feat: applying maxIdleTimeout constraints for keep-alive and start timeout

[ci skip]

Author: tegefaulkes

src/QUICConnection.ts

@@ -264,6 +264,12 @@ class QUICConnection extends EventTarget {
         },
     @context ctx: ContextTimed,
   ): Promise<QUICConnection> {
+    const timeoutTime = ctx.timer.getTimeout();
+    if (timeoutTime !== Infinity && timeoutTime >= args.config.maxIdleTimeout) {
+      throw new errors.ErrorQUICConnectionInvalidConfig(
+        'connection timeout timer must be strictly less than maxIdleTimeout',
+      );
+    }
     ctx.signal.throwIfAborted();
     const abortProm = promise<never>();
     const abortHandler = () => {
@@ -292,7 +298,7 @@ class QUICConnection extends EventTarget {
     } finally {
       ctx.signal.removeEventListener('abort', abortHandler);
     }
-    connection.logger.warn('secured');
+    connection.logger.debug('secureEstablishedP');
     // After this is done
     // We need to establish the keep alive interval time
     if (connection.config.keepAliveIntervalTime != null) {
@@ -342,6 +348,16 @@ class QUICConnection extends EventTarget {
       }) {
     super();
     this.logger = logger ?? new Logger(`${this.constructor.name} ${scid}`);
+    // Checking constraints
+    if (
+      config.keepAliveIntervalTime != null &&
+      config.keepAliveIntervalTime >= config.maxIdleTimeout
+    ) {
+      throw new errors.ErrorQUICConnectionInvalidConfig(
+        'keepAliveIntervalTime must be shorter than maxIdleTimeout',
+      );
+    }
+
     const quicheConfig = buildQuicheConfig(config);
     let conn: Connection;
     if (type === 'client') {
@@ -862,13 +878,13 @@ class QUICConnection extends EventTarget {
           );
           try {
             if (this.verifyCallback != null) this.verifyCallback(peerCertsPem);
-            this.logger.warn('TLS verification succeeded');
+            this.logger.debug('TLS verification succeeded');
             this.conn.sendAckEliciting();
           } catch (e) {
             // Force the connection to end.
             // Error 304 indicates cert chain failed verification.
             // Error 372 indicates cert chain was missing.
-            this.logger.warn(
+            this.logger.debug(
               `TLS fail due to [${e.message}], closing connection`,
             );
             this.conn.close(

src/errors.ts

@@ -112,6 +112,10 @@ class ErrorQUICConnectionInternal<T> extends ErrorQUICConnection<T> {
   } & POJO;
 }
 
+class ErrorQUICConnectionInvalidConfig<T> extends ErrorQUICConnection<T> {
+  static description = 'QUIC connection invalid configuration';
+}
+
 class ErrorQUICStream<T> extends ErrorQUIC<T> {
   static description = 'QUIC Stream error';
 }
@@ -163,6 +167,7 @@ export {
   ErrorQUICConnectionStartTimeOut,
   ErrorQUICConnectionIdleTimeOut,
   ErrorQUICConnectionInternal,
+  ErrorQUICConnectionInvalidConfig,
   ErrorQUICStream,
   ErrorQUICStreamDestroyed,
   ErrorQUICStreamLocked,

tests/QUICClient.test.ts

@@ -207,6 +207,58 @@ describe(QUICClient.name, () => {
         }),
       ).rejects.toThrow(errors.ErrorQUICConnectionStartTimeOut);
     });
+    test('intervalTimeoutTime must be less than maxIdleTimeout', async () => {
+      // Larger keepAliveIntervalTime throws
+      await expect(
+        QUICClient.createQUICClient({
+          host: localhost,
+          port: 56666 as Port,
+          localHost: localhost,
+          crypto: {
+            ops: clientCrypto,
+          },
+          logger: logger.getChild(QUICClient.name),
+          config: {
+            maxIdleTimeout: 200,
+            keepAliveIntervalTime: 1000,
+            verifyPeer: false,
+          },
+        }),
+      ).rejects.toThrow(errors.ErrorQUICConnectionInvalidConfig);
+      // Smaller keepAliveIntervalTime doesn't cause a problem
+      await expect(
+        QUICClient.createQUICClient({
+          host: localhost,
+          port: 56666 as Port,
+          localHost: localhost,
+          crypto: {
+            ops: clientCrypto,
+          },
+          logger: logger.getChild(QUICClient.name),
+          config: {
+            maxIdleTimeout: 200,
+            keepAliveIntervalTime: 100,
+            verifyPeer: false,
+          },
+        }),
+      ).rejects.not.toThrow(errors.ErrorQUICConnectionInvalidConfig);
+      // Not setting an interval doesn't cause a problem either
+      await expect(
+        QUICClient.createQUICClient({
+          host: localhost,
+          port: 56666 as Port,
+          localHost: localhost,
+          crypto: {
+            ops: clientCrypto,
+          },
+          logger: logger.getChild(QUICClient.name),
+          config: {
+            maxIdleTimeout: 200,
+            verifyPeer: false,
+          },
+        }),
+      ).rejects.not.toThrow(errors.ErrorQUICConnectionInvalidConfig);
+    });
     test('client times out with ctx timer while starting', async () => {
       // QUICClient repeatedly dials until the connection timeout
       await expect(
@@ -229,6 +281,62 @@ describe(QUICClient.name, () => {
         ),
       ).rejects.toThrow(errors.ErrorQUICClientCreateTimeOut);
     });
+    test('ctx timer must be less than maxIdleTimeout', async () => {
+      // Larger timer throws
+      await expect(
+        QUICClient.createQUICClient(
+          {
+            host: localhost,
+            port: 56666 as Port,
+            localHost: localhost,
+            crypto: {
+              ops: clientCrypto,
+            },
+            logger: logger.getChild(QUICClient.name),
+            config: {
+              maxIdleTimeout: 200,
+              verifyPeer: false,
+            },
+          },
+          { timer: new Timer({ delay: 1000 }) },
+        ),
+      ).rejects.toThrow(errors.ErrorQUICConnectionInvalidConfig);
+      // Smaller keepAliveIntervalTime doesn't cause a problem
+      await expect(
+        QUICClient.createQUICClient(
+          {
+            host: localhost,
+            port: 56666 as Port,
+            localHost: localhost,
+            crypto: {
+              ops: clientCrypto,
+            },
+            logger: logger.getChild(QUICClient.name),
+            config: {
+              maxIdleTimeout: 200,
+              verifyPeer: false,
+            },
+          },
+          { timer: new Timer({ delay: 100 }) },
+        ),
+      ).rejects.not.toThrow(errors.ErrorQUICConnectionInvalidConfig);
+      // Not setting an interval doesn't cause a problem either
+      await expect(
+        QUICClient.createQUICClient({
+          host: localhost,
+          port: 56666 as Port,
+          localHost: localhost,
+          crypto: {
+            ops: clientCrypto,
+          },
+          logger: logger.getChild(QUICClient.name),
+          config: {
+            maxIdleTimeout: 200,
+            verifyPeer: false,
+          },
+        }),
+      ).rejects.not.toThrow(errors.ErrorQUICConnectionInvalidConfig);
+    });
     test('client times out with ctx signal while starting', async () => {
       // QUICClient repeatedly dials until the connection timeout
       const abortController = new AbortController();