ngtcp2 / ngtcp2 Goto Github PK

View Code? Open in Web Editor NEW

1.1K 70.0 228.0 13.18 MB

ngtcp2 project is an effort to implement IETF QUIC protocol

Home Page: https://nghttp2.org/ngtcp2/

License: MIT License

Makefile 0.87% M4 2.10% C 93.09% Shell 0.32% CMake 2.36% Dockerfile 0.21% C++ 1.05%

quic udp networking protocol c rfc9000 rfc9001 rfc9002 rfc9221 rfc9287

ngtcp2's Introduction

ngtcp2

"Call it TCP/2. One More Time."

ngtcp2 project is an effort to implement RFC9000 QUIC protocol.

Documentation

Online documentation is available.

Public test server

The following endpoints are available to try out ngtcp2 implementation:

https://nghttp2.org:4433
https://nghttp2.org:4434 (requires address validation token)
https://nghttp2.org (powered by nghttpx)

This endpoints sends Alt-Svc header field to clients if it is accessed via HTTP/1.1 or HTTP/2 to tell them that HTTP/3 is available at UDP 443.

Requirements

The libngtcp2 C library itself does not depend on any external libraries. The example client, and server are written in C++20, and should compile with the modern C++ compilers (e.g., clang >= 11.0, or gcc >= 11.0).

The following packages are required to configure the build system:

pkg-config >= 0.20
autoconf
automake
autotools-dev
libtool

To build sources under the examples directory, libev and nghttp3 are required:

libev
nghttp3 for HTTP/3

To enable TLS Certificate Compression in bsslclient and bsslserver (BoringSSL (aws-lc) examples client and server), the following library is required:

libbrotli-dev >= 1.0.9

ngtcp2 crypto helper library, and client and server under examples directory require at least one of the following TLS backends:

quictls
GnuTLS >= 3.7.5
BoringSSL (commit a220a6024f66c123019b5c080f6bd8bcaf75448c); or aws-lc >= 1.19.0
Picotls (commit 096fc5c2ab4db1c4e0adcfdd4e75b8ee2dcc7c99)
wolfSSL >= 5.5.0

Before building from git

When build from git, run the following command to pull submodules:

$ git submodule update --init

Build with wolfSSL

$ git clone --depth 1 -b v5.7.0-stable https://github.com/wolfSSL/wolfssl
$ cd wolfssl
$ autoreconf -i
$ # For wolfSSL < v5.6.6, append --enable-quic.
$ ./configure --prefix=$PWD/build \
    --enable-all --enable-aesni --enable-harden --enable-keylog-export \
    --disable-ech
$ make -j$(nproc)
$ make install
$ cd ..
$ git clone --recursive https://github.com/ngtcp2/nghttp3
$ cd nghttp3
$ autoreconf -i
$ ./configure --prefix=$PWD/build --enable-lib-only
$ make -j$(nproc) check
$ make install
$ cd ..
$ git clone --recursive https://github.com/ngtcp2/ngtcp2
$ cd ngtcp2
$ autoreconf -i
$ # For Mac users who have installed libev with MacPorts, append
$ # LIBEV_CFLAGS="-I/opt/local/include" LIBEV_LIBS="-L/opt/local/lib -lev"
$ ./configure PKG_CONFIG_PATH=$PWD/../wolfssl/build/lib/pkgconfig:$PWD/../nghttp3/build/lib/pkgconfig \
    --with-wolfssl
$ make -j$(nproc) check

Build with BoringSSL

$ git clone https://boringssl.googlesource.com/boringssl
$ cd boringssl
$ git checkout a220a6024f66c123019b5c080f6bd8bcaf75448c
$ cmake -B build -DCMAKE_POSITION_INDEPENDENT_CODE=ON
$ make -j$(nproc) -C build
$ cd ..
$ git clone --recursive https://github.com/ngtcp2/nghttp3
$ cd nghttp3
$ autoreconf -i
$ ./configure --prefix=$PWD/build --enable-lib-only
$ make -j$(nproc) check
$ make install
$ cd ..
$ git clone --recursive  https://github.com/ngtcp2/ngtcp2
$ cd ngtcp2
$ autoreconf -i
$ # For Mac users who have installed libev with MacPorts, append
$ # LIBEV_CFLAGS="-I/opt/local/include" LIBEV_LIBS="-L/opt/local/lib -lev"
$ ./configure PKG_CONFIG_PATH=$PWD/../nghttp3/build/lib/pkgconfig \
    BORINGSSL_LIBS="-L$PWD/../boringssl/build/ssl -lssl -L$PWD/../boringssl/build/crypto -lcrypto" \
    BORINGSSL_CFLAGS="-I$PWD/../boringssl/include" \
    --with-boringssl
$ make -j$(nproc) check

Build with aws-lc

$ git clone --depth 1 -b v1.29.0 https://github.com/aws/aws-lc
$ cd aws-lc
$ cmake -B build -DDISABLE_GO=ON
$ make -j$(nproc) -C build
$ cd ..
$ git clone --recursive https://github.com/ngtcp2/nghttp3
$ cd nghttp3
$ autoreconf -i
$ ./configure --prefix=$PWD/build --enable-lib-only
$ make -j$(nproc) check
$ make install
$ cd ..
$ git clone --recursive  https://github.com/ngtcp2/ngtcp2
$ cd ngtcp2
$ autoreconf -i
$ # For Mac users who have installed libev with MacPorts, append
$ # LIBEV_CFLAGS="-I/opt/local/include" LIBEV_LIBS="-L/opt/local/lib -lev"
$ ./configure PKG_CONFIG_PATH=$PWD/../nghttp3/build/lib/pkgconfig \
    BORINGSSL_CFLAGS="-I$PWD/../aws-lc/include" \
    BORINGSSL_LIBS="-L$PWD/../aws-lc/build/ssl -lssl -L$PWD/../aws-lc/build/crypto -lcrypto" \
    --with-boringssl
$ make -j$(nproc) check

Client/Server

After successful build, the client and server executable should be found under examples directory. They talk HTTP/3.

Client

$ examples/wsslclient [OPTIONS] <HOST> <PORT> [<URI>...]

The notable options are:

-d, --data=<PATH>: Read data from <PATH> and send it to a peer.

Server

$ examples/wsslserver [OPTIONS] <ADDR> <PORT> <PRIVATE_KEY_FILE> <CERTIFICATE_FILE>

The notable options are:

-V, --validate-addr: Enforce stateless address validation.

H09wsslclient/H09wsslserver

There are h09wsslclient and h09wsslserver which speak HTTP/0.9. They are written just for quic-interop-runner. They share the basic functionalities with HTTP/3 client and server but have less functions (e.g., h09wsslclient does not have a capability to send request body, and h09wsslserver does not understand numeric request path, like /1000).

Resumption and 0-RTT

In order to resume a session, a session ticket, and a transport parameters must be fetched from server. First, run examples/wsslclient with --session-file, and --tp-file options which specify a path to session ticket, and transport parameter files respectively to save them locally.

Once these files are available, run examples/wsslclient with the same arguments again. You will see that session is resumed in your log if resumption succeeds. Resuming session makes server's first Handshake packet pretty small because it does not send its certificates.

To send 0-RTT data, after making sure that resumption works, use -d option to specify a file which contains data to send.

Token (Not something included in Retry packet)

QUIC server might send a token to client after connection has been established. Client can send this token in subsequent connection to the server. Server verifies the token and if it succeeds, the address validation completes and lifts some restrictions on server which might speed up transfer. In order to save and/or load a token, use --token-file option of examples/wsslclient. The given file is overwritten if it already exists when storing a token.

Crypto helper library

In order to make TLS stack integration less painful, we provide a crypto helper library which offers the basic crypto operations.

The header file exists under crypto/includes/ngtcp2 directory.

Each library file is built for a particular TLS backend. The available crypto helper libraries are:

libngtcp2_crypto_quictls: Use quictls as TLS backend
libngtcp2_crypto_gnutls: Use GnuTLS as TLS backend
libngtcp2_crypto_boringssl: Use BoringSSL and aws-lc as TLS backend
libngtcp2_crypto_picotls: Use Picotls as TLS backend
libngtcp2_crypto_wolfssl: Use wolfSSL as TLS backend

Because BoringSSL and Picotls are an unversioned product, we only tested their particular revision. See Requirements section above.

We use Picotls with OpenSSL as crypto backend.

The examples directory contains client and server that are linked to those crypto helper libraries and TLS backends. They are only built if their corresponding crypto helper library is built:

qtlsclient: quictls client
qtlsserver: quictls server
gtlsclient: GnuTLS client
gtlsserver: GnuTLS server
bsslclient: BoringSSL(aws-lc) client
bsslserver: BoringSSL(aws-lc) server
ptlsclient: Picotls client
ptlsserver: Picotls server
wsslclient: wolfSSL client
wsslserver: wolfSSL server

QUIC protocol extensions

The library implements the following QUIC protocol extensions:

Configuring Wireshark for QUIC

Wireshark can be configured to analyze QUIC traffic using the following steps:

Set SSLKEYLOGFILE environment variable:
```
$ export SSLKEYLOGFILE=quic_keylog_file
```
Set the port that QUIC uses

Go to Preferences->Protocols->QUIC and set the port the program listens to. In the case of the example application this would be the port specified on the command line.
Set Pre-Master-Secret logfile

Go to Preferences->Protocols->TLS and set the Pre-Master-Secret log file to the same value that was specified for SSLKEYLOGFILE.
Choose the correct network interface for capturing

Make sure you choose the correct network interface for capturing. For example, if using localhost choose the loopback network interface on macos.
Create a filter

Create A filter for the udp.port and set the port to the port the application is listening to. For example:
```
udp.port == 7777
```

License

The MIT License

ngtcp2's People

Stargazers

Watchers

Forkers

alagoutte liexusong nickfajones keizo042 guozi058 zizhong chixsh lekensteyn vinothchandar zhangjinde rissam ytxing ruiqian scw00 woshimaliang yangxiangnan xingkailiang davidjwbbc mypopydev kevin-kp cloudflare gracchus163 feiwei9696 piscator conqeratapple keycodinggood 1045917067 ksmurchison lingtaonju zuobeixing chriszeng87 cerestong bansheegun guozhulang orf53975 baiwyc119 eweyulu danbev jwinarske jblazquez arcstatic jasnell swinsey ken1no fishgege evagld keycodingpace sunc-cn weiterlin aneesh-joshi schatzm amirlivneh jalmeida85 hy05190134 jayce lnicco oesh leezhenghui vdedyukhin bagder nktelnet ares2013 macge elviswoo spideylinux yuanbo-zhang rupeshtech kiyolee feiyunwill samhurst acidburn0zzz aniketh01 amajeed1 ansasaki addaleax ueno minhkstn 7thtool forestmo garywangcn qyynuaa yangfei812 emamatcyber90 wangzhengzh gengjiawen kulsk yyu4 haproxyfred neo-zk s-you wlfsihua talasunitish freddrickk akheon23 simonasmulevicius xjaksyt2008 m0rcq janev94 msiva21 jinho10

ngtcp2's Issues

client crash

I compiled the latest master against https://github.com/tatsuhiro-t/openssl.git(quic-draft-13) and encountered the following crash when starting the example client. Pls take a look.

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff76363a5 in OPENSSL_sk_num () from /data/web_server/project/ats/lib/libcrypto.so.1.1
(gdb) bt
#0 0x00007ffff76363a5 in OPENSSL_sk_num () from /data/web_server/project/ats/lib/libcrypto.so.1.1
#1 0x00007ffff7971dd9 in tls_construct_ctos_use_srtp () from /data/web_server/project/ats/lib/libssl.so.1.1
#2 0x00007ffff7970983 in tls_construct_extensions () from /data/web_server/project/ats/lib/libssl.so.1.1
#3 0x00007ffff797a8ee in tls_construct_client_hello () from /data/web_server/project/ats/lib/libssl.so.1.1
#4 0x00007ffff7979807 in state_machine () from /data/web_server/project/ats/lib/libssl.so.1.1
#5 0x00007ffff7965f40 in SSL_do_handshake () from /data/web_server/project/ats/lib/libssl.so.1.1
#6 0x00000000004096da in Client::tls_handshake(bool) ()
#7 0x0000000000408027 in (anonymous namespace)::client_initial(ngtcp2_conn*, void*) ()
#8 0x00007ffff7bc86f3 in conn_write_client_initial (ts=1534491610446095104, require_padding=1, destlen=, dest=0x65a6d0 "", conn=0x65cc10)
at ngtcp2_conn.c:1486
#9 conn_handshake (conn=0x65cc10, dest=0x65a6d0 "", destlen=, pkt=0x0, pktlen=, require_padding=1, ts=1534491610446095104)
at ngtcp2_conn.c:4311
#10 0x00007ffff7bc8a5d in ngtcp2_conn_handshake (conn=, dest=, destlen=, pkt=,
pktlen=, ts=) at ngtcp2_conn.c:4518
#11 0x0000000000409ba8 in Client::do_handshake_once(unsigned char const*, unsigned long) ()
#12 0x000000000040cb9c in (anonymous namespace)::run(Client&, char const*, char const*) ()
#13 0x000000000040d31a in main ()

Questions about ngtcp2 design issues

rcs.loss_detection_timer is not updated in some cases

When a client connects to a server at first time(no session file used), client rcs.loss_detection_timer may be not update correctly when receiving server packets.

Running client issues

Hi,
I'm considering ngtcp2 library to be used for my final year college project. I'm trying to implement DNS/QUIC. I'm just starting my project, so I tried to run the code for the first time. ran both client and server executables under examples folder. The issue is that when I run the client I get the following error message:
"TLS handshake error: error:141E70BF:SSL routines:tls_construct_client_hello:no protocols available
ngtcp2_conn_write_pkt: ERR_CALLBACK_FAILURE
ngtcp2_conn_write_connection_close: ERR_INVALID_STATE
ngtcp2_conn_write_connection_close: ERR_INVALID_STATE"

If you can please point me to right direction, it would be really appreciated. Thanks.

-- Wessam Gholam

is it ok to use in android and ios?

memory leak

diff --git a/lib/ngtcp2_conn.c b/lib/ngtcp2_conn.c
index 945626a..7a5f7b2 100644
--- a/lib/ngtcp2_conn.c
+++ b/lib/ngtcp2_conn.c
@@ -199,6 +199,13 @@ static void pktns_free(ngtcp2_pktns *pktns, ngtcp2_mem *mem) {
   ngtcp2_crypto_km_del(pktns->rx_ckm, mem);
   ngtcp2_crypto_km_del(pktns->tx_ckm, mem);
 
+  while (!ngtcp2_pq_empty(&pktns->cryptofrq)) {
+    ngtcp2_crypto_frame_chain *frc =
+      ngtcp2_struct_of(ngtcp2_pq_top(&pktns->cryptofrq), ngtcp2_crypto_frame_chain, pe);
+    ngtcp2_pq_pop(&pktns->cryptofrq);
+    ngtcp2_crypto_frame_chain_del(frc, mem);
+  }
+
   ngtcp2_pq_free(&pktns->cryptofrq);
   ngtcp2_rtb_free(&pktns->rtb);
   ngtcp2_acktr_free(&pktns->acktr);

assert failed at ngtcp2_conn.c: 840

assert(fr->offset + datalen < nfr->offset);
branch: draft-15

Lost max_xxx_data frame

Tested ngtcp2 in 20 % loss env.

There are some issues

Rtt we measured is too large (force to send ack frame for two full-size packet, as developed spec says, can fix that. But I didn't find the root cause).
max_xxx_data may lost that will cause peer blocked and hardly to recover since the subsequent packets are ack-only packets(I try to combine ack frame and max_xxx_data frame into one pkt and it works well).

Leave this issue here, and will push some psr on this weekend.

Re-write the mechanism to send ACK for acknowledged packets

The current implementation is not efficient, and not robust.

ngtcp2 bypass openssl record layer and implement it itself

I'm deploying ngtcp2 and running the c/s examples. I found ngtcp2 integrated with a modified openssl (described in IETF TLS). therefore we failed to use a dynamic link official openssl (it is bad)
as i know google quic is developing gquic implementing both the openssl record layer and the handshake layer by itself, so is it possible for us to that like google's , because we don't want to use " IETF draft defined openssl" at this moment.

http part of QUIC

Hi, maintainers

Has ngtcp2 implemented the http part of protocol, or it implements transport part only and we can implements http/ftp over it?

core dump

ngtcp2_ksl.c:455: ngtcp2_ksl_remove: Assertion `i < blk->n' failed.
Aborted (core dumped)

Does conn_write_handshake_ack_pkt need to be called always after handshake ack packet sent and handshake complete？

Hi tatsuhiro-t-san,
1.Question：
i run perf to check the event of ngtcp2 at server side and find the ratio of conn_create_ack_frame is too high with a ratio of 1.8%. I track the source and get some info.
server call ngtcp2_conn_writev_stream to send every packet to client and always call conn_write_handshake_ack_pkts before and after handshake completeness. My point is at conn_write_handshake_ack_pkts. Initial and handshake ACK packet should be skipped after handshake ACK is sent, right？

2.debug code：
//after handshake ack sent and handshake complete，skip
static ssize_t conn_write_handshake_ack_pkts(ngtcp2_conn *conn, uint8_t *dest,
size_t destlen, ngtcp2_tstamp ts) {
ssize_t res = 0, nwrite;
static uint16_t check_flag=0;
int require_padding = !conn->hs_pktns.tx_ckm;

if (require_padding) {
/* PADDING frame counts toward bytes_in_flight, thus destlen is
constrained to cwnd */
destlen = ngtcp2_min(destlen, conn_cwnd_left(conn));
}
if (check_flag){
return 0;
}
nwrite = conn_write_handshake_ack_pkt(conn, dest, destlen, NGTCP2_PKT_INITIAL,
require_padding, ts);
if (nwrite < 0) {
assert(nwrite != NGTCP2_ERR_NOBUF);
return nwrite;
}

res += nwrite;
dest += nwrite;
destlen -= (size_t)nwrite;

nwrite = conn_write_handshake_ack_pkt(
conn, dest, destlen, NGTCP2_PKT_HANDSHAKE, 0 /* require_padding */, ts);
if (nwrite < 0) {
assert(nwrite != NGTCP2_ERR_NOBUF);
return nwrite;
}
if(ngtcp2_conn_get_handshake_completed(conn)){
check_flag = 1;
}
return res + nwrite;
}

3.Enviroment：
Client GET /index.html_1M Server
client connect with server and get 1M file

4 call stack：
ngtcp2_conn_writev_stream ->
conn_write_handshake_ack_pkts ->
conn_write_handshake_ack_pkt ->
conn_create_ack_frame

5 raw data：

3.35% lt-ngquic libjemalloc.so.1 [.] free
2.86% lt-ngquic libjemalloc.so.1 [.] malloc
1.80% lt-ngquic libngtcp2.so.0.0.0 [.] conn_create_ack_frame.constprop.2
1.35% lt-ngquic libcrypto.so.1.1 [.] OPENSSL_cleanse

compiling draft-17 branch fails

Hi,

When compiling draft-17 branch (on Mac osx) i get the error below.
Master compiles and works withouth errors.
Any idea?

client.cc:809:3: error: no matching function for call to 'SSL_set_key_callback'
SSL_set_key_callback(ssl_, key_cb, this);
^~~~~~~~~~~~~~~~~~~~
/Users/peter/source/os/openssl/build/include/openssl/ssl.h:634:6: note: candidate function not viable: no known conversion from 'int (SSL *,
int, const unsigned char *, size_t, void *)' (aka 'int (ssl_st *, int, const unsigned char *, unsigned long, void )') to 'int ()(SSL
*, int, const unsigned char *, size_t, const unsigned char *, size_t, const unsigned char *, size_t, void )' (aka 'int ()(ssl_st *,
int, const unsigned char *, unsigned long, const unsigned char *, unsigned long, const unsigned char *, unsigned long, void *)') for
2nd argument
void SSL_set_key_callback(SSL *ssl,

IETF draft 14 master failed to enable cipher suite negotiation.

on the client side, ngtcp2 supply command line args to control cipher suite negotiation as below.
--ciphers=
Specify the cipher suite list to enable.

however, no matter what arguements set in --ciphers= , the server response only with a cipher suite "TLS_AES_256_GCM_SHA384", why ? is it a bug or my misuse in command line?

Re-ordered Client Initial and Client Cleartext

The current server code expects Client Initial comes first before Client Cleartext. This might not be true if they are reordered. We have implemented reordered STREAM frames, but we wrongly check the packet type in a certain order.

wrapped ngtcp2 library

Hi, recently I wrote a library which is wrapped ngtcp2 library, call Openngtcp2.
Basically Openngtcp2 is a lib to make ngtcp2 to easier to use. It wrapped cryptography, ssl bio interface, handshake and callbacks. Users only care when to read and write, no need to handle any detail which in your examples.
Currently is supported to QUIC draft-12.

Cannot reach QUIC server from external address

When running quic Server on my debian 9 x86_64 system with the following command:

screen ./server example.com 4433 /etc/nginx/example.key /etc/nginx/example.crt --htdocs=/etc/nginx/html

And I start the client on the same machine with:

./client example.com 4433 -i

then I can perform GET requests in the console successfully, because I see the Hexa encoded html Output.

However when starting the client on another machine with the same setup, it says:

t=2.803593 TX Initial(0x7f) CID=0xed376d72ef55ad10 PKN=1187533146 V=0xff000008
           STREAM(0x12) FIN=0 LEN=1 OFF=0
           stream_id=0x0 fin=0 offset=0 data_length=314
           ; BIDI
           PADDING(0x00)
           length=881
recvfrom: Connection refused
ngtcp2_conn_write_pkt: ERR_PKT_TIMEOUT
ngtcp2_conn_write_connection_close: ERR_INVALID_STATE
ngtcp2_conn_write_connection_close: ERR_INVALID_STATE
ngtcp2_conn_write_connection_close: ERR_INVALID_STATE

What I also tried was to set iptable rules:

iptables -A INPUT -p udp --dport 4433 -j ACCEPT
iptables -A OUTPUT -p udp --dport 4433 -j ACCEPT

And removing my Hostname/Domain from the hosts file, where it was definded as localhost.

But both did not fix the issue. So my question is: How do I get my quic server to be reachable from outside like the nghttp2.org:4433 page?

Question about handle_remote_stream_id_extension()

I found an issue, for example:

the initial value of unsent_max_remote_stream_id_bidi is 8 on server
client used stream id 4 and 8 to communicate with server and closed stream id 4 and 8
server also closed stream id 4 and 8.
In this case, unsent_max_remote_stream_id_bidi will not be updated on server, because stream 0 has not been closed. Now client can not create new stream.

Is it reasonable ? Maybe the unsent_max_remote_stream_id_bidi should be added by 4 once a remote stream has been closed.

how to run test case?

I want to make and run the test case on linux centos7.2 ,but failed .
What the step to run testcase?

Adjust packet number

Packet number is 64 bits, but it is encoded in its least significant 32 bits.
Use the logic described in the quic transport draft to get full packet number.

Should not use RST_STREAM frame to terminate stream

8.3. RST_STREAM Frame
After sending a RST_STREAM, an endpoint ceases transmission and retransmission of STREAM frames on the identified stream.

There is no guarantee that client can receive all packets after receive RST_STREAM frame.

Re-transmit lost packets

项目编译错误

你好，请问我在做make -j$(nproc) check命令时出现多次
error: ‘SSL_KEY_CLIENT_HANDSHAKE_TRAFFIC’ was not declared in this scope
是什么原因呢

Re-write assembly of reordered stream data

Current implementation of reassembly of reordered stream data is quit inefficient and not robust.

./configure: line 3795: syntax error near unexpected token`2.2.6'

When I make

$ ./configure PKG_CONFIG_PATH=$PWD/../openssl/build/lib/pkgconfig LDFLAGS="-Wl,-rpath,$PWD/../openssl/build/lib"

I get


./configure: line 3795: syntax error near unexpected token`2.2.6'
./configure: line 3795: `LT_PREREQ(2.2.6)'

Want to use ngtcp2 for project

Hi,
I want to use this library for a project in which I am trying to port a protocol called MQTT to run over QUIC. I saw the example server and client but was not able to understand how exactly can I carry a simple task of establishing a connection and send some data over streams and close connection. Apart from that how may I specify if connection should be 1RTT or 0RRT. If you can point me to some direction it would be really appreciated. Thanks

OpenSSL use TLS 1.3 draft-21

With last openssl git master, it using now TLS 1.3 draft-21 (openssl/openssl@07ff590 )

Need to update the documentation (or add not about don't use openssl after this commit ( openssl/openssl@07ff590 )

Pending Handshake in somewhere.

I've ran server under 10 % loss env, and server or client will be pended in handshake state

server

Using document root /root/ngtcp2_test/examples/
I00000000 0xd96c1159756e4de1 con recv packet len=1252
I00000000 0x59b66bdabd7b6299 frm 1207677600 rx Initial(0x7f) STREAM(0x12) id=0x0 fin=0 offset=0 len=290 uni=0
Ordered STREAM data stream_id=0x0
00000000  16 03 01 01 1d 01 00 01  19 03 03 9e 5a 35 a3 f1  |............Z5..|
00000010  b6 44 c7 7b f8 bd 7f 41  45 0e d9 37 a3 d1 a8 9d  |.D.{...AE..7....|
00000020  5e 5b b4 7e 3f 1b 64 df  f1 67 51 00 00 08 13 01  |^[.~?.d..gQ.....|
00000030  13 02 13 03 00 ff 01 00  00 e8 00 1a 00 2c ff 00  |.............,..|
00000040  00 09 00 26 00 00 00 04  00 a0 00 00 00 01 00 04  |...&............|
00000050  00 a0 00 00 00 03 00 02  00 3c 00 02 00 04 00 00  |.........<......|
00000060  00 01 00 08 00 04 00 00  00 03 00 00 00 0e 00 0c  |................|
00000070  00 00 09 6c 6f 63 61 6c  68 6f 73 74 00 0b 00 04  |...localhost....|
00000080  03 00 01 02 00 0a 00 0a  00 08 00 17 00 1d 00 18  |................|
00000090  00 19 00 23 00 00 00 10  00 08 00 06 05 68 71 2d  |...#.........hq-|
000000a0  30 39 00 16 00 00 00 17  00 00 00 0d 00 1c 00 1a  |09..............|
000000b0  04 03 05 03 06 03 08 07  08 09 08 0a 08 0b 08 04  |................|
000000c0  08 05 08 06 04 01 05 01  06 01 00 2b 00 03 02 7f  |...........+....|
000000d0  17 00 2d 00 02 01 01 00  33 00 47 00 45 00 17 00  |..-.....3.G.E...|
000000e0  41 04 7c 47 02 ba 2f 42  bf 77 c6 56 f4 67 e9 e5  |A.|G../B.w.V.g..|
000000f0  13 db 0d af f7 df 46 76  29 0f 7b 06 ea 7f 57 61  |......Fv).{...Wa|
00000100  95 8a 47 dc f3 21 4c 81  71 3f df 32 a3 fd 38 d9  |..G..!L.q?.2..8.|
00000110  82 2f 87 6f 3f bc 4c b2  bd 88 98 fd 7c e5 6e ca  |./.o?.L.....|.n.|
00000120  df aa                                             |..|
00000122
I00000000 0xd96c1159756e4de1 cry remote transport_parameters initial_version=0xff000009
I00000000 0xd96c1159756e4de1 cry remote transport_parameters initial_max_stream_data=10485760
I00000000 0xd96c1159756e4de1 cry remote transport_parameters initial_max_data=10485760
I00000000 0xd96c1159756e4de1 cry remote transport_parameters initial_max_stream_id_bidi=0x1
I00000000 0xd96c1159756e4de1 cry remote transport_parameters initial_max_stream_id_uni=0x3
I00000000 0xd96c1159756e4de1 cry remote transport_parameters idle_timeout=60
I00000000 0xd96c1159756e4de1 cry remote transport_parameters omit_connection_id=0
I00000000 0xd96c1159756e4de1 cry remote transport_parameters max_packet_size=65527
I00000000 0xd96c1159756e4de1 cry remote transport_parameters ack_delay_exponent=3
SSL_READ_EARLY_DATA_FINISH
I00000000 0x59b66bdabd7b6299 frm 1207677600 rx Initial(0x7f) PADDING(0x00) len=925
I00000000 0xd96c1159756e4de1 frm 2304307417 tx Handshake(0x7d) ACK(0x0e) largest_ack=1207677600 ack_delay=0(0) ack_block_count=0
I00000000 0xd96c1159756e4de1 frm 2304307417 tx Handshake(0x7d) ACK(0x0e) block=[1207677600..1207677600] block_count=0
I00000000 0xd96c1159756e4de1 frm 2304307417 tx Handshake(0x7d) STREAM(0x12) id=0x0 fin=0 offset=0 len=1192 uni=0
I00000000 0xd96c1159756e4de1 rcv loss_detection_alarm=9500929947059437 last_hs_tx_pkt_ts=9500929747059437 alarm_duration=200
I00000005 0xd96c1159756e4de1 frm 2304307418 tx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000005 0xd96c1159756e4de1 rcv loss_detection_alarm=9500929952666315 last_hs_tx_pkt_ts=9500929752666315 alarm_duration=200
I00000235 0xd96c1159756e4de1 con recv packet len=45
I00000235 0xd96c1159756e4de1 frm 1207677601 rx Handshake(0x7d) ACK(0x0e) largest_ack=2304307418 ack_delay=0(0) ack_block_count=0
I00000235 0xd96c1159756e4de1 frm 1207677601 rx Handshake(0x7d) ACK(0x0e) block=[2304307418..2304307418] block_count=0
I00000235 0xd96c1159756e4de1 rcv latest_rtt=229 min_rtt=229 smoothed_rtt=229.662 rttvar=114.831 max_ack_delay=0
I00000235 0xd96c1159756e4de1 con [cc_on_pkt_acked] window changed window 15399, ssthresh 18446744073709551615
I00000235 0xd96c1159756e4de1 rcv loss_detection_alarm=9500930211991247 last_hs_tx_pkt_ts=9500929752666315 alarm_duration=459
Closing period has started
ngtcp2_conn_write_connection_close: ERR_INVALID_STATE
Closing QUIC connection

I00000000 0x59b66bdabd7b6299 frm 1207677600 tx Initial(0x7f) STREAM(0x12) id=0x0 fin=0 offset=0 len=290 uni=0
I00000000 0x59b66bdabd7b6299 frm 1207677600 tx Initial(0x7f) PADDING(0x00) len=925
I00000000 0x59b66bdabd7b6299 rcv loss_detection_alarm=490482684815480 last_hs_tx_pkt_ts=490482484815480 alarm_duration=200
I00000400 0x59b66bdabd7b6299 con recv packet len=799
I00000400 0xd96c1159756e4de1 frm 2304307418 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000400 0xd96c1159756e4de1 frm 1207677601 tx Handshake(0x7d) ACK(0x0e) largest_ack=2304307418 ack_delay=0(0) ack_block_count=0
I00000400 0xd96c1159756e4de1 frm 1207677601 tx Handshake(0x7d) ACK(0x0e) block=[2304307418..2304307418] block_count=0
290 write 0
290 read 0
read2 0
read2 0
read2 0
read2 0
read2 0
ngtcp2_conn_write_connection_close: ERR_INVALID_STATE

the 4th Implementation Draft branch

Hi guys

from README, it seems that ngtcp2 is now focus on the 4th Implementation Draft (which is draft 09), what I want to make clear is if master branch working on draft -09

Endpoint Settings

I want to propose a feature called: Endpoint Settings.

Endpoint Settings are configurable parameters that control how the endpoint behaves in its role as a QUIC endpoint. These settings are different from Transport Parameters because they are private to the endpoint and inform the endpoint on how it itself should behave. They need not be advertised, like Transport Parameters, which are used to inform the other side.

Connection Settings are hierarchical:

Natural defaults hard coded into the library
Application wide defaults passed into the library at initialisation time
Client Connection defaults passed to the client connection at initialisation time
Server defaults passed to a server at initialisation time
Per Connection specific settings passed in to active connections
Streams in a connection will inherit and abide by the settings of their connection. There will likely be Stream level settings which can be implemented at another time.

Initialisation params are passed to init functions as struct pointers.
Per Connection specific settings are passed in as struct pointers using a function akin to setsockopt:
ngtcp2_set_endpoint_settings(conn_handle, &endpoint_settings);

Endpoint Settings that I want to implement as a proof of concept are:
retry_limit:
maximum number of packet retries to send before declaring a packet and connection lost. Default: 4?
retry_timeout_step:
number of seconds to add to each retry timeout: retry_timeout*N where 1 <= N <= retry_limit. Default: 1 second

Although the above settings may eventually be moved into a specific congestion control subsystem, I think they are good examples to prove the Endpoint Settings concept. In future, I foresee many other options being included in Endpoint Settings, for example equivalents of:

Nagle's Algorithm: either disable or set mss value or a timeout for holding size < mss before sending
TCP_MD5 (QUIC_MD5): remember QUIC is a transport layer
MTU or max packet size setting
Other connection level settings already described in the RFC

What are your thoughts on this?

Trying to transfer files through two paths in a time.

Hi. It's me again. And this time I am trying to make the examples/server able to send files through two UDP streams at the same time to client when they both get 2 IP addresses.

I am trying to figure out how the code work so far. And I guess I might handle it by rewriting some code in Class Server and Client without touching anything in Handler. For example, I want to create two socks in one C-S pair and just use the send_to function Round-Robinly.

My question is, is it possible creating a second path which is only use to send the files without touching the Class Handler or anything below it?

Thanks a lot for your help.

Parse all frames

Parse all frames to at least decode any valid QUIC packets.

At the moment, decoding STREAM, ACK and PADDING frames has been implemented.

No Padding info on client debug

On client debug log, there is no info about Padding
from your example
$ examples/client 127.0.0.1 3000
[ 0.000213] send Client Initial packet
<conn_id=0x06675539ce47c609, pkt_num=417370691, ver=0xff000004>
STREAM frame
<stream_id=0x00000000, offset=0, data_length=147>

But with server, we see info

[ 0.806688] recv Client Initial packet
<conn_id=0x06675539ce47c609, pkt_num=417370691, ver=0xff000004>
STREAM frame
<stream_id=0x00000000, offset=0, data_length=147>
PADDING frame
<length=1076>

And checked with wireshark, and there is a padding in Client Initial packet

Request: ngtcp2 as a module for nginx to server websites via quic

Hi,

since I read through some of the iquic implementations, I've seen the ngx_quic one, which seems to stay inactive/incomplete for now sadly. So I was wondering if this project ngtcp2 could potentially be used in combination with nginx as the webserver to serve websites via iquic in the future.

So is it possible to compile it with nginx somehow, yet (Considering compiling nginx with the patched openssl for 0-RTT)?

Can't retransmit handshake packet

I00000000 0x1df83a845332e6e5 frm 2762535630 tx Initial(0x7f) STREAM(0x12) id=0x0 fin=0 offset=0 len=290 uni=0
I00000000 0x1df83a845332e6e5 frm 2762535630 tx Initial(0x7f) PADDING(0x00) len=925
I00000000 0x1df83a845332e6e5 rcv loss_detection_alarm=1522506647784881920 last_hs_tx_pkt_ts=1522506647584881920 alarm_duration=200
I00000002 0x1df83a845332e6e5 con recv packet len=1241
I00000002 0x092d89e403f81fce frm 3904113170 rx Handshake(0x7d) ACK(0x0e) largest_ack=2762535630 ack_delay=0(0) ack_block_count=0
I00000002 0x092d89e403f81fce frm 3904113170 rx Handshake(0x7d) ACK(0x0e) block=[2762535630..2762535630] block_count=0
I00000002 0x092d89e403f81fce rcv latest_rtt=2 min_rtt=2 smoothed_rtt=2.336 rttvar=1.168 max_ack_delay=0
I00000002 0x092d89e403f81fce rcv loss detection alarm canceled
I00000002 0x092d89e403f81fce frm 3904113170 rx Handshake(0x7d) STREAM(0x12) id=0x0 fin=0 offset=0 len=1192 uni=0
I00000002 0x092d89e403f81fce frm 2762535631 tx Handshake(0x7d) ACK(0x0e) largest_ack=3904113170 ack_delay=0(0) ack_block_count=0
I00000002 0x092d89e403f81fce frm 2762535631 tx Handshake(0x7d) ACK(0x0e) block=[3904113170..3904113170] block_count=0
I00000002 0x092d89e403f81fce con recv packet len=799
I00000002 0x092d89e403f81fce frm 3904113171 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000002 0x092d89e403f81fce frm 2762535632 tx Handshake(0x7d) ACK(0x0e) largest_ack=3904113171 ack_delay=0(0) ack_block_count=0
I00000002 0x092d89e403f81fce frm 2762535632 tx Handshake(0x7d) ACK(0x0e) block=[3904113171..3904113170] block_count=1
I00000002 0x092d89e403f81fce frm 2762535632 tx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=290 len=58 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
QUIC handshake has completed
I00000002 0x092d89e403f81fce frm 2762535633 tx S01(0x1f) ACK(0x0e) largest_ack=3904113171 ack_delay=0(0) ack_block_count=0
I00000002 0x092d89e403f81fce frm 2762535633 tx S01(0x1f) ACK(0x0e) block=[3904113171..3904113170] block_count=1
I00000002 0x092d89e403f81fce frm 2762535633 tx S01(0x1f) STREAM(0x12) id=0x4 fin=0 offset=0 len=1199 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535634 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=1199 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535635 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=2410 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535636 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=3621 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535637 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=4832 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535638 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=6043 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535639 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=7254 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535640 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=8465 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535641 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=9676 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535642 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=10887 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535643 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=12098 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000002 0x092d89e403f81fce frm 2762535644 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=13309 len=1211 uni=0
I00000002 0x092d89e403f81fce rcv loss_detection_alarm=1522506647597217920 last_hs_tx_pkt_ts=1522506647587217920 alarm_duration=10
I00000013 0x092d89e403f81fce rcv loss detection alarm fired
I00000013 0x092d89e403f81fce rcv retransmit unprotected packet 2762535632 sent_ts=1522506647587217920
I00000013 0x092d89e403f81fce rcv handshake_count=1 tlp_count=0 rto_count=0
I00000014 0x092d89e403f81fce rcv loss detection alarm fired
I00000014 0x092d89e403f81fce frm 2762535645 tx S01(0x1f) PING(0x07) len=0 data=
I00000014 0x092d89e403f81fce rcv handshake_count=1 tlp_count=1 rto_count=0
I00000014 0x092d89e403f81fce rcv loss detection alarm fired
I00000014 0x092d89e403f81fce frm 2762535646 tx S01(0x1f) PING(0x07) len=0 data=
I00000014 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=0
I00000014 0x092d89e403f81fce con recv packet len=799
I00000014 0x092d89e403f81fce frm 3904113172 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000016 0x092d89e403f81fce frm 2762535647 tx S01(0x1f) ACK(0x0e) largest_ack=3904113172 ack_delay=1(187) ack_block_count=0
I00000016 0x092d89e403f81fce frm 2762535647 tx S01(0x1f) ACK(0x0e) block=[3904113172..3904113170] block_count=2
I00000043 0x092d89e403f81fce con recv packet len=799
I00000043 0x092d89e403f81fce frm 3904113173 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000044 0x092d89e403f81fce frm 2762535648 tx S01(0x1f) ACK(0x0e) largest_ack=3904113173 ack_delay=1(149) ack_block_count=0
I00000044 0x092d89e403f81fce frm 2762535648 tx S01(0x1f) ACK(0x0e) block=[3904113173..3904113170] block_count=3
I00000100 0x092d89e403f81fce con recv packet len=799
I00000100 0x092d89e403f81fce frm 3904113174 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000101 0x092d89e403f81fce frm 2762535649 tx S01(0x1f) ACK(0x0e) largest_ack=3904113174 ack_delay=1(165) ack_block_count=0
I00000101 0x092d89e403f81fce frm 2762535649 tx S01(0x1f) ACK(0x0e) block=[3904113174..3904113170] block_count=4
I00000202 0x092d89e403f81fce rcv loss detection alarm fired
I00000202 0x092d89e403f81fce frm 2762535650 tx S01(0x1f) PING(0x07) len=0 data=
I00000202 0x092d89e403f81fce frm 2762535651 tx S01(0x1f) PING(0x07) len=0 data=
I00000202 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=1
I00000212 0x092d89e403f81fce con recv packet len=799
I00000212 0x092d89e403f81fce frm 3904113175 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000213 0x092d89e403f81fce frm 2762535652 tx S01(0x1f) ACK(0x0e) largest_ack=3904113175 ack_delay=1(167) ack_block_count=0
I00000213 0x092d89e403f81fce frm 2762535652 tx S01(0x1f) ACK(0x0e) block=[3904113175..3904113170] block_count=5
I00000402 0x092d89e403f81fce rcv loss detection alarm fired
I00000402 0x092d89e403f81fce frm 2762535653 tx S01(0x1f) PING(0x07) len=0 data=
I00000402 0x092d89e403f81fce frm 2762535654 tx S01(0x1f) PING(0x07) len=0 data=
I00000402 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=2
I00000436 0x092d89e403f81fce con recv packet len=799
I00000436 0x092d89e403f81fce frm 3904113176 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000438 0x092d89e403f81fce frm 2762535655 tx S01(0x1f) ACK(0x0e) largest_ack=3904113176 ack_delay=1(181) ack_block_count=0
I00000438 0x092d89e403f81fce frm 2762535655 tx S01(0x1f) ACK(0x0e) block=[3904113176..3904113170] block_count=6
I00000802 0x092d89e403f81fce rcv loss detection alarm fired
I00000802 0x092d89e403f81fce frm 2762535656 tx S01(0x1f) PING(0x07) len=0 data=
I00000802 0x092d89e403f81fce frm 2762535657 tx S01(0x1f) PING(0x07) len=0 data=
I00000802 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=3
I00000884 0x092d89e403f81fce con recv packet len=799
I00000884 0x092d89e403f81fce frm 3904113177 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00000886 0x092d89e403f81fce frm 2762535658 tx S01(0x1f) ACK(0x0e) largest_ack=3904113177 ack_delay=1(168) ack_block_count=0
I00000886 0x092d89e403f81fce frm 2762535658 tx S01(0x1f) ACK(0x0e) block=[3904113177..3904113170] block_count=7
I00001602 0x092d89e403f81fce rcv loss detection alarm fired
I00001602 0x092d89e403f81fce frm 2762535659 tx S01(0x1f) PING(0x07) len=0 data=
I00001602 0x092d89e403f81fce frm 2762535660 tx S01(0x1f) PING(0x07) len=0 data=
I00001602 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=4
I00001779 0x092d89e403f81fce con recv packet len=799
I00001779 0x092d89e403f81fce frm 3904113178 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00001781 0x092d89e403f81fce frm 2762535661 tx S01(0x1f) ACK(0x0e) largest_ack=3904113178 ack_delay=1(200) ack_block_count=0
I00001781 0x092d89e403f81fce frm 2762535661 tx S01(0x1f) ACK(0x0e) block=[3904113178..3904113170] block_count=8
I00003203 0x092d89e403f81fce rcv loss detection alarm fired
I00003203 0x092d89e403f81fce frm 2762535662 tx S01(0x1f) PING(0x07) len=0 data=
I00003203 0x092d89e403f81fce frm 2762535663 tx S01(0x1f) PING(0x07) len=0 data=
I00003203 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=5
I00003568 0x092d89e403f81fce con recv packet len=799
I00003568 0x092d89e403f81fce frm 3904113179 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00003569 0x092d89e403f81fce frm 2762535664 tx S01(0x1f) ACK(0x0e) largest_ack=3904113179 ack_delay=1(173) ack_block_count=0
I00003569 0x092d89e403f81fce frm 2762535664 tx S01(0x1f) ACK(0x0e) block=[3904113179..3904113170] block_count=9
I00006406 0x092d89e403f81fce rcv loss detection alarm fired
I00006406 0x092d89e403f81fce frm 2762535665 tx S01(0x1f) PING(0x07) len=0 data=
I00006406 0x092d89e403f81fce frm 2762535666 tx S01(0x1f) PING(0x07) len=0 data=
I00006406 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=6
I00007145 0x092d89e403f81fce con recv packet len=799
I00007145 0x092d89e403f81fce frm 3904113180 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00007147 0x092d89e403f81fce frm 2762535667 tx S01(0x1f) ACK(0x0e) largest_ack=3904113180 ack_delay=1(171) ack_block_count=0
I00007147 0x092d89e403f81fce frm 2762535667 tx S01(0x1f) ACK(0x0e) block=[3904113180..3904113170] block_count=10
I00012803 0x092d89e403f81fce rcv loss detection alarm fired
I00012803 0x092d89e403f81fce frm 2762535668 tx S01(0x1f) PING(0x07) len=0 data=
I00012803 0x092d89e403f81fce frm 2762535669 tx S01(0x1f) PING(0x07) len=0 data=
I00012803 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=7
I00014301 0x092d89e403f81fce con recv packet len=799
I00014301 0x092d89e403f81fce frm 3904113181 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00014302 0x092d89e403f81fce frm 2762535670 tx S01(0x1f) ACK(0x0e) largest_ack=3904113181 ack_delay=1(168) ack_block_count=0
I00014302 0x092d89e403f81fce frm 2762535670 tx S01(0x1f) ACK(0x0e) block=[3904113181..3904113170] block_count=11
I00025613 0x092d89e403f81fce rcv loss detection alarm fired
I00025613 0x092d89e403f81fce frm 2762535671 tx S01(0x1f) PING(0x07) len=0 data=
I00025613 0x092d89e403f81fce frm 2762535672 tx S01(0x1f) PING(0x07) len=0 data=
I00025613 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=8
I00028609 0x092d89e403f81fce con recv packet len=799
I00028609 0x092d89e403f81fce frm 3904113182 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00028611 0x092d89e403f81fce frm 2762535673 tx S01(0x1f) ACK(0x0e) largest_ack=3904113182 ack_delay=1(169) ack_block_count=0
I00028611 0x092d89e403f81fce frm 2762535673 tx S01(0x1f) ACK(0x0e) block=[3904113182..3904113170] block_count=12
I00051225 0x092d89e403f81fce rcv loss detection alarm fired
I00051225 0x092d89e403f81fce frm 2762535674 tx S01(0x1f) PING(0x07) len=0 data=
I00051225 0x092d89e403f81fce frm 2762535675 tx S01(0x1f) PING(0x07) len=0 data=
I00051225 0x092d89e403f81fce rcv handshake_count=1 tlp_count=2 rto_count=9
I00057226 0x092d89e403f81fce con recv packet len=799
I00057226 0x092d89e403f81fce frm 3904113183 rx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=1192 len=760 uni=0
I00057228 0x092d89e403f81fce frm 2762535676 tx S01(0x1f) ACK(0x0e) largest_ack=3904113183 ack_delay=1(171) ack_block_count=0
I00057228 0x092d89e403f81fce frm 2762535676 tx S01(0x1f) ACK(0x0e) block=[3904113183..3904113170] block_count=13
Timeout
I00087257 0x092d89e403f81fce frm 2762535677 tx S01(0x1f) CONNECTION_CLOSE(0x02) error_code=NO_ERROR(0) reason_len=0

Creating own apache server at the server side.

Hi. I am a college student trying to make the client and server in the examples directory my own ones.
I use apache2 to build a server in a ubuntu virtual box. The server contains only 1 .png image. Then I try to connect the client in the same virtual box to my own server using the giving examples/client and examples/server. I succeed in visiting my server in browser but not with the client. The log information shows that the connection between client and server is ok and received the "hello world!" successfully. But it is always 404 when I enter "GET /" in client with the -i parameter.
Can anyone tell me how to build my server correctly? I am trying to read the code of the whole thing and I am so confused. I will be so appreciated for your help.
By the way, when I use the command _client nghttp2.org 4433 -i _ and then enter "GET /" the source can be got successfully.

Build issues

(hey.. this is so cool to see. We are also actively looking into c based quic client )

Getting some errors like

server.cc:2222:25: error: ‘ssl_ctx’ was not declared in this scope
   Server s4(EV_DEFAULT, ssl_ctx);
                         ^
server.cc:2223:27: error: ‘addr’ was not declared in this scope
   if (!util::numeric_host(addr, AF_INET6)) {
                           ^
server.cc:2225:7: error: ‘ready’ was not declared in this scope
       ready = true;
       ^
server.cc:2230:27: error: ‘addr’ was not declared in this scope
   if (!util::numeric_host(addr, AF_INET)) {
                           ^
server.cc:2232:7: error: ‘ready’ was not declared in this scope
       ready = true;
       ^
server.cc:2236:8: error: ‘ready’ was not declared in this scope
   if (!ready) {
        ^
make[1]: *** [server.o] Error 1
make: *** [check-recursive] Error 1

after I did the following to prep my machine..

sudo apt-get install automake autoconf libtool autotools-dev
sudo apt-get install libcunit1 libcunit1-doc libcunit1-dev
sudo apt-get install libev-dev
sudo apt-get install cunit=2.1

any ideas? Love to try this out and see..

Send CONNECTION_CLOSE frame to close conneciton

Send CONNECTION_CLOSE frame to close connection after successful handshake.
This involves TLSv1.3 exporter to obtain key material from TLS session.

Performing HTTP Request over ngtcp2 (quic)

Hi everyone,

I wonder how do you make simple HTTP GET Request (as written in README) by passing empty value to "-i" option.

According to the README, the client manage to perform "GET /helloworld" and the example server then returns the corresponding HTML page. But unfortunately I cannot to do so even after following the steps.

Thus, am I missing something?
I am really interested to have an insight about how this early IETF's implementation of QUIC.

Thank you in advance for any responses/suggestions.

p.s. keep the good work :) 👍

ngtcp2 recv consistent ack packet for a large file

I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 frm 2992096611 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=56904 len=1211 uni=0
I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 frm 2992096612 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=58115 len=1211 uni=0
I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 frm 2992096613 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=59326 len=1211 uni=0
I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 frm 2992096614 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=60537 len=1211 uni=0
I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 frm 2992096615 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=61748 len=1211 uni=0
I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 frm 2992096616 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=62959 len=1211 uni=0
I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 frm 2992096617 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=64170 len=1211 uni=0
I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 frm 2992096618 tx S01(0x1f) STREAM(0x16) id=0x4 fin=0 offset=65381 len=155 uni=0
I00000009 0x71a94ad414ff12c2 rcv loss_detection_alarm=381524903823256 last_hs_tx_pkt_ts=381524893823256 alarm_duration=10
I00000009 0x71a94ad414ff12c2 con recv packet len=286
I00000009 0x71a94ad414ff12c2 frm 3285431959 rx S01(0x1f) ACK(0x0e) largest_ack=2992096563 ack_delay=0(35) ack_block_count=0
I00000009 0x71a94ad414ff12c2 frm 3285431959 rx S01(0x1f) ACK(0x0e) block=[2992096563..2992096562] block_count=1
I00000009 0x71a94ad414ff12c2 rcv latest_rtt=3 min_rtt=2 smoothed_rtt=2.334 rttvar=1.066 max_ack_delay=0
I00000009 0x71a94ad414ff12c2 frm 3285431959 rx S01(0x1f) PING(0x07) len=0 data=
I00000009 0x71a94ad414ff12c2 frm 3285431959 rx S01(0x1f) STREAM(0x16) id=0x0 fin=0 offset=1952 len=240 uni=0
I00000010 0x71a94ad414ff12c2 con recv packet len=43
I00000010 0x71a94ad414ff12c2 frm 3285431960 rx S01(0x1f) ACK(0x0e) largest_ack=2992096564 ack_delay=0(1) ack_block_count=0
I00000010 0x71a94ad414ff12c2 frm 3285431960 rx S01(0x1f) ACK(0x0e) block=[2992096564..2992096562] block_count=2
I00000010 0x71a94ad414ff12c2 rcv latest_rtt=1 min_rtt=1 smoothed_rtt=2.216 rttvar=1.037 max_ack_delay=0
I00000010 0x71a94ad414ff12c2 frm 3285431960 rx S01(0x1f) MAX_DATA(0x04) max_data=1049774
I00000010 0x71a94ad414ff12c2 con recv packet len=43
I00000010 0x71a94ad414ff12c2 frm 3285431961 rx S01(0x1f) ACK(0x0e) largest_ack=2992096565 ack_delay=0(0) ack_block_count=0
I00000010 0x71a94ad414ff12c2 frm 3285431961 rx S01(0x1f) ACK(0x0e) block=[2992096565..2992096562] block_count=3
I00000010 0x71a94ad414ff12c2 rcv latest_rtt=1 min_rtt=1 smoothed_rtt=2.109 rttvar=0.990 max_ack_delay=0
I00000010 0x71a94ad414ff12c2 frm 3285431961 rx S01(0x1f) MAX_DATA(0x04) max_data=1050985
I00000010 0x71a94ad414ff12c2 con recv packet len=43
I00000010 0x71a94ad414ff12c2 frm 3285431962 rx S01(0x1f) ACK(0x0e) largest_ack=2992096566 ack_delay=0(0) ack_block_count=0
I00000010 0x71a94ad414ff12c2 frm 3285431962 rx S01(0x1f) ACK(0x0e) block=[2992096566..2992096562] block_count=4
I00000010 0x71a94ad414ff12c2 rcv latest_rtt=1 min_rtt=1 smoothed_rtt=2.016 rttvar=0.930 max_ack_delay=0
I00000010 0x71a94ad414ff12c2 frm 3285431962 rx S01(0x1f) MAX_DATA(0x04) max_data=1052196

There are some performance issue when I test quic with ngtcp2 against tcp. The ack block is always 0 and acknowledge every packet we sent.

any benchmark with tcp

hi, i did not see any chat group about this project, i just ask here.

1, is there any benchmark with tcp?
2, is project is stable now?

thanks for your hard work.

Client side greasing

Add an ability to the client to send only reserved version number in Client Initial in order to exercise version negotiation.

Version Negotiation: don't random unused field

in section 5.3 (https://tools.ietf.org/html/draft-ietf-quic-transport-08#section-5.3= about unused field in Version Negotiation packet

it is say

The value in the Unused field is selected randomly by the server.

But actually it is always 0x00 on all packet

QUIC (Quick UDP Internet Connections) IETF
    1... .... = Header Form: Long Header (1)
    .000 0000 = Unused: 0x00
    Connection ID: 0x8d6f4cca909c3202
    Version: Version Negotiation (0x00000000)
    Supported Version: Unknown (0x5e5cbb6a)
    Supported Version: Unknown (0x7aba6a4a)
    Supported Version: draft-08 (0xff000008)

项目运行

你好，请问我编译项目后在运行客户端和服务器的时候为什么文件传输总是超时，我开启服务器的命令是./server 127.0.0.1 4433 server.key server.crt，客户端的命令是./client -d 文件路径 127.0.0.1 4433

Response retransmit handshake packet event if handshake done.

client side:

write something 0
I00000014 0x5a1f80d27a9a5145 rcv loss detection alarm fired
I00000014 0x5a1f80d27a9a5145 rcv retransmit unprotected packet 2204610146 sent_ts=1522549457229476864
I00000014 0x5a1f80d27a9a5145 rcv handshake_count=1 tlp_count=0 rto_count=0
I00000014 0x5a1f80d27a9a5145 frm 2204610159 tx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=290 len=58 uni=0
I00000014 0x5a1f80d27a9a5145 rcv loss_detection_alarm=1522549457260948992 last_hs_tx_pkt_ts=1522549457240948992 alarm_duration=20
write something 96
write something 0
I00000014 0x5a1f80d27a9a5145 con recv packet len=270
I00000014 0x5a1f80d27a9a5145 frm 1345629099 rx S01(0x1f) ACK(0x0e) largest_ack=2204610146 ack_delay=0(0) ack_block_count=0
I00000014 0x5a1f80d27a9a5145 frm 1345629099 rx S01(0x1f) ACK(0x0e) block=[2204610146..2204610145] block_count=1
I00000014 0x5a1f80d27a9a5145 rcv loss_detection_alarm=1522549457260948992 last_hs_tx_pkt_ts=1522549457240948992 alarm_duration=20

I00000020 0x5a1f80d27a9a5145 rcv packet lost 2204610159 sent_ts=1522549457240948992 unprotected=1

I00000020 0x5a1f80d27a9a5145 frm 2204610173 tx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=290 len=58 uni=0
I00000020 0x5a1f80d27a9a5145 rcv loss_detection_alarm=1522549457256562048 last_hs_tx_pkt_ts=1522549457246562048 alarm_duration=10
write something 96

I00000023 0x5a1f80d27a9a5145 rcv packet lost 2204610173 sent_ts=1522549457246562048 unprotected=1
I00000023 0x5a1f80d27a9a5145 frm 2204610187 tx Handshake(0x7d) STREAM(0x16) id=0x0 fin=0 offset=290 len=58 uni=0
I00000023 0x5a1f80d27a9a5145 rcv loss_detection_alarm=1522549457260264064 last_hs_tx_pkt_ts=1522549457250264064 alarm_duration=10
write something 96

Client recv the ack(1345629099) after the retransmittion of handshake packet(2204610159), then retransmit packet lost again and try another one (2204610173).

server

I00000019 0x5a1f80d27a9a5145 con unprotected packet 2204610173 is ignored because handshake has finished

I00000023 0x5a1f80d27a9a5145 frm 1345629104 tx S01(0x1f) ACK(0x0e) largest_ack=2204610186 ack_delay=2(362) ack_block_count=5
I00000023 0x5a1f80d27a9a5145 frm 1345629104 tx S01(0x1f) ACK(0x0e) block=[2204610186..2204610186] block_count=0
I00000023 0x5a1f80d27a9a5145 frm 1345629104 tx S01(0x1f) ACK(0x0e) block=[2204610184..2204610182] gap=0 block_count=2
I00000023 0x5a1f80d27a9a5145 frm 1345629104 tx S01(0x1f) ACK(0x0e) block=[2204610179..2204610177] gap=1 block_count=2
I00000023 0x5a1f80d27a9a5145 frm 1345629104 tx S01(0x1f) ACK(0x0e) block=[2204610172..2204610168] gap=3 block_count=4
I00000023 0x5a1f80d27a9a5145 frm 1345629104 tx S01(0x1f) ACK(0x0e) block=[2204610166..2204610166] gap=0 block_count=0
I00000023 0x5a1f80d27a9a5145 frm 1345629104 tx S01(0x1f) ACK(0x0e) block=[2204610161..2204610160] gap=3 block_count=1

Server recv 2204610173 and ignore.

and this packet (2204610173) will not include into ack.
That means client will retransmit this handshake packet again and again.

SSL_CTX_use_PrivateKey_file: error

Hi ,
I tried running following server command , it gives following error.
Any suggestions ?
thanks !
asingh@asingh-server1:/ngtcp2$ examples/server 127.0.0.1 4433 server.key server.crt
SSL_CTX_use_PrivateKey_file: error:02001002:system library:fopen:No such file or directory
asingh@asingh-server1:/ngtcp2$

how does ngtcp2 implement 0rtt ?

A client connects to ngtcp2 server and saves the session file, then it disconnects to the server. Now the related session will be removed from the ngtcp2 server. After that, the client uses the saved session file to connect to the ngtcp2 server and send 0rrt data to the server, the 0rtt data will be rejected by the ngtcp2 server because server can not find the related previous session by ssl_get_prev_session().

Is this reasonable for quic 0rtt ?

nghttp2.org:4433 does down?

examples/client nghttp2.org 4433

I can't reach to public server.

I use draft-17 version.

0rtt issue in the newest code

In the newest draft-15 code, when server receives 0rtt request, the recv_stream_data callback will be triggered before handshake_completed. If server sends more than 11k data to client in the first recv_stream_data callback before handshake_completed, the subsequent call ngtcp2_conn_write_handshake() will return -203(NGTCP2_ERR_NOBUF).

The code of last week has not this issue.