Do not use 0-RTT without a ticket

This fixes some cases, although still not perfect and does not work 100%

Do not use 0-RTT without a ticket
c72d323d · Oto Šťáva · 9a40147e · c72d323d · c72d323d · c72d323d
Commit c72d323d authored 1 year ago by Oto Šťáva
--- a/replay/dnssim/src/output/dnssim/internal.h
+++ b/replay/dnssim/src/output/dnssim/internal.h
@@ -150,6 +150,7 @@ typedef enum _output_dnssim_read_state {
 /* TLS-related data for a single connection. */
 typedef struct _output_dnssim_tls_ctx {
    gnutls_session_t session;
+    bool has_ticket;
    uint8_t*         buf;
    ssize_t          buf_len;
    ssize_t          buf_pos;

--- a/replay/dnssim/src/output/dnssim/quic.c
+++ b/replay/dnssim/src/output/dnssim/quic.c
@@ -248,6 +248,13 @@ static int stream_close_cb(ngtcp2_conn* qconn, uint32_t flags,
        return 0;
    }

+    if (flags & NGTCP2_STREAM_CLOSE_FLAG_APP_ERROR_CODE_SET) {
+        mldebug("stream closed with app error code: %" PRIu64, app_error_code);
+        _output_dnssim_conn_move_query_to_pending(qry);
+        _output_dnssim_handle_pending_queries(conn->client);
+        return 0;
+    }
+
    if (qry->recv_buf_len)
        _output_dnssim_read_dns_stream(conn, qry->recv_buf_len, (char*)qry->recv_buf, stream_id);

@@ -558,7 +565,7 @@ int  _output_dnssim_quic_connect(output_dnssim_t* self, _output_dnssim_connectio
    }

    /* Set up 0-RTT */
-    if (conn->client->dnssim->zero_rtt && conn->client->zero_rtt_data) {
+    if (conn->client->dnssim->zero_rtt && conn->client->zero_rtt_data && conn->tls->has_ticket) {
        ret = ngtcp2_conn_decode_and_set_0rtt_transport_params(
                conn->quic->qconn,
                conn->client->zero_rtt_data->data,

--- a/replay/dnssim/src/output/dnssim/tls.c
+++ b/replay/dnssim/src/output/dnssim/tls.c
@@ -287,6 +287,7 @@ int  _output_dnssim_tls_init(_output_dnssim_connection_t* conn, bool has_0rtt)

    int ret;
    mlfatal_oom(conn->tls = malloc(sizeof(_output_dnssim_tls_ctx_t)));
+    conn->tls->has_ticket       = false;
    conn->tls->buf              = NULL;
    conn->tls->buf_len          = 0;
    conn->tls->buf_pos          = 0;
@@ -294,9 +295,8 @@ int  _output_dnssim_tls_init(_output_dnssim_connection_t* conn, bool has_0rtt)

    unsigned int flags = GNUTLS_CLIENT | GNUTLS_NONBLOCK;

-    if (has_0rtt) {
+    if (has_0rtt && conn->client->tls_ticket.size != 0) {
        flags |= GNUTLS_ENABLE_EARLY_DATA
-            | GNUTLS_ENABLE_FALSE_START
            | GNUTLS_NO_END_OF_EARLY_DATA;
    }

@@ -344,6 +344,7 @@ int  _output_dnssim_tls_init(_output_dnssim_connection_t* conn, bool has_0rtt)
        gnutls_session_set_data(conn->tls->session, ticket->data, ticket->size);
        gnutls_free(conn->client->tls_ticket.data);
        conn->client->tls_ticket.size = 0;
+        conn->tls->has_ticket = true;
    }

    gnutls_transport_set_pull_function(conn->tls->session, _tls_pull);