1 // Copyright 2023 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 //go:build go1.21 6 7 package quic 8 9 import ( 10 "crypto/tls" 11 "log/slog" 12 "math" 13 "time" 14 ) 15 16 // A Config structure configures a QUIC endpoint. 17 // A Config must not be modified after it has been passed to a QUIC function. 18 // A Config may be reused; the quic package will also not modify it. 19 type Config struct { 20 // TLSConfig is the endpoint's TLS configuration. 21 // It must be non-nil and include at least one certificate or else set GetCertificate. 22 TLSConfig *tls.Config 23 24 // MaxBidiRemoteStreams limits the number of simultaneous bidirectional streams 25 // a peer may open. 26 // If zero, the default value of 100 is used. 27 // If negative, the limit is zero. 28 MaxBidiRemoteStreams int64 29 30 // MaxUniRemoteStreams limits the number of simultaneous unidirectional streams 31 // a peer may open. 32 // If zero, the default value of 100 is used. 33 // If negative, the limit is zero. 34 MaxUniRemoteStreams int64 35 36 // MaxStreamReadBufferSize is the maximum amount of data sent by the peer that a 37 // stream will buffer for reading. 38 // If zero, the default value of 1MiB is used. 39 // If negative, the limit is zero. 40 MaxStreamReadBufferSize int64 41 42 // MaxStreamWriteBufferSize is the maximum amount of data a stream will buffer for 43 // sending to the peer. 44 // If zero, the default value of 1MiB is used. 45 // If negative, the limit is zero. 46 MaxStreamWriteBufferSize int64 47 48 // MaxConnReadBufferSize is the maximum amount of data sent by the peer that a 49 // connection will buffer for reading, across all streams. 50 // If zero, the default value of 1MiB is used. 51 // If negative, the limit is zero. 52 MaxConnReadBufferSize int64 53 54 // RequireAddressValidation may be set to true to enable address validation 55 // of client connections prior to starting the handshake. 56 // 57 // Enabling this setting reduces the amount of work packets with spoofed 58 // source address information can cause a server to perform, 59 // at the cost of increased handshake latency. 60 RequireAddressValidation bool 61 62 // StatelessResetKey is used to provide stateless reset of connections. 63 // A restart may leave an endpoint without access to the state of 64 // existing connections. Stateless reset permits an endpoint to respond 65 // to a packet for a connection it does not recognize. 66 // 67 // This field should be filled with random bytes. 68 // The contents should remain stable across restarts, 69 // to permit an endpoint to send a reset for 70 // connections created before a restart. 71 // 72 // The contents of the StatelessResetKey should not be exposed. 73 // An attacker can use knowledge of this field's value to 74 // reset existing connections. 75 // 76 // If this field is left as zero, stateless reset is disabled. 77 StatelessResetKey [32]byte 78 79 // HandshakeTimeout is the maximum time in which a connection handshake must complete. 80 // If zero, the default of 10 seconds is used. 81 // If negative, there is no handshake timeout. 82 HandshakeTimeout time.Duration 83 84 // MaxIdleTimeout is the maximum time after which an idle connection will be closed. 85 // If zero, the default of 30 seconds is used. 86 // If negative, idle connections are never closed. 87 // 88 // The idle timeout for a connection is the minimum of the maximum idle timeouts 89 // of the endpoints. 90 MaxIdleTimeout time.Duration 91 92 // KeepAlivePeriod is the time after which a packet will be sent to keep 93 // an idle connection alive. 94 // If zero, keep alive packets are not sent. 95 // If greater than zero, the keep alive period is the smaller of KeepAlivePeriod and 96 // half the connection idle timeout. 97 KeepAlivePeriod time.Duration 98 99 // QLogLogger receives qlog events. 100 // 101 // Events currently correspond to the definitions in draft-ietf-qlog-quic-events-03. 102 // This is not the latest version of the draft, but is the latest version supported 103 // by common event log viewers as of the time this paragraph was written. 104 // 105 // The qlog package contains a slog.Handler which serializes qlog events 106 // to a standard JSON representation. 107 QLogLogger *slog.Logger 108 } 109 110 func configDefault[T ~int64](v, def, limit T) T { 111 switch { 112 case v == 0: 113 return def 114 case v < 0: 115 return 0 116 default: 117 return min(v, limit) 118 } 119 } 120 121 func (c *Config) maxBidiRemoteStreams() int64 { 122 return configDefault(c.MaxBidiRemoteStreams, 100, maxStreamsLimit) 123 } 124 125 func (c *Config) maxUniRemoteStreams() int64 { 126 return configDefault(c.MaxUniRemoteStreams, 100, maxStreamsLimit) 127 } 128 129 func (c *Config) maxStreamReadBufferSize() int64 { 130 return configDefault(c.MaxStreamReadBufferSize, 1<<20, maxVarint) 131 } 132 133 func (c *Config) maxStreamWriteBufferSize() int64 { 134 return configDefault(c.MaxStreamWriteBufferSize, 1<<20, maxVarint) 135 } 136 137 func (c *Config) maxConnReadBufferSize() int64 { 138 return configDefault(c.MaxConnReadBufferSize, 1<<20, maxVarint) 139 } 140 141 func (c *Config) handshakeTimeout() time.Duration { 142 return configDefault(c.HandshakeTimeout, defaultHandshakeTimeout, math.MaxInt64) 143 } 144 145 func (c *Config) maxIdleTimeout() time.Duration { 146 return configDefault(c.MaxIdleTimeout, defaultMaxIdleTimeout, math.MaxInt64) 147 } 148 149 func (c *Config) keepAlivePeriod() time.Duration { 150 return configDefault(c.KeepAlivePeriod, defaultKeepAlivePeriod, math.MaxInt64) 151 } 152