", "Missing :scheme");
}
if (method_pair == request_headers.end()) {
QUIC_DLOG(ERROR) << "MASQUE request is missing :method";
return CreateBackendErrorResponse("400", "Missing :method");
}
if (protocol_pair == request_headers.end()) {
QUIC_DLOG(ERROR) << "MASQUE request is missing :protocol";
return CreateBackendErrorResponse("400", "Missing :protocol");
}
if (authority_pair == request_headers.end()) {
QUIC_DLOG(ERROR) << "MASQUE request is missing :authority";
return CreateBackendErrorResponse("400", "Missing :authority");
}
absl::string_view path = path_pair->second;
absl::string_view scheme = scheme_pair->second;
absl::string_view method = method_pair->second;
absl::string_view protocol = protocol_pair->second;
absl::string_view authority = authority_pair->second;
if (path.empty()) {
QUIC_DLOG(ERROR) << "MASQUE request with empty path";
return CreateBackendErrorResponse("400", "Empty path");
}
if (scheme.empty()) {
return CreateBackendErrorResponse("400", "Empty scheme");
}
if (method != "CONNECT") {
QUIC_DLOG(ERROR) << "MASQUE request with bad method \"" << method << "\"";
return CreateBackendErrorResponse("400", "Bad method");
}
if (protocol != "connect-udp") {
QUIC_DLOG(ERROR) << "MASQUE request with bad protocol \"" << protocol
<< "\"";
return CreateBackendErrorResponse("400", "Bad protocol");
}
// Extract target host and port from path using default template.
std::vector<absl::string_view> path_split = absl::StrSplit(path, '/');
if (path_split.size() != 4 || !path_split[0].empty() ||
path_split[1].empty() || path_split[2].empty() ||
!path_split[3].empty()) {
QUIC_DLOG(ERROR) << "MASQUE request with bad path \"" << path << "\"";
return CreateBackendErrorResponse("400", "Bad path");
}
absl::optional<std::string> host = quiche::AsciiUrlDecode(path_split[1]);
if (!host.has_value()) {
QUIC_DLOG(ERROR) << "Failed to decode host \"" << path_split[1] << "\"";
return CreateBackendErrorResponse("500", "Failed to decode host");
}
absl::optional<std::string> port = quiche::AsciiUrlDecode(path_split[2]);
if (!port.has_value()) {
QUIC_DLOG(ERROR) << "Failed to decode port \"" << path_split[2] << "\"";
return CreateBackendErrorResponse("500", "Failed to decode port");
}
// Perform DNS resolution.
addrinfo hint = {};
hint.ai_protocol = IPPROTO_UDP;
addrinfo* info_list = nullptr;
int result = getaddrinfo(host.value().c_str(), port.value().c_str(), &hint,
&info_list);
if (result != 0 || info_list == nullptr) {
QUIC_DLOG(ERROR) << "Failed to resolve " << authority << ": "
<< gai_strerror(result);
return CreateBackendErrorResponse("500", "DNS resolution failed");
}
std::unique_ptr<addrinfo, void (*)(addrinfo*)> info_list_owned(info_list,
freeaddrinfo);
QuicSocketAddress target_server_address(info_list->ai_addr,
info_list->ai_addrlen);
QUIC_DLOG(INFO) << "Got CONNECT_UDP request on stream ID "
<< request_handler->stream_id() << " target_server_address=\""
<< target_server_address << "\"";
FdWrapper fd_wrapper(target_server_address.host().AddressFamilyToInt());
if (fd_wrapper.fd() == kQuicInvalidSocketFd) {
QUIC_DLOG(ERROR) << "Socket creation failed";
return CreateBackendErrorResponse("500", "Socket creation failed");
}
QuicSocketAddress empty_address(QuicIpAddress::Any6(), 0);
if (target_server_address.host().IsIPv4()) {
empty_address = QuicSocketAddress(QuicIpAddress::Any4(), 0);
}
QuicUdpSocketApi socket_api;
if (!socket_api.Bind(fd_wrapper.fd(), empty_address)) {
QUIC_DLOG(ERROR) << "Socket bind failed";
return CreateBackendErrorResponse("500", "Socket bind failed");
}
epoll_server_->RegisterFDForRead(fd_wrapper.fd(), this);
QuicSpdyStream* stream =
static_cast<QuicSpdyStream*>(GetActiveStream(request_handler->stream_id()));
if (stream == nullptr) {
QUIC_BUG(bad masque server stream type)
<< "Unexpected stream type for stream ID "
<< request_handler->stream_id();
return CreateBackendErrorResponse("500", "Bad stream type");
}
connect_udp_server_states_.push_back(ConnectUdpServerState(
stream, target_server_address, fd_wrapper.extract_fd(), this));
spdy::Http2HeaderBlock response_headers;
response_headers[":status"] = "200";
auto response = std::make_unique<QuicBackendResponse>();
response->set_response_type(QuicBackendResponse::INCOMPLETE_RESPONSE);
response->set_headers(std::move(response_headers));
response->set_body("");
return response;
}
void MasqueServerSession::OnRegistration(QuicEpollServer* /*eps*/,
QuicUdpSocketFd fd, int event_mask) {
QUIC_DVLOG(1) << "OnRegistration " << fd << " event_mask " << event_mask;
}
void MasqueServerSession::OnModification(QuicUdpSocketFd fd, int event_mask) {
QUIC_DVLOG(1) << "OnModification " << fd << " event_mask " << event_mask;
}
void MasqueServerSession::OnEvent(QuicUdpSocketFd fd, QuicEpollEvent* event) {
if ((event->in_events & EPOLLIN) == 0) {
QUIC_DVLOG(1) << "Ignoring OnEvent fd " << fd << " event mask "
<< event->in_events;
return;
}
auto it = absl::c_find_if(connect_udp_server_states_,
[fd](const ConnectUdpServerState& connect_udp) {
return connect_udp.fd() == fd;
});
if (it == connect_udp_server_states_.end()) {
QUIC_BUG(quic_bug_10974_1) << "Got unexpected event mask "
<< event->in_events << " on unknown fd " << fd;
return;
}
QuicSocketAddress expected_target_server_address =
it->target_server_address();
QUICHE_DCHECK(expected_target_server_address.IsInitialized());
QUIC_DVLOG(1) << "Received readable event on fd " << fd << " (mask "
<< event->in_events << ") stream ID " << it->stream()->id()
<< " server " << expected_target_server_address;
QuicUdpSocketApi socket_api;
BitMask64 packet_info_interested(QuicUdpPacketInfoBit::PEER_ADDRESS);
char packet_buffer[kMaxIncomingPacketSize];
char control_buffer[kDefaultUdpPacketControlBufferSize];
while (true) {
QuicUdpSocketApi::ReadPacketResult read_result;
read_result.packet_buffer = {packet_buffer, sizeof(packet_buffer)};
read_result.control_buffer = {control_buffer, sizeof(control_buffer)};
socket_api.ReadPacket(fd, packet_info_interested, &read_result);
if (!read_result.ok) {
// Most likely there is nothing left to read, break out of read loop.
break;
}
if (!read_result.packet_info.HasValue(QuicUdpPacketInfoBit::PEER_ADDRESS)) {
QUIC_BUG(quic_bug_10974_2)
<< "Missing peer address when reading from fd " << fd;
continue;
}
if (read_result.packet_info.peer_address() !=
expected_target_server_address) {
QUIC_DLOG(ERROR) << "Ignoring UDP packet on fd " << fd
<< " from unexpected server address "
<< read_result.packet_info.peer_address()
<< " (expected " << expected_target_server_address
<< ")";
continue;
}
if (!connection()->connected()) {
QUIC_BUG(quic_bug_10974_3)
<< "Unexpected incoming UDP packet on fd " << fd << " from "
<< expected_target_server_address
<< " because MASQUE connection is closed";
return;
}
// The packet is valid, send it to the client in a DATAGRAM frame.
MessageStatus message_status = it->stream()->SendHttp3Datagram(
absl::string_view(read_result.packet_buffer.buffer,
read_result.packet_buffer.buffer_len));
QUIC_DVLOG(1) << "Sent UDP packet from " << expected_target_server_address
<< " of length " << read_result.packet_buffer.buffer_len
<< " with stream ID " << it->stream()->id()
<< " and got message status "
<< MessageStatusToString(message_status);
}
}
void MasqueServerSession::OnUnregistration(QuicUdpSocketFd fd, bool replaced) {
QUIC_DVLOG(1) << "OnUnregistration " << fd << " " << (replaced ? "" : "!")
<< " replaced";
}
void MasqueServerSession::OnShutdown(QuicEpollServer* /*eps*/,
QuicUdpSocketFd fd) {
QUIC_DVLOG(1) << "OnShutdown " << fd;
}
std::string MasqueServerSession::Name() const {
return std::string("MasqueServerSession-") + connection_id().ToString();
}
bool MasqueServerSession::OnSettingsFrame(const SettingsFrame& frame) {
QUIC_DLOG(INFO) << "Received SETTINGS: " << frame;
if (!QuicSimpleServerSession::OnSettingsFrame(frame)) {
return false;
}
if (!SupportsH3Datagram()) {
QUIC_DLOG(ERROR) << "Refusing to use MASQUE without HTTP Datagrams";
return false;
}
QUIC_DLOG(INFO) << "Using HTTP Datagram: " << http_datagram_support();
return true;
}
MasqueServerSession::ConnectUdpServerState::ConnectUdpServerState(
QuicSpdyStream* stream, const QuicSocketAddress& target_server_address,
QuicUdpSocketFd fd, MasqueServerSession* masque_session)
: stream_(stream),
target_server_address_(target_server_address),
fd_(fd),
masque_session_(masque_session) {
QUICHE_DCHECK_NE(fd_, kQuicInvalidSocketFd);
QUICHE_DCHECK_NE(masque_session_, nullptr);
this->stream()->RegisterHttp3DatagramVisitor(this);
}
MasqueServerSession::ConnectUdpServerState::~ConnectUdpServerState() {
if (stream() != nullptr) {
stream()->UnregisterHttp3DatagramVisitor();
}
if (fd_ == kQuicInvalidSocketFd) {
return;
}
QuicUdpSocketApi socket_api;
QUIC_DLOG(INFO) << "Closing fd " << fd_;
masque_session_->epoll_server()->UnregisterFD(fd_);
socket_api.Destroy(fd_);
}
MasqueServerSession::ConnectUdpServerState::ConnectUdpServerState(
MasqueServerSession::ConnectUdpServerState&& other) {
fd_ = kQuicInvalidSocketFd;
*this = std::move(other);
}
MasqueServerSession::ConnectUdpServerState&
MasqueServerSession::ConnectUdpServerState::operator=(
MasqueServerSession::ConnectUdpServerState&& other) {
if (fd_ != kQuicInvalidSocketFd) {
QuicUdpSocketApi socket_api;
QUIC_DLOG(INFO) << "Closing fd " << fd_;
masque_session_->epoll_server()->UnregisterFD(fd_);
socket_api.Destroy(fd_);
}
stream_ = other.stream_;
other.stream_ = nullptr;
target_server_address_ = other.target_server_address_;
fd_ = other.fd_;
masque_session_ = other.masque_session_;
other.fd_ = kQuicInvalidSocketFd;
if (stream() != nullptr) {
stream()->ReplaceHttp3DatagramVisitor(this);
}
return *this;
}
void MasqueServerSession::ConnectUdpServerState::OnHttp3Datagram(
QuicStreamId stream_id, absl::string_view payload) {
QUICHE_DCHECK_EQ(stream_id, stream()->id());
QuicUdpSocketApi socket_api;
QuicUdpPacketInfo packet_info;
packet_info.SetPeerAddress(target_server_address_);
WriteResult write_result = socket_api.WritePacket(
fd_, payload.data(), payload.length(), packet_info);
QUIC_DVLOG(1) << "Wrote packet of length " << payload.length() << " to "
<< target_server_address_ << " with result " << write_result;
}
} // namespace quic