// Copyright 2024 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

//go:build go1.21

package quic

import "time"

type pathState struct {
	// Response to a peer's PATH_CHALLENGE.
	// This is not a sentVal, because we don't resend lost PATH_RESPONSE frames.
	// We only track the most recent PATH_CHALLENGE.
	// If the peer sends a second PATH_CHALLENGE before we respond to the first,
	// we'll drop the first response.
	sendPathResponse pathResponseType
	data             pathChallengeData
}

// pathChallengeData is data carried in a PATH_CHALLENGE or PATH_RESPONSE frame.
type pathChallengeData [64 / 8]byte

type pathResponseType uint8

const (
	pathResponseNotNeeded = pathResponseType(iota)
	pathResponseSmall     // send PATH_RESPONSE, do not expand datagram
	pathResponseExpanded  // send PATH_RESPONSE, expand datagram to 1200 bytes
)

func (c *Conn) handlePathChallenge(_ time.Time, dgram *datagram, data pathChallengeData) {
	// A PATH_RESPONSE is sent in a datagram expanded to 1200 bytes,
	// except when this would exceed the anti-amplification limit.
	//
	// Rather than maintaining anti-amplification state for each path
	// we may be sending a PATH_RESPONSE on, follow the following heuristic:
	//
	// If we receive a PATH_CHALLENGE in an expanded datagram,
	// respond with an expanded datagram.
	//
	// If we receive a PATH_CHALLENGE in a non-expanded datagram,
	// then the peer is presumably blocked by its own anti-amplification limit.
	// Respond with a non-expanded datagram. Receiving this PATH_RESPONSE
	// will validate the path to the peer, remove its anti-amplification limit,
	// and permit it to send a followup PATH_CHALLENGE in an expanded datagram.
	// https://www.rfc-editor.org/rfc/rfc9000.html#section-8.2.1
	if len(dgram.b) >= smallestMaxDatagramSize {
		c.path.sendPathResponse = pathResponseExpanded
	} else {
		c.path.sendPathResponse = pathResponseSmall
	}
	c.path.data = data
}

func (c *Conn) handlePathResponse(now time.Time, _ pathChallengeData) {
	// "If the content of a PATH_RESPONSE frame does not match the content of
	// a PATH_CHALLENGE frame previously sent by the endpoint,
	// the endpoint MAY generate a connection error of type PROTOCOL_VIOLATION."
	// https://www.rfc-editor.org/rfc/rfc9000.html#section-19.18-4
	//
	// We never send PATH_CHALLENGE frames.
	c.abort(now, localTransportError{
		code:   errProtocolViolation,
		reason: "PATH_RESPONSE received when no PATH_CHALLENGE sent",
	})
}

// appendPathFrames appends path validation related frames to the current packet.
// If the return value pad is true, then the packet should be padded to 1200 bytes.
func (c *Conn) appendPathFrames() (pad, ok bool) {
	if c.path.sendPathResponse == pathResponseNotNeeded {
		return pad, true
	}
	// We're required to send the PATH_RESPONSE on the path where the
	// PATH_CHALLENGE was received (RFC 9000, Section 8.2.2).
	//
	// At the moment, we don't support path migration and reject packets if
	// the peer changes its source address, so just sending the PATH_RESPONSE
	// in a regular datagram is fine.
	if !c.w.appendPathResponseFrame(c.path.data) {
		return pad, false
	}
	if c.path.sendPathResponse == pathResponseExpanded {
		pad = true
	}
	c.path.sendPathResponse = pathResponseNotNeeded
	return pad, true
}