feat(s2n-quic): expose mtu provider

quic/s2n-quic-core/src/connection/error.rs

@@ -87,6 +87,13 @@ pub enum Error {
         source: &'static panic::Location<'static>,
     },
 
+    /// The connection was closed due to invalid Application provided configuration
+    #[non_exhaustive]
+    InvalidConfiguration {
+        reason: &'static str,
+        source: &'static panic::Location<'static>,
+    },
+
     /// The connection was closed due to an unspecified reason
     #[non_exhaustive]
     Unspecified {
@@ -149,6 +156,10 @@ impl fmt::Display for Error {
             Self::EndpointClosing { .. } => {
                 write!(f, "The connection attempt was rejected because the endpoint is closing")
             }
+            Self::InvalidConfiguration {reason, ..} => write!(
+                f,
+                "The connection was closed due to: {reason}"
+            ),
             Self::Unspecified { .. } => {
                 write!(f, "The connection was closed due to an unspecified reason")
             }
@@ -235,6 +246,7 @@ impl Error {
             Error::MaxHandshakeDurationExceeded { source, .. } => source,
             Error::ImmediateClose { source, .. } => source,
             Error::EndpointClosing { source } => source,
+            Error::InvalidConfiguration { source, .. } => source,
             Error::Unspecified { source } => source,
         }
     }
@@ -339,6 +351,14 @@ impl Error {
         Error::EndpointClosing { source }
     }
 
+    #[inline]
+    #[track_caller]
+    #[doc(hidden)]
+    pub fn invalid_configuration(reason: &'static str) -> Error {
+        let source = panic::Location::caller();
+        Error::InvalidConfiguration { source, reason }
+    }
+
     #[inline]
     #[track_caller]
     #[doc(hidden)]
@@ -440,6 +460,7 @@ pub fn as_frame<'a, F: connection::close::Formatter>(
         Error::MaxHandshakeDurationExceeded { .. } => None,
         Error::ImmediateClose { .. } => None,
         Error::EndpointClosing { .. } => None,
+        Error::InvalidConfiguration { .. } => None,
         Error::Unspecified { .. } => {
             let error =
                 transport::Error::INTERNAL_ERROR.with_reason("an unspecified error occurred");
@@ -518,6 +539,7 @@ impl From<Error> for std::io::ErrorKind {
             Error::MaxHandshakeDurationExceeded { .. } => ErrorKind::TimedOut,
             Error::ImmediateClose { .. } => ErrorKind::Other,
             Error::EndpointClosing { .. } => ErrorKind::Other,
+            Error::InvalidConfiguration { .. } => ErrorKind::Other,
             Error::Unspecified { .. } => ErrorKind::Other,
         }
     }

quic/s2n-quic-core/src/crypto/application/limited.rs

@@ -1,7 +1,7 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-use crate::{crypto::OneRttKey, path::MaxMtu};
+use crate::crypto::OneRttKey;
 
 //= https://www.rfc-editor.org/rfc/rfc9001#section-6.6
 //# Endpoints MUST count the number of encrypted packets for each set of
@@ -21,21 +21,12 @@ pub struct Key<K> {
 pub struct Limits {
     /// The number of packets before the limit at which a key update will be scheduled
     pub key_update_window: u64,
-    /// The number of packets at which the sealer key will be optimized
-    pub sealer_optimization_threshold: u64,
-    /// The number of packets at which the opener key will be optimized
-    pub opener_optimization_threshold: u64,
-    /// The maximum MTU the connection will ever encrypt/decrypt
-    pub max_mtu: MaxMtu,
 }
 
 impl Default for Limits {
     fn default() -> Self {
         Self {
             key_update_window: KEY_UPDATE_WINDOW,
-            sealer_optimization_threshold: 100,
-            opener_optimization_threshold: 100,
-            max_mtu: MaxMtu::default(),
         }
     }
 }
@@ -84,21 +75,13 @@ impl<K: OneRttKey> Key<K> {
     }
 
     #[inline]
-    pub fn on_packet_encryption(&mut self, limits: &Limits) {
+    pub fn on_packet_encryption(&mut self, _limits: &Limits) {
         self.encrypted_packets += 1;
-
-        if self.encrypted_packets == limits.sealer_optimization_threshold {
-            self.key.update_sealer_pmtu(limits.max_mtu.into());
-        }
     }
 
     #[inline]
-    pub fn on_packet_decryption(&mut self, limits: &Limits) {
+    pub fn on_packet_decryption(&mut self, _limits: &Limits) {
         self.decrypted_packets += 1;
-
-        if self.decrypted_packets == limits.opener_optimization_threshold {
-            self.key.update_opener_pmtu(limits.max_mtu.into());
-        }
     }
 
     #[inline]

quic/s2n-quic-core/src/crypto/key.rs

@@ -137,9 +137,6 @@ pub mod testing {
                 fail_on_decrypt: self.fail_on_decrypt,
             }
         }
-
-        fn update_sealer_pmtu(&mut self, _pmtu: u16) {}
-        fn update_opener_pmtu(&mut self, _pmtu: u16) {}
     }
     impl ZeroRttKey for Key {}
     impl RetryKey for Key {

quic/s2n-quic-core/src/crypto/one_rtt.rs

@@ -11,9 +11,6 @@ use crate::crypto::{HeaderKey, Key};
 pub trait OneRttKey: Key {
     #[must_use]
     fn derive_next_key(&self) -> Self;
-
-    fn update_sealer_pmtu(&mut self, pmtu: u16);
-    fn update_opener_pmtu(&mut self, pmtu: u16);
 }
 
 /// Types for which are able to perform 1-RTT header cryptography.

quic/s2n-quic-core/src/crypto/tls/null.rs

@@ -394,16 +394,6 @@ mod key {
         fn derive_next_key(&self) -> Self {
             NoCrypto
         }
-
-        #[inline(always)]
-        fn update_sealer_pmtu(&mut self, _pmtu: u16) {
-            // Do nothing
-        }
-
-        #[inline(always)]
-        fn update_opener_pmtu(&mut self, _pmtu: u16) {
-            // Do nothing
-        }
     }
 
     impl crypto::OneRttHeaderKey for NoCrypto {}

quic/s2n-quic-core/src/event/generated.rs

@@ -86,6 +86,13 @@ pub mod api {
     }
     #[derive(Clone, Debug)]
     #[non_exhaustive]
+    pub struct MtuConfig {
+        pub initial_mtu: u16,
+        pub base_mtu: u16,
+        pub max_mtu: u16,
+    }
+    #[derive(Clone, Debug)]
+    #[non_exhaustive]
     #[doc = " A bandwidth delivery rate estimate with associated metadata"]
     pub struct RateSample {
         #[doc = " The length of the sampling interval"]
@@ -301,6 +308,12 @@ pub mod api {
         #[doc = " The peer sent an invalid Source Connection Id."]
         InvalidSourceConnectionId {},
         #[non_exhaustive]
+        #[doc = " Application provided invalid MTU configuration."]
+        InvalidMtuConfiguration {
+            #[doc = " MTU configuration for the endpoint"]
+            endpoint_mtu_config: MtuConfig,
+        },
+        #[non_exhaustive]
         #[doc = " The Destination Connection Id is unknown and does not map to a Connection."]
         #[doc = ""]
         #[doc = " Connections are mapped to Destination Connections Ids (DCID) and packets"]
@@ -1650,6 +1663,16 @@ pub mod api {
             }
         }
     }
+    impl<'a> IntoEvent<builder::MtuConfig> for &'a crate::path::mtu::Config {
+        #[inline]
+        fn into_event(self) -> builder::MtuConfig {
+            builder::MtuConfig {
+                initial_mtu: self.initial_mtu().into(),
+                base_mtu: self.base_mtu().into(),
+                max_mtu: self.max_mtu().into(),
+            }
+        }
+    }
     impl CipherSuite {
         #[inline]
         pub fn as_str(&self) -> &'static str {
@@ -2654,6 +2677,27 @@ pub mod builder {
         }
     }
     #[derive(Clone, Debug)]
+    pub struct MtuConfig {
+        pub initial_mtu: u16,
+        pub base_mtu: u16,
+        pub max_mtu: u16,
+    }
+    impl IntoEvent<api::MtuConfig> for MtuConfig {
+        #[inline]
+        fn into_event(self) -> api::MtuConfig {
+            let MtuConfig {
+                initial_mtu,
+                base_mtu,
+                max_mtu,
+            } = self;
+            api::MtuConfig {
+                initial_mtu: initial_mtu.into_event(),
+                base_mtu: base_mtu.into_event(),
+                max_mtu: max_mtu.into_event(),
+            }
+        }
+    }
+    #[derive(Clone, Debug)]
     #[doc = " A bandwidth delivery rate estimate with associated metadata"]
     pub struct RateSample {
         #[doc = " The length of the sampling interval"]
@@ -3062,6 +3106,11 @@ pub mod builder {
         InvalidDestinationConnectionId,
         #[doc = " The peer sent an invalid Source Connection Id."]
         InvalidSourceConnectionId,
+        #[doc = " Application provided invalid MTU configuration."]
+        InvalidMtuConfiguration {
+            #[doc = " MTU configuration for the endpoint"]
+            endpoint_mtu_config: MtuConfig,
+        },
         #[doc = " The Destination Connection Id is unknown and does not map to a Connection."]
         #[doc = ""]
         #[doc = " Connections are mapped to Destination Connections Ids (DCID) and packets"]
@@ -3092,6 +3141,11 @@ pub mod builder {
                 Self::UnsupportedVersion => UnsupportedVersion {},
                 Self::InvalidDestinationConnectionId => InvalidDestinationConnectionId {},
                 Self::InvalidSourceConnectionId => InvalidSourceConnectionId {},
+                Self::InvalidMtuConfiguration {
+                    endpoint_mtu_config,
+                } => InvalidMtuConfiguration {
+                    endpoint_mtu_config: endpoint_mtu_config.into_event(),
+                },
                 Self::UnknownDestinationConnectionId => UnknownDestinationConnectionId {},
                 Self::RejectedConnectionAttempt => RejectedConnectionAttempt {},
                 Self::UnknownServerAddress => UnknownServerAddress {},

quic/s2n-quic-core/src/path/mod.rs

@@ -14,7 +14,7 @@ pub mod ecn;
 pub mod migration;
 pub mod mtu;
 
-pub use mtu::*;
+pub use mtu::{BaseMtu, Config, Endpoint, InitialMtu, MaxMtu, MtuError, MINIMUM_MAX_DATAGRAM_SIZE};
 
 // Initial PTO backoff multiplier is 1 indicating no additional increase to the backoff.
 pub const INITIAL_PTO_BACKOFF: u32 = 1;