in quic/s2n-quic-transport/src/space/session_context.rs [389:516]
fn on_one_rtt_keys(
&mut self,
key: <<Config::TLSEndpoint as tls::Endpoint>::Session as CryptoSuite>::OneRttKey,
header_key: <<Config::TLSEndpoint as tls::Endpoint>::Session as CryptoSuite>::OneRttHeaderKey,
application_parameters: tls::ApplicationParameters,
) -> Result<(), transport::Error> {
if self.application.is_some() {
return Err(transport::Error::INTERNAL_ERROR
.with_reason("application keys initialized more than once"));
}
if Config::ENDPOINT_TYPE.is_client() {
//= https://www.rfc-editor.org/rfc/rfc9001#section-4.9.3
//# Therefore, a client SHOULD discard 0-RTT keys as soon as it installs
//# 1-RTT keys as they have no use after that moment.
*self.zero_rtt_crypto = None;
}
// Parse transport parameters
let param_decoder = DecoderBuffer::new(application_parameters.transport_parameters);
let (
peer_flow_control_limits,
active_connection_id_limit,
datagram_limits,
max_ack_delay,
dc_version,
) = match Config::ENDPOINT_TYPE {
endpoint::Type::Client => self.on_server_params(param_decoder)?,
endpoint::Type::Server => self.on_client_params(param_decoder)?,
};
let remote_address = self.path_manager.active_path().remote_address().0;
let info = HandshakeInfo::new(
&remote_address,
self.server_name.as_ref(),
self.application_protocol,
);
let mut updatable_limits = UpdatableLimits::new(self.limits);
self.limits_endpoint
.on_post_handshake(&info, &mut updatable_limits);
self.local_id_registry
.set_active_connection_id_limit(active_connection_id_limit.as_u64());
let stream_manager = <Config::StreamManager as stream::Manager>::new(
self.limits,
Config::ENDPOINT_TYPE,
self.limits.initial_flow_control_limits(),
peer_flow_control_limits,
self.path_manager.active_path().rtt_estimator.min_rtt(),
);
let ack_manager = AckManager::new(
PacketNumberSpace::ApplicationData,
self.limits.ack_settings(),
);
let keep_alive = KeepAlive::new(
self.limits.max_idle_timeout(),
self.limits.max_keep_alive_period(),
);
let conn_info =
ConnectionInfo::new(datagram_limits.max_datagram_payload, self.waker.clone());
let (datagram_sender, datagram_receiver) = self.datagram.create_connection(&conn_info);
let datagram_manager = datagram::Manager::new(
datagram_sender,
datagram_receiver,
datagram_limits.max_datagram_payload,
);
let dc_manager = if let Some(dc_version) = dc_version {
let application_params = dc::ApplicationParams::new(
self.path_manager
.active_path()
.mtu_controller
.max_datagram_size() as u16,
&peer_flow_control_limits,
self.limits,
);
let remote_address = self.path_manager.active_path().remote_address().0;
let conn_info = dc::ConnectionInfo::new(
&remote_address,
dc_version,
application_params,
Config::ENDPOINT_TYPE.into_event(),
);
let dc_path = self.dc.new_path(&conn_info);
// &mut would be ideal but events currently need to be `Clone`, and we're OK with
// pushing interior mutability for now. dc is all unstable anyway.
self.publisher
.on_dc_path_created(DcPathCreated { path: &dc_path });
crate::dc::Manager::new(dc_path, dc_version, self.publisher)
} else {
if Config::DcEndpoint::ENABLED {
self.publisher.on_dc_state_changed(DcStateChanged {
state: DcState::NoVersionNegotiated,
});
}
crate::dc::Manager::disabled()
};
self.path_manager
.active_path_mut()
.rtt_estimator
.on_max_ack_delay(max_ack_delay);
let cipher_suite = key.cipher_suite().into_event();
*self.application = Some(Box::new(ApplicationSpace::new(
key,
header_key,
self.now,
stream_manager,
ack_manager,
keep_alive,
datagram_manager,
dc_manager,
)));
self.publisher.on_key_update(event::builder::KeyUpdate {
key_type: event::builder::KeyType::OneRtt { generation: 0 },
cipher_suite,
});
Ok(())
}