Introduce struct ngtcp2_stateless_reset_token by tatsuhiro-t · Pull Request #2035 · ngtcp2/ngtcp2

tatsuhiro-t · 2026-03-01T01:35:47Z

This commit introduces ngtcp2_stateless_reset_token that stores stateless reset token as the name suggests. Previously, we use bare uint8_t[NGTCP2_STATELESS_RESET_TOKENLEN] for this purpose, then pass the array pointer to functions, assuming that it has the capacity of NGTCP2_STATELESS_RESET_TOKENLEN bytes. With
ngtcp2_stateless_reset_token, the length is always explicit because of the embedded array. It also make the copy a bit easier without memcpy.

This commit deprecates ngtcp2_pkt_stateless_reset, and adds ngtcp2_pkt_stateless_reset2 as a replacement.

It also deprecates the following callbacks:

ngtcp2_recv_stateless_reset
ngtcp2_get_new_connection_id
ngtcp2_connection_id_status

and, adds the following callbacks as their replacements:

ngtcp2_recv_stateless_reset2
ngtcp2_get_new_connection_id2
ngtcp2_connection_id_status2

gemini-code-assist · 2026-03-01T01:36:19Z

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the handling of stateless reset tokens within the ngtcp2 library by introducing a dedicated struct. This change enhances type safety and simplifies token manipulation, leading to a more robust and maintainable API. The update involves deprecating older packet structures and callback functions, providing new versions that leverage the dedicated token struct, and updating the library's callback version.

Highlights

New Struct Introduction: Introduced ngtcp2_stateless_reset_token to explicitly store stateless reset tokens, replacing the previous use of bare uint8_t arrays for improved type safety and easier copying.
API Deprecation and Replacement: Deprecated ngtcp2_pkt_stateless_reset in favor of ngtcp2_pkt_stateless_reset2, and similarly deprecated several callback functions (ngtcp2_recv_stateless_reset, ngtcp2_get_new_connection_id, ngtcp2_connection_id_status) with new _2 suffixed replacements.
Callback Version Update: Updated the NGTCP2_CALLBACKS_VERSION to NGTCP2_CALLBACKS_V3 to reflect the new set of callback functions.
Backward Compatibility: Implemented logic to ensure backward compatibility for deprecated callbacks, allowing applications to continue using older versions while transitioning to the new API.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

doc/source/programmers-guide.rst
- Updated documentation to reference the new get_new_connection_id2 callback.
lib/includes/ngtcp2/ngtcp2.h
- Deprecated ngtcp2_pkt_stateless_reset and introduced ngtcp2_stateless_reset_token and ngtcp2_pkt_stateless_reset2 structs.
- Deprecated several callback function types and added their _2 counterparts.
- Updated NGTCP2_CALLBACKS_VERSION to NGTCP2_CALLBACKS_V3.
lib/ngtcp2_callbacks.c
- Updated ngtcp2_callbackslen_version to support NGTCP2_CALLBACKS_V3.
lib/ngtcp2_cid.c
- Modified ngtcp2_dcid_init, ngtcp2_dcid_set_token, ngtcp2_dcid_copy, ngtcp2_dcid_verify_uniqueness, and ngtcp2_dcid_verify_stateless_reset_token to use the new ngtcp2_stateless_reset_token struct.
lib/ngtcp2_cid.h
- Updated ngtcp2_dcid struct to use ngtcp2_stateless_reset_token.
- Modified function signatures for ngtcp2_dcid_init, ngtcp2_dcid_set_token, ngtcp2_dcid_verify_uniqueness, and ngtcp2_dcid_verify_stateless_reset_token to reflect the new struct.
lib/ngtcp2_conn.c
- Adapted various functions (conn_call_get_new_connection_id, conn_call_dcid_status, conn_call_recv_stateless_reset, conn_enqueue_new_connection_id, check_stateless_reset, conn_on_stateless_reset, conn_recv_new_connection_id, conn_write_handshake, copy_dcid_to_cid_token) to use the new stateless reset token struct and new callback versions, providing backward compatibility.
lib/ngtcp2_dcidtr.c
- Updated functions (ngtcp2_dcidtr_verify_stateless_reset, verify_token_uniqueness, ngtcp2_dcidtr_verify_token_uniqueness, ngtcp2_dcidtr_push_unused) to use the ngtcp2_stateless_reset_token struct.
lib/ngtcp2_dcidtr.h
- Modified function signatures for ngtcp2_dcidtr_verify_stateless_reset, ngtcp2_dcidtr_verify_token_uniqueness, and ngtcp2_dcidtr_push_unused to use the new struct.
lib/ngtcp2_log.c
- Updated logging functions (log_fr_new_connection_id, ngtcp2_log_rx_sr) to correctly handle the new ngtcp2_stateless_reset_token struct.
lib/ngtcp2_log.h
- Modified ngtcp2_log_rx_sr function signature to accept ngtcp2_pkt_stateless_reset2.
lib/ngtcp2_pkt.c
- Updated packet encoding/decoding functions (ngtcp2_pkt_decode_new_connection_id_frame, ngtcp2_pkt_encode_new_connection_id_frame, ngtcp2_pkt_decode_stateless_reset) to use the new stateless reset token struct.
- Introduced ngtcp2_stateless_reset_token_eq for comparing tokens.
lib/ngtcp2_pkt.h
- Updated ngtcp2_new_connection_id struct to use ngtcp2_stateless_reset_token.
- Modified ngtcp2_pkt_decode_stateless_reset signature.
- Added ngtcp2_stateless_reset_token_eq declaration.
lib/ngtcp2_qlog.c
- Updated qlog functions (write_new_connection_id_frame, ngtcp2_qlog_stateless_reset_pkt_received) to use the new stateless reset token struct.
lib/ngtcp2_qlog.h
- Modified ngtcp2_qlog_stateless_reset_pkt_received signature.
tests/ngtcp2_cid_test.c
- Updated test cases to use the new ngtcp2_stateless_reset_token struct and ngtcp2_stateless_reset_token_eq function.
tests/ngtcp2_conn_test.c
- Updated test cases to use the new ngtcp2_stateless_reset_token struct and associated functions.
tests/ngtcp2_dcidtr_test.c
- Updated test cases to use the new ngtcp2_stateless_reset_token struct and associated functions.
tests/ngtcp2_log_test.c
- Updated test cases to use the new ngtcp2_pkt_stateless_reset2 struct.
tests/ngtcp2_pkt_test.c
- Added a new test for ngtcp2_stateless_reset_token_eq.
- Updated existing tests to use the new stateless reset token struct.
tests/ngtcp2_pkt_test.h
- Declared the new test_ngtcp2_stateless_reset_token_eq test function.
tests/ngtcp2_pv_test.c
- Updated test cases to use the new ngtcp2_stateless_reset_token struct.
tests/ngtcp2_qlog_test.c
- Updated test cases to use the new ngtcp2_stateless_reset_token struct.
tests/ngtcp2_test_helper.c
- Refactored CID initialization functions to use new make_ macros.
tests/ngtcp2_test_helper.h
- Introduced make_scid, make_dcid, make_rcid, make_client_stateless_reset_token, and make_stateless_reset_token macros for test data.

Activity

The pull request introduces a new struct ngtcp2_stateless_reset_token to encapsulate stateless reset tokens, improving type safety and clarity.
Existing packet structures and callback functions related to stateless resets and connection ID management have been updated with new _2 versions, while the older versions are marked as deprecated.
Backward compatibility is maintained for the deprecated APIs, allowing for a gradual transition.
Extensive changes were made across header files, implementation files, and test suites to integrate the new struct and API versions consistently.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	`/gemini review`	Performs a code review for the current pull request in its current state.
Pull Request Summary	`/gemini summary`	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	`/gemini help`	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

gemini-code-assist

Code Review

This pull request introduces the ngtcp2_stateless_reset_token struct to improve type safety and code clarity when handling stateless reset tokens, which is a significant and positive refactoring. The changes are extensive, touching many files to replace raw uint8_t arrays with the new struct. The PR also correctly deprecates several callbacks and introduces new versions that use the new struct, ensuring backward compatibility. The test suite has been updated accordingly. I've found a couple of minor issues in the implementation details, which I've commented on. Overall, this is a great improvement to the codebase.

lib/ngtcp2_conn.c

tests/ngtcp2_conn_test.c

This commit introduces ngtcp2_stateless_reset_token that stores stateless reset token as the name suggests. Previously, we use bare uint8_t[NGTCP2_STATELESS_RESET_TOKENLEN] for this purpose, then pass the array pointer to functions, assuming that it has the capacity of NGTCP2_STATELESS_RESET_TOKENLEN bytes. With ngtcp2_stateless_reset_token, the length is always explicit because of the embedded array. It also make the copy a bit easier without memcpy. This commit deprecates ngtcp2_pkt_stateless_reset, and adds ngtcp2_pkt_stateless_reset2 as a replacement. It also deprecates the following callbacks: - ngtcp2_recv_stateless_reset - ngtcp2_get_new_connection_id - ngtcp2_connection_id_status and, adds the following callbacks as their replacements: - ngtcp2_recv_stateless_reset2 - ngtcp2_get_new_connection_id2 - ngtcp2_connection_id_status2

tatsuhiro-t · 2026-03-01T01:51:24Z

/gemini review

gemini-code-assist

Code Review

This pull request introduces the ngtcp2_stateless_reset_token struct to replace the raw uint8_t array, which is a great improvement for type safety and code clarity. The changes are extensive and have been applied consistently across the codebase, including documentation and tests. The handling of backward compatibility for callbacks is also well done. I've found one potential security issue regarding the use of memcmp for comparing stateless reset tokens, which could be vulnerable to timing attacks.

gemini-code-assist · 2026-03-01T01:53:40Z

lib/ngtcp2_pkt.c

+int ngtcp2_stateless_reset_token_eq(const ngtcp2_stateless_reset_token *a,
+                                    const ngtcp2_stateless_reset_token *b) {
+  return memcmp(a->data, b->data, sizeof(a->data)) == 0;


The memcmp function is not guaranteed to be a constant-time comparison function. When comparing secret values like the stateless reset token, it's recommended to use a constant-time comparison function to mitigate potential timing side-channel attacks. The function ngtcp2_cmemeq is already used for this purpose elsewhere in the codebase (e.g., in ngtcp2_dcid_verify_stateless_reset_token) and should be used here as well.

int ngtcp2_stateless_reset_token_eq(const ngtcp2_stateless_reset_token *a, const ngtcp2_stateless_reset_token *b) { return ngtcp2_cmemeq(a->data, b->data, sizeof(a->data)); }

tatsuhiro-t added this to the v1.22.0 milestone Mar 1, 2026

tatsuhiro-t added the area/lib label Mar 1, 2026

gemini-code-assist bot reviewed Mar 1, 2026

View reviewed changes

lib/ngtcp2_conn.c Outdated Show resolved Hide resolved

tests/ngtcp2_conn_test.c Outdated Show resolved Hide resolved

tatsuhiro-t force-pushed the struct-stateless-reset-token branch from d7898e3 to b7bfe41 Compare March 1, 2026 01:50

gemini-code-assist bot reviewed Mar 1, 2026

View reviewed changes

tatsuhiro-t merged commit 889d8fa into main Mar 1, 2026
73 checks passed

tatsuhiro-t deleted the struct-stateless-reset-token branch March 1, 2026 02:06

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Introduce struct ngtcp2_stateless_reset_token#2035

Introduce struct ngtcp2_stateless_reset_token#2035
tatsuhiro-t merged 1 commit intomainfrom
struct-stateless-reset-token

tatsuhiro-t commented Mar 1, 2026

Uh oh!

gemini-code-assist bot commented Mar 1, 2026

Uh oh!

gemini-code-assist bot left a comment

Uh oh!

Uh oh!

Uh oh!

tatsuhiro-t commented Mar 1, 2026

Uh oh!

gemini-code-assist bot left a comment

Uh oh!

gemini-code-assist bot Mar 1, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

tatsuhiro-t commented Mar 1, 2026

Uh oh!

gemini-code-assist bot commented Mar 1, 2026

Summary of Changes

Highlights

Footnotes

Uh oh!

gemini-code-assist bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

Uh oh!

Uh oh!

tatsuhiro-t commented Mar 1, 2026

Uh oh!

gemini-code-assist bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

gemini-code-assist bot Mar 1, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant