quiche: update tar and implement EnvoyQuicProofSource#11316
Conversation
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
danzh2010
changed the title
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
|
@danzh1989 is it possible to split the tar update and the implementation part into distinct PRs? |
wu-bin
left a comment
wu-bin
left a comment
There was a problem hiding this comment.
Thanks Dan, this looks good overall. It seems presubmit is failing, can you take a look at it?
| // in QUICHE, and we are working on the fix. Once QUICHE is fixed of expecting this behavior, we | ||
| // no longer need to round up the duration. | ||
| timer_->enableHRTimer(std::chrono::microseconds( | ||
| (duration < quic::QuicTime::Delta::FromMicroseconds(1)) ? 1 : duration.ToMicroseconds())); |
There was a problem hiding this comment.
nit: How about std::max(1, duration.ToMicroseconds());
There was a problem hiding this comment.
Doesn't show up - did you miss an upload?
Also cc @antoniovicente for if there's a better way to do this, or if it requires your libevent workarounds
There was a problem hiding this comment.
Please add a TODO(antoniovicente) here. I'm looking into some improvements here.
There was a problem hiding this comment.
sorry, updated with Bin's suggestion now.
Added TODO for Antonio, assuming it would be improvement with the timer impl.
| namespace Envoy { | ||
| namespace Quic { | ||
|
|
||
| class EnvoyQuicProofSource : public EnvoyQuicFakeProofSource, |
There was a problem hiding this comment.
In that case, please address the TODOs and renames as soon as this PR lands.
| return quic::QuicReferenceCountedPointer<quic::ProofSource::Chain>( | ||
| new quic::ProofSource::Chain({})); |
There was a problem hiding this comment.
What's the difference between returning a nullptr and returning a non-nullptr but the chain is empty? Does caller need to handle them differently?
There was a problem hiding this comment.
Yes, AFAIK reject reason differs in these two cases.
Signed-off-by: Dan Zhang <danzh@google.com>
Fixed those clang-tidy error. PTAL |
Signed-off-by: Dan Zhang <danzh@google.com>
|
coverage CI failed with error: Code coverage for extension source/extensions/transport_sockets/tls is lower than limit of 94.5 (94.4) This PR didn't touch any files under tls directory. |
|
@alyssawilk Can you take a look now? |
alyssawilk
left a comment
alyssawilk
left a comment
There was a problem hiding this comment.
Wohoo, getting there!
| // [#protodoc-title: quic transport] | ||
| // [#extension: envoy.transport_sockets.quic] | ||
|
|
||
| // Configuration for QUIC transport socket. This provides Google's QUIC implementation to Envoy. |
There was a problem hiding this comment.
for QUIC -> for Downstream QUIC (and upstream below)
"This provides" doesn't seem quite right. Also is this just for Google-QUIC or also used for IETF-QUIC, just Google's implementation?
There was a problem hiding this comment.
I should say Google's GQuic and IQuic implementation.
| // in QUICHE, and we are working on the fix. Once QUICHE is fixed of expecting this behavior, we | ||
| // no longer need to round up the duration. | ||
| timer_->enableHRTimer(std::chrono::microseconds( | ||
| (duration < quic::QuicTime::Delta::FromMicroseconds(1)) ? 1 : duration.ToMicroseconds())); |
There was a problem hiding this comment.
Doesn't show up - did you miss an upload?
Also cc @antoniovicente for if there's a better way to do this, or if it requires your libevent workarounds
| namespace Envoy { | ||
| namespace Quic { | ||
|
|
||
| class EnvoyQuicProofSource : public EnvoyQuicFakeProofSource, |
| testing::ValuesIn({true, false})); | ||
|
|
||
| TEST_P(EnvoyQuicServerStreamTest, GetRequestAndResponse) { | ||
| quic::SetVerbosityLogThreshold(1); |
There was a problem hiding this comment.
Was this for your debugging or is there value in leaving it in? If so maybe comment?
ditto for uses below.
| namespace Envoy { | ||
| namespace Quic { | ||
|
|
||
| std::vector<std::pair<Network::Address::IpVersion, bool>> generateTestParam() { |
There was a problem hiding this comment.
Is this the same in all three places? If so consider a utility
There was a problem hiding this comment.
moved into test utils
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
alyssawilk
left a comment
alyssawilk
left a comment
There was a problem hiding this comment.
@mattklein123 / @htuch needs another API stamp
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
Awesome to see progress here! I found one typo but feel free to fix that in your next change.
| #include "envoy/extensions/transport_sockets/tls/v3/cert.pb.h" | ||
| #include "envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.h" | ||
|
|
||
| // #include "envoy/extensions/transport_sockets/tls/v3/tls.pb.validate.h" |
|
This commit has broken Windows compilation due to upstream quiche. bazel-out/x64_windows-opt/bin/external/com_googlesource_quiche/quiche/quic/core/crypto/certificate_view.cc(140): error C7555: use of designated initializers requires at least '/std:c++latest' See https://developercommunity.visualstudio.com/idea/518768/c-designated-initializers.html and expand comments. Until we are able to build against bleed (stdc++20), meaning all stdc++17 changes have been adopted, this patch is a nonstarter. Can this be reverted and tabled until envoy is at least at stdc++17, or until addressed upstream using stdc++? |
It can be easily fixed in upstream. But we might easily run into same problem again in the future. |
|
Please try to get an upstream fix in quiche done ASAP. Reverting the PR
may still make sense to get back to a stable state.
We may want to enable one of these clang warning modes to prevent future
breakage:
-Wc99-designator
-Wc99-extensions
-Wc++20-designator (may require clang 10)
-Wc++20-extensions (may require clang 10)
…On Thu, Jun 11, 2020 at 10:33 AM danzh ***@***.***> wrote:
This commit has broken Windows compilation due to upstream quiche.
bazel-out/x64_windows-opt/bin/external/com_googlesource_quiche/quiche/quic/core/crypto/certificate_view.cc(140):
error C7555: use of designated initializers requires at least
'/std:c++latest'
See
https://developercommunity.visualstudio.com/idea/518768/c-designated-initializers.html
and expand comments.
Until we are able to build against bleed (stdc++20), meaning all stdc++17
changes have been adopted, this patch is a nonstarter. Can this be reverted
and tabled until envoy is at least at stdc++17, or until addressed upstream
using stdc++?
It can be easily fixed in upstream. But we might easily run into same
problem again in the future.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#11316 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AGZ33CNYPMK5Z6AVVTF66F3RWDTKFANCNFSM4NJ7MHGQ>
.
|
Fix is in #11562 |
Signed-off-by: Dan Zhang <danzh@google.com> Signed-off-by: yashwant121 <yadavyashwant36@gmail.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com> Signed-off-by: yashwant121 <yadavyashwant36@gmail.com>
8 participants
Update QUICHE tar to 25da9198727ef05edeb99d9f4ce5b6acb3cb87b5 which turn on IETF QUIC by default.
Add QuicDownstream/UpstreamTransport protobuf to wrap tls.v3.Downstream/UpstreamTlsContext to distinguish QuicServer/ClientTransportSocketConfigFactory from Downstream/UpstreamSslSocketFactory by typed_config. And change configs in unit and integration tests accordingly. This is needed to retrieve filter chain correctly based on typed_config. Previously integration tests has been creating the wrong TransportSocketFactory which wasn't in use.
Fix quic_http_integration_test to work with IETF QUIC:
Fix unit tests for ActiveQuicListener and EnvoyQuicDispatcher to work with IETF QUIC:
Risk Level: low, not in use
Testing: modify EnvoyQuicFakeProofSourceTest to test EnvoyQuicProofSource
Fixes #10767 #10422