TODO

Cargo.toml

@@ -25,7 +25,7 @@ crc = "3"
 directories-next = "2"
 futures-io = "0.3.19"
 getrandom = { version = "0.2", default-features = false }
-fastbloom = "0.7"
+fastbloom = "0.8"
 hdrhistogram = { version = "7.2", default-features = false }
 hex-literal = "0.4"
 lazy_static = "1"

quinn-proto/src/bloom_token_log.rs

@@ -1,10 +1,10 @@
+use crate::{Duration, SystemTime, UNIX_EPOCH};
 use std::{
     collections::HashSet,
     f64::consts::LN_2,
     hash::{BuildHasher, Hasher},
     mem::{size_of, swap},
     sync::Mutex,
-    time::{Duration, SystemTime, UNIX_EPOCH},
 };
 
 use fastbloom::BloomFilter;

quinn-proto/src/config.rs

@@ -842,15 +842,14 @@ const DEFAULT_VALIDATION_TOKEN_LIFETIME_SECS: u64 = 2 * 7 * 24 * 60 * 60;
 
 impl ServerConfig {
     /// Create a default config with a particular handshake token key
-    ///
-    /// Setting `validation_token_log` to `None` makes the server ignore all address validation
-    /// tokens (that is, tokens originating from NEW_TOKEN frames--retry tokens may still be
-    /// accepted).
     pub fn new(
         crypto: Arc<dyn crypto::ServerConfig>,
         token_key: Arc<dyn HandshakeTokenKey>,
-        validation_token_log: Option<Arc<dyn TokenLog>>,
     ) -> Self {
+        #[cfg(feature = "fastbloom")]
+        let validation_token_log = Some(Arc::new(BloomTokenLog::default()) as _);
+        #[cfg(not(feature = "fastbloom"))]
+        let validation_token_log = None;
         Self {
             transport: Arc::new(TransportConfig::default()),
             crypto,
@@ -894,17 +893,29 @@ impl ServerConfig {
 
     /// Duration after an address validation token was issued for which it's considered valid
     ///
-    /// This refers only to tokens sent in NEW_TOKEN frames, in contrast to stateless retry tokens.
+    /// This refers only to tokens sent in NEW_TOKEN frames, in contrast to retry tokens.
     ///
     /// Defaults to 2 weeks.
     pub fn validation_token_lifetime(&mut self, value: Duration) -> &mut Self {
         self.validation_token_lifetime = value;
         self
     }
 
+    /// Set a custom [`TokenLog`]
+    ///
+    /// Setting this to `None` makes the server ignore all address validation tokens (that is,
+    /// tokens originating from NEW_TOKEN frames--retry tokens may still be accepted).
+    ///
+    /// Defaults to a default [`BloomTokenLog`], unless the `fastbloom` default feature is
+    /// disabled, in which case this defaults to `None`.
+    pub fn validation_token_log(&mut self, log: Option<Arc<dyn TokenLog>>) -> &mut Self {
+        self.validation_token_log = log;
+        self
+    }
+
     /// Number of address validation tokens sent to a client when its path is validated
     ///
-    /// This refers only to tokens sent in NEW_TOKEN frames, in contrast to stateless retry tokens.
+    /// This refers only to tokens sent in NEW_TOKEN frames, in contrast to retry tokens.
     ///
     /// Defaults to 2.
     pub fn validation_tokens_sent(&mut self, value: u32) -> &mut Self {
@@ -1005,8 +1016,9 @@ impl ServerConfig {
 impl ServerConfig {
     /// Create a server config with the given [`crypto::ServerConfig`]
     ///
-    /// Uses a randomized handshake token key and a default `BloomTokenLog`, unless the `fastbloom`
-    /// default feature is disabled, in which case sets the `TokenLog` to `None`.
+    /// Uses a randomized handshake token key and a default [`BloomTokenLog`], unless the
+    /// `fastbloom` default feature is disabled, in which case sets `validation_token_log` to
+    /// `None`.
     pub fn with_crypto(crypto: Arc<dyn crypto::ServerConfig>) -> Self {
         #[cfg(all(feature = "aws-lc-rs", not(feature = "ring")))]
         use aws_lc_rs::hkdf;
@@ -1019,12 +1031,7 @@ impl ServerConfig {
         rng.fill_bytes(&mut master_key);
         let master_key = hkdf::Salt::new(hkdf::HKDF_SHA256, &[]).extract(&master_key);
 
-        #[cfg(feature = "fastbloom")]
-        let token_log = Some(Arc::new(BloomTokenLog::default()) as _);
-        #[cfg(not(feature = "fastbloom"))]
-        let token_log = None;
-
-        Self::new(crypto, Arc::new(master_key), token_log)
+        Self::new(crypto, Arc::new(master_key))
     }
 }
 

quinn-proto/src/connection/mod.rs

@@ -5,7 +5,6 @@ use std::{
     fmt, io, mem,
     net::{IpAddr, SocketAddr},
     sync::Arc,
-    time::SystemTime,
 };
 
 use bytes::{Bytes, BytesMut};
@@ -32,9 +31,9 @@ use crate::{
     },
     token::{ResetToken, Token, TokenInner},
     transport_parameters::TransportParameters,
-    Dir, Duration, EndpointConfig, Frame, Instant, Side, StreamId, Transmit, TransportError,
-    TransportErrorCode, ValidationTokenStore, VarInt, INITIAL_MTU, MAX_CID_SIZE, MAX_STREAM_COUNT,
-    MIN_INITIAL_SIZE, TIMER_GRANULARITY,
+    Dir, Duration, EndpointConfig, Frame, Instant, Side, StreamId, SystemTime, Transmit,
+    TransportError, TransportErrorCode, ValidationTokenStore, VarInt, INITIAL_MTU, MAX_CID_SIZE,
+    MAX_STREAM_COUNT, MIN_INITIAL_SIZE, TIMER_GRANULARITY,
 };
 
 mod ack_frequency;

quinn-proto/src/token.rs

@@ -1,5 +1,6 @@
 use std::{
     fmt, io,
+    mem::size_of,
     net::{IpAddr, SocketAddr},
 };
 

quinn-proto/src/token_log.rs

@@ -1,6 +1,6 @@
 //! Limiting clients' ability to reuse tokens from NEW_TOKEN frames
 
-use std::time::{Duration, SystemTime};
+use crate::{Duration, SystemTime};
 
 /// Error for when a validation token may have been reused
 pub struct TokenReuseError;

quinn-proto/src/validation_token_store.rs

@@ -25,7 +25,7 @@ pub trait ValidationTokenStore: Send + Sync {
     fn take(&self, server_name: &str) -> Option<Bytes>;
 }
 
-/// `ValidationTokenMemoryCache` implementation that stores up to `N` tokens per server name for up
+/// `ValidationTokenStore` implementation that stores up to `N` tokens per server name for up
 /// to a limited number of server names, in-memory
 pub struct ValidationTokenMemoryCache<const N: usize>(Mutex<State<N>>);