[mobile] Allow Cronvoy to configure QUIC port migration (envoyproxy#3…

…2890) Signed-off-by: Renjie Tang <[email protected]>
zhxie · Mar 13, 2024 · 9c37937 · 9c37937
1 parent b1808bb
commit 9c37937
Show file tree

Hide file tree

Showing 7 changed files with 45 additions and 14 deletions.
diff --git a/mobile/library/java/io/envoyproxy/envoymobile/engine/EnvoyConfiguration.java b/mobile/library/java/io/envoyproxy/envoymobile/engine/EnvoyConfiguration.java
@@ -42,6 +42,7 @@ public enum TrustChainVerification {
   public final List<String> quicCanonicalSuffixes;
   public final Boolean enableGzipDecompression;
   public final Boolean enableBrotliDecompression;
+  public final Boolean enablePortMigration;
   public final Boolean enableSocketTagging;
   public final Boolean enableInterfaceBinding;
   public final Integer h2ConnectionKeepaliveIdleIntervalMilliseconds;
@@ -110,6 +111,7 @@ public enum TrustChainVerification {
    *     decompression.
    * @param enableBrotliDecompression                     whether to enable response brotli
    *     decompression.
+   * @param enablePortMigration                           whether to enable quic port migration.
    * @param enableSocketTagging                           whether to enable socket tagging.
    * @param enableInterfaceBinding                        whether to allow interface binding.
    * @param h2ConnectionKeepaliveIdleIntervalMilliseconds rate in milliseconds seconds to send h2
@@ -157,7 +159,7 @@ public EnvoyConfiguration(
       boolean enableDrainPostDnsRefresh, boolean enableHttp3, String http3ConnectionOptions,
       String http3ClientConnectionOptions, Map<String, Integer> quicHints,
       List<String> quicCanonicalSuffixes, boolean enableGzipDecompression,
-      boolean enableBrotliDecompression, boolean enableSocketTagging,
+      boolean enableBrotliDecompression, boolean enablePortMigration, boolean enableSocketTagging,
       boolean enableInterfaceBinding, int h2ConnectionKeepaliveIdleIntervalMilliseconds,
       int h2ConnectionKeepaliveTimeoutSeconds, int maxConnectionsPerHost,
       int streamIdleTimeoutSeconds, int perTryIdleTimeoutSeconds, String appVersion, String appId,
@@ -192,6 +194,7 @@ public EnvoyConfiguration(
     this.quicCanonicalSuffixes = quicCanonicalSuffixes;
     this.enableGzipDecompression = enableGzipDecompression;
     this.enableBrotliDecompression = enableBrotliDecompression;
+    this.enablePortMigration = enablePortMigration;
     this.enableSocketTagging = enableSocketTagging;
     this.enableInterfaceBinding = enableInterfaceBinding;
     this.h2ConnectionKeepaliveIdleIntervalMilliseconds =
@@ -258,8 +261,8 @@ public long createBootstrap() {
         dnsFailureRefreshSecondsMax, dnsQueryTimeoutSeconds, dnsMinRefreshSeconds, dnsPreresolve,
         enableDNSCache, dnsCacheSaveIntervalSeconds, enableDrainPostDnsRefresh, enableHttp3,
         http3ConnectionOptions, http3ClientConnectionOptions, quicHints, quicSuffixes,
-        enableGzipDecompression, enableBrotliDecompression, enableSocketTagging,
-        enableInterfaceBinding, h2ConnectionKeepaliveIdleIntervalMilliseconds,
+        enableGzipDecompression, enableBrotliDecompression, enablePortMigration,
+        enableSocketTagging, enableInterfaceBinding, h2ConnectionKeepaliveIdleIntervalMilliseconds,
         h2ConnectionKeepaliveTimeoutSeconds, maxConnectionsPerHost, streamIdleTimeoutSeconds,
         perTryIdleTimeoutSeconds, appVersion, appId, enforceTrustChainVerification, filterChain,
         enablePlatformCertificatesValidation, runtimeGuards, rtdsResourceName, rtdsTimeoutSeconds,

diff --git a/mobile/library/java/io/envoyproxy/envoymobile/engine/JniLibrary.java b/mobile/library/java/io/envoyproxy/envoymobile/engine/JniLibrary.java
@@ -301,7 +301,7 @@ public static native long createBootstrap(
       boolean enableDrainPostDnsRefresh, boolean enableHttp3, String http3ConnectionOptions,
       String http3ClientConnectionOptions, byte[][] quicHints, byte[][] quicCanonicalSuffixes,
       boolean enableGzipDecompression, boolean enableBrotliDecompression,
-      boolean enableSocketTagging, boolean enableInterfaceBinding,
+      boolean enablePortMigration, boolean enableSocketTagging, boolean enableInterfaceBinding,
       long h2ConnectionKeepaliveIdleIntervalMilliseconds, long h2ConnectionKeepaliveTimeoutSeconds,
       long maxConnectionsPerHost, long streamIdleTimeoutSeconds, long perTryIdleTimeoutSeconds,
       String appVersion, String appId, boolean trustChainVerification, byte[][] filterChain,

diff --git a/mobile/library/java/org/chromium/net/impl/CronvoyEngineBuilderImpl.java b/mobile/library/java/org/chromium/net/impl/CronvoyEngineBuilderImpl.java
@@ -62,6 +62,7 @@ final static class Pkp {
   private String mQuicClientConnectionOptions = "";
   private boolean mHttp2Enabled;
   private boolean mBrotiEnabled;
+  private boolean mPortMigrationEnabled;
   private boolean mDisableCache;
   private int mHttpCacheMode;
   private long mHttpCacheMaxSize;
@@ -239,6 +240,13 @@ public CronvoyEngineBuilderImpl addQuicCanonicalSuffix(String suffix) {
 
   List<String> quicCanonicalSuffixes() { return mQuicCanonicalSuffixes; }
 
+  public CronvoyEngineBuilderImpl enablePortMigration(boolean enablePortMigration) {
+    mPortMigrationEnabled = enablePortMigration;
+    return this;
+  }
+
+  boolean portMigrationEnabled() { return mPortMigrationEnabled; }
+
   @Override
   public CronvoyEngineBuilderImpl addPublicKeyPins(String hostName, Set<byte[]> pinsSha256,
                                                    boolean includeSubdomains, Date expirationDate) {

diff --git a/mobile/library/java/org/chromium/net/impl/NativeCronvoyEngineBuilderImpl.java b/mobile/library/java/org/chromium/net/impl/NativeCronvoyEngineBuilderImpl.java
@@ -136,11 +136,12 @@ private EnvoyConfiguration createEnvoyConfiguration() {
         mDnsPreresolveHostnames, mEnableDNSCache, mDnsCacheSaveIntervalSeconds,
         mEnableDrainPostDnsRefresh, quicEnabled(), quicConnectionOptions(),
         quicClientConnectionOptions(), quicHints(), quicCanonicalSuffixes(),
-        mEnableGzipDecompression, brotliEnabled(), mEnableSocketTag, mEnableInterfaceBinding,
-        mH2ConnectionKeepaliveIdleIntervalMilliseconds, mH2ConnectionKeepaliveTimeoutSeconds,
-        mMaxConnectionsPerHost, mStreamIdleTimeoutSeconds, mPerTryIdleTimeoutSeconds, mAppVersion,
-        mAppId, mTrustChainVerification, nativeFilterChain, platformFilterChain, stringAccessors,
-        keyValueStores, runtimeGuards, mEnablePlatformCertificatesValidation,
+        mEnableGzipDecompression, brotliEnabled(), portMigrationEnabled(), mEnableSocketTag,
+        mEnableInterfaceBinding, mH2ConnectionKeepaliveIdleIntervalMilliseconds,
+        mH2ConnectionKeepaliveTimeoutSeconds, mMaxConnectionsPerHost, mStreamIdleTimeoutSeconds,
+        mPerTryIdleTimeoutSeconds, mAppVersion, mAppId, mTrustChainVerification, nativeFilterChain,
+        platformFilterChain, stringAccessors, keyValueStores, runtimeGuards,
+        mEnablePlatformCertificatesValidation,
         /*rtdsResourceName=*/"", /*rtdsTimeoutSeconds=*/0, /*xdsAddress=*/"",
         /*xdsPort=*/0, /*xdsGrpcInitialMetadata=*/Collections.emptyMap(),
         /*xdsSslRootCerts=*/"", mNodeId, mNodeRegion, mNodeZone, mNodeSubZone,

diff --git a/mobile/library/jni/jni_impl.cc b/mobile/library/jni/jni_impl.cc
@@ -1173,7 +1173,8 @@ void configureBuilder(Envoy::JNI::JniHelper& jni_helper, jlong connect_timeout_s
                       jstring http3_connection_options, jstring http3_client_connection_options,
                       jobjectArray quic_hints, jobjectArray quic_canonical_suffixes,
                       jboolean enable_gzip_decompression, jboolean enable_brotli_decompression,
-                      jboolean enable_socket_tagging, jboolean enable_interface_binding,
+                      jboolean enable_port_migration, jboolean enable_socket_tagging,
+                      jboolean enable_interface_binding,
                       jlong h2_connection_keepalive_idle_interval_milliseconds,
                       jlong h2_connection_keepalive_timeout_seconds, jlong max_connections_per_host,
                       jlong stream_idle_timeout_seconds, jlong per_try_idle_timeout_seconds,
@@ -1218,6 +1219,7 @@ void configureBuilder(Envoy::JNI::JniHelper& jni_helper, jlong connect_timeout_s
   for (const std::string& suffix : suffixes) {
     builder.addQuicCanonicalSuffix(suffix);
   }
+  builder.enablePortMigration(enable_port_migration);
 
 #endif
   builder.enableInterfaceBinding(enable_interface_binding == JNI_TRUE);
@@ -1268,8 +1270,9 @@ extern "C" JNIEXPORT jlong JNICALL Java_io_envoyproxy_envoymobile_engine_JniLibr
     jboolean enable_http3, jstring http3_connection_options,
     jstring http3_client_connection_options, jobjectArray quic_hints,
     jobjectArray quic_canonical_suffixes, jboolean enable_gzip_decompression,
-    jboolean enable_brotli_decompression, jboolean enable_socket_tagging,
-    jboolean enable_interface_binding, jlong h2_connection_keepalive_idle_interval_milliseconds,
+    jboolean enable_brotli_decompression, jboolean enable_port_migration,
+    jboolean enable_socket_tagging, jboolean enable_interface_binding,
+    jlong h2_connection_keepalive_idle_interval_milliseconds,
     jlong h2_connection_keepalive_timeout_seconds, jlong max_connections_per_host,
     jlong stream_idle_timeout_seconds, jlong per_try_idle_timeout_seconds, jstring app_version,
     jstring app_id, jboolean trust_chain_verification, jobjectArray filter_chain,
@@ -1288,8 +1291,8 @@ extern "C" JNIEXPORT jlong JNICALL Java_io_envoyproxy_envoymobile_engine_JniLibr
                    enable_dns_cache, dns_cache_save_interval_seconds, enable_drain_post_dns_refresh,
                    enable_http3, http3_connection_options, http3_client_connection_options,
                    quic_hints, quic_canonical_suffixes, enable_gzip_decompression,
-                   enable_brotli_decompression, enable_socket_tagging, enable_interface_binding,
-                   h2_connection_keepalive_idle_interval_milliseconds,
+                   enable_brotli_decompression, enable_port_migration, enable_socket_tagging,
+                   enable_interface_binding, h2_connection_keepalive_idle_interval_milliseconds,
                    h2_connection_keepalive_timeout_seconds, max_connections_per_host,
                    stream_idle_timeout_seconds, per_try_idle_timeout_seconds, app_version, app_id,
                    trust_chain_verification, filter_chain, enable_platform_certificates_validation,

diff --git a/mobile/library/kotlin/io/envoyproxy/envoymobile/EngineBuilder.kt b/mobile/library/kotlin/io/envoyproxy/envoymobile/EngineBuilder.kt
@@ -159,6 +159,7 @@ open class EngineBuilder(private val configuration: BaseConfiguration = Standard
   private var quicCanonicalSuffixes = mutableListOf<String>()
   private var enableGzipDecompression = true
   private var enableBrotliDecompression = false
+  private var enablePortMigration = false
   private var enableSocketTagging = false
   private var enableInterfaceBinding = false
   private var h2ConnectionKeepaliveIdleIntervalMilliseconds = 1
@@ -323,6 +324,17 @@ open class EngineBuilder(private val configuration: BaseConfiguration = Standard
     return this
   }
 
+  /**
+   * Specify whether to do quic port migration or not. Defaults to false.
+   *
+   * @param enablePortMigration whether or not to allow quic port migration.
+   * @return This builder.
+   */
+  fun enablePortMigration(enablePortMigration: Boolean): EngineBuilder {
+    this.enablePortMigration = enablePortMigration
+    return this
+  }
+
   /**
    * Specify whether to support socket tagging or not. Defaults to false.
    *
@@ -655,6 +667,7 @@ open class EngineBuilder(private val configuration: BaseConfiguration = Standard
         quicCanonicalSuffixes,
         enableGzipDecompression,
         enableBrotliDecompression,
+        enablePortMigration,
         enableSocketTagging,
         enableInterfaceBinding,
         h2ConnectionKeepaliveIdleIntervalMilliseconds,

diff --git a/mobile/test/java/io/envoyproxy/envoymobile/engine/EnvoyConfigurationTest.kt b/mobile/test/java/io/envoyproxy/envoymobile/engine/EnvoyConfigurationTest.kt
@@ -83,6 +83,7 @@ class EnvoyConfigurationTest {
     quicCanonicalSuffixes: MutableList<String> = mutableListOf(".opq.com", ".xyz.com"),
     enableGzipDecompression: Boolean = true,
     enableBrotliDecompression: Boolean = false,
+    enablePortMigration: Boolean = true,
     enableSocketTagging: Boolean = false,
     enableInterfaceBinding: Boolean = false,
     h2ConnectionKeepaliveIdleIntervalMilliseconds: Int = 222,
@@ -131,6 +132,7 @@ class EnvoyConfigurationTest {
       quicCanonicalSuffixes,
       enableGzipDecompression,
       enableBrotliDecompression,
+      enablePortMigration,
       enableSocketTagging,
       enableInterfaceBinding,
       h2ConnectionKeepaliveIdleIntervalMilliseconds,
@@ -205,6 +207,7 @@ class EnvoyConfigurationTest {
     assertThat(resolvedTemplate).contains(".xyz.com")
     assertThat(resolvedTemplate).contains("connection_options: 5RTO")
     assertThat(resolvedTemplate).contains("client_connection_options: MPQC")
+    assertThat(resolvedTemplate).contains("num_timeouts_to_trigger_port_migration: 4")
 
     // Per Host Limits
     assertThat(resolvedTemplate).contains("max_connections: 543")