Mercurial > hg > nginx-quic
annotate src/event/ngx_event_quic.c @ 7938:3b5fbf1bcdee quic
Reject new QUIC connection with CONNECTION_REFUSED on shutdown.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 23 Jun 2020 11:57:00 +0300 |
| parents | b9bce2c4fe33 |
| children | df29219988bc |
| rev | line source |
|---|---|
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
2 /* |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
4 */ |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
5 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
6 |
| 7637 | 7 #include <ngx_config.h> |
| 8 #include <ngx_core.h> | |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
9 #include <ngx_event.h> |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
10 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
11 |
|
7773
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
12 /* 0-RTT and 1-RTT data exist in the same packet number space, |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
13 * so we have 3 packet number spaces: |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
14 * |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
15 * 0 - Initial |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
16 * 1 - Handshake |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
17 * 2 - 0-RTT and 1-RTT |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
18 */ |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
19 #define ngx_quic_get_send_ctx(qc, level) \ |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
20 ((level) == ssl_encryption_initial) ? &((qc)->send_ctx[0]) \ |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
21 : (((level) == ssl_encryption_handshake) ? &((qc)->send_ctx[1]) \ |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
22 : &((qc)->send_ctx[2])) |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
23 |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
24 #define NGX_QUIC_SEND_CTX_LAST (NGX_QUIC_ENCRYPTION_LAST - 1) |
|
7773
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
25 |
|
7780
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
26 #define NGX_QUIC_STREAMS_INC 16 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
27 #define NGX_QUIC_STREAMS_LIMIT (1ULL < 60) |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
28 |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
29 /* |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
30 * 7.4. Cryptographic Message Buffering |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
31 * Implementations MUST support buffering at least 4096 bytes of data |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
32 */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
33 #define NGX_QUIC_MAX_BUFFERED 65535 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
34 |
|
7773
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
35 |
| 7691 | 36 typedef struct { |
| 37 ngx_rbtree_t tree; | |
| 38 ngx_rbtree_node_t sentinel; | |
| 39 ngx_connection_handler_pt handler; | |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
40 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
41 ngx_uint_t id_counter; |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
42 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
43 uint64_t received; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
44 uint64_t sent; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
45 uint64_t recv_max_data; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
46 uint64_t send_max_data; |
| 7691 | 47 } ngx_quic_streams_t; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
48 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
49 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
50 typedef struct { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
51 size_t in_flight; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
52 size_t window; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
53 size_t ssthresh; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
54 ngx_msec_t recovery_start; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
55 } ngx_quic_congestion_t; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
56 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
57 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
58 /* |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
59 * 12.3. Packet Numbers |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
60 * |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
61 * Conceptually, a packet number space is the context in which a packet |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
62 * can be processed and acknowledged. Initial packets can only be sent |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
63 * with Initial packet protection keys and acknowledged in packets which |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
64 * are also Initial packets. |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
65 */ |
|
7773
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
66 typedef struct { |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
67 ngx_quic_secret_t client_secret; |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
68 ngx_quic_secret_t server_secret; |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
69 |
| 7878 | 70 uint64_t pnum; /* to be sent */ |
| 71 uint64_t largest_ack; /* received from peer */ | |
| 72 uint64_t largest_pn; /* received from peer */ | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
73 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
74 ngx_queue_t frames; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
75 ngx_queue_t sent; |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
76 } ngx_quic_send_ctx_t; |
|
7773
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
77 |
|
dc7ac778aafe
Introduced packet namespace in QUIC connection.
Vladimir Homutov <vl@nginx.com>
parents:
7772
diff
changeset
|
78 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
79 struct ngx_quic_connection_s { |
| 7691 | 80 ngx_str_t scid; |
| 81 ngx_str_t dcid; | |
|
7858
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
82 ngx_str_t odcid; |
| 7691 | 83 ngx_str_t token; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
84 |
|
7726
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
85 ngx_uint_t client_tp_done; |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
86 ngx_quic_tp_t tp; |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
87 ngx_quic_tp_t ctp; |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
88 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
89 ngx_quic_send_ctx_t send_ctx[NGX_QUIC_SEND_CTX_LAST]; |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
90 ngx_quic_secrets_t keys[NGX_QUIC_ENCRYPTION_LAST]; |
|
7785
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
91 ngx_quic_secrets_t next_key; |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
92 ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST]; |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
93 |
| 7691 | 94 ngx_ssl_t *ssl; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
95 |
| 7775 | 96 ngx_event_t push; |
|
7846
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
97 ngx_event_t retransmit; |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
98 ngx_event_t close; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
99 ngx_queue_t free_frames; |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
100 ngx_msec_t last_cc; |
| 7752 | 101 |
| 102 #if (NGX_DEBUG) | |
| 103 ngx_uint_t nframes; | |
| 104 #endif | |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
105 |
| 7691 | 106 ngx_quic_streams_t streams; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
107 ngx_quic_congestion_t congestion; |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
108 |
|
7780
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
109 uint64_t cur_streams; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
110 uint64_t max_streams; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
111 |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
112 ngx_uint_t error; |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
113 ngx_uint_t error_ftype; |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
114 const char *error_reason; |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
115 |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
116 unsigned send_timer_set:1; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
117 unsigned closing:1; |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
118 unsigned draining:1; |
|
7785
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
119 unsigned key_phase:1; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
120 unsigned in_retry:1; |
|
7874
1245e274b9ba
Avoided excessive definitions for connection state.
Vladimir Homutov <vl@nginx.com>
parents:
7871
diff
changeset
|
121 unsigned initialized:1; |
| 7691 | 122 }; |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
123 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
124 |
|
7812
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
125 typedef ngx_int_t (*ngx_quic_frame_handler_pt)(ngx_connection_t *c, |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
126 ngx_quic_frame_t *frame, void *data); |
|
7812
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
127 |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
128 |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
129 #if BORINGSSL_API_VERSION >= 10 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
130 static int ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
131 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
132 const uint8_t *secret, size_t secret_len); |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
133 static int ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
134 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
135 const uint8_t *secret, size_t secret_len); |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
136 #else |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
137 static int ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
138 enum ssl_encryption_level_t level, const uint8_t *read_secret, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
139 const uint8_t *write_secret, size_t secret_len); |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
140 #endif |
| 7691 | 141 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
142 static int ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
143 enum ssl_encryption_level_t level, const uint8_t *data, size_t len); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
144 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
145 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
146 enum ssl_encryption_level_t level, uint8_t alert); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
147 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
148 |
| 7691 | 149 static ngx_int_t ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
150 ngx_quic_tp_t *tp, ngx_quic_header_t *pkt, |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
151 ngx_connection_handler_pt handler); |
|
7859
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
152 static ngx_int_t ngx_quic_new_dcid(ngx_connection_t *c, ngx_str_t *odcid); |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
153 static ngx_int_t ngx_quic_retry(ngx_connection_t *c); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
154 static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
155 static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
156 ngx_quic_header_t *pkt); |
| 7691 | 157 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); |
|
7931
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
158 static ngx_inline size_t ngx_quic_max_udp_payload(ngx_connection_t *c); |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
159 static void ngx_quic_input_handler(ngx_event_t *rev); |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
160 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
161 static void ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
162 static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
163 static void ngx_quic_close_timer_handler(ngx_event_t *ev); |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
164 static ngx_int_t ngx_quic_close_streams(ngx_connection_t *c, |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
165 ngx_quic_connection_t *qc); |
| 7691 | 166 |
| 167 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b); | |
|
7854
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
168 static ngx_inline u_char *ngx_quic_skip_zero_padding(ngx_buf_t *b); |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
169 static ngx_int_t ngx_quic_retry_input(ngx_connection_t *c, |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
170 ngx_quic_header_t *pkt); |
| 7691 | 171 static ngx_int_t ngx_quic_initial_input(ngx_connection_t *c, |
| 172 ngx_quic_header_t *pkt); | |
| 173 static ngx_int_t ngx_quic_handshake_input(ngx_connection_t *c, | |
| 174 ngx_quic_header_t *pkt); | |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
175 static ngx_int_t ngx_quic_early_input(ngx_connection_t *c, |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
176 ngx_quic_header_t *pkt); |
| 7838 | 177 static ngx_int_t ngx_quic_check_peer(ngx_quic_connection_t *qc, |
| 178 ngx_quic_header_t *pkt); | |
| 7691 | 179 static ngx_int_t ngx_quic_app_input(ngx_connection_t *c, |
| 180 ngx_quic_header_t *pkt); | |
| 181 static ngx_int_t ngx_quic_payload_handler(ngx_connection_t *c, | |
| 182 ngx_quic_header_t *pkt); | |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
183 static ngx_int_t ngx_quic_send_ack(ngx_connection_t *c, ngx_quic_header_t *pkt); |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
184 static ngx_int_t ngx_quic_send_cc(ngx_connection_t *c, |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
185 enum ssl_encryption_level_t level, ngx_uint_t err, ngx_uint_t frame_type, |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
186 const char *reason); |
|
7861
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
187 static ngx_int_t ngx_quic_send_new_token(ngx_connection_t *c); |
| 7691 | 188 |
| 189 static ngx_int_t ngx_quic_handle_ack_frame(ngx_connection_t *c, | |
| 190 ngx_quic_header_t *pkt, ngx_quic_ack_frame_t *f); | |
| 7792 | 191 static ngx_int_t ngx_quic_handle_ack_frame_range(ngx_connection_t *c, |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
192 ngx_quic_send_ctx_t *ctx, uint64_t min, uint64_t max); |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
193 static void ngx_quic_handle_stream_ack(ngx_connection_t *c, |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
194 ngx_quic_frame_t *f); |
|
7812
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
195 |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
196 static ngx_int_t ngx_quic_handle_ordered_frame(ngx_connection_t *c, |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
197 ngx_quic_frames_stream_t *fs, ngx_quic_frame_t *frame, |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
198 ngx_quic_frame_handler_pt handler, void *data); |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
199 static ngx_int_t ngx_quic_adjust_frame_offset(ngx_connection_t *c, |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
200 ngx_quic_frame_t *f, uint64_t offset_in); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
201 static ngx_int_t ngx_quic_buffer_frame(ngx_connection_t *c, |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
202 ngx_quic_frames_stream_t *stream, ngx_quic_frame_t *f); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
203 |
|
7812
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
204 static ngx_int_t ngx_quic_handle_crypto_frame(ngx_connection_t *c, |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
205 ngx_quic_header_t *pkt, ngx_quic_frame_t *frame); |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
206 static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
207 ngx_quic_frame_t *frame, void *data); |
| 7691 | 208 static ngx_int_t ngx_quic_handle_stream_frame(ngx_connection_t *c, |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
209 ngx_quic_header_t *pkt, ngx_quic_frame_t *frame); |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
210 static ngx_int_t ngx_quic_stream_input(ngx_connection_t *c, |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
211 ngx_quic_frame_t *frame, void *data); |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
212 |
|
7780
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
213 static ngx_int_t ngx_quic_handle_max_streams(ngx_connection_t *c); |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
214 static ngx_int_t ngx_quic_handle_max_data_frame(ngx_connection_t *c, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
215 ngx_quic_max_data_frame_t *f); |
|
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
216 static ngx_int_t ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
217 ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f); |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
218 static ngx_int_t ngx_quic_handle_stream_data_blocked_frame(ngx_connection_t *c, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
219 ngx_quic_header_t *pkt, ngx_quic_stream_data_blocked_frame_t *f); |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
220 static ngx_int_t ngx_quic_handle_max_stream_data_frame(ngx_connection_t *c, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
221 ngx_quic_header_t *pkt, ngx_quic_max_stream_data_frame_t *f); |
|
7923
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
222 static ngx_int_t ngx_quic_handle_reset_stream_frame(ngx_connection_t *c, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
223 ngx_quic_header_t *pkt, ngx_quic_reset_stream_frame_t *f); |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
224 static ngx_int_t ngx_quic_handle_stop_sending_frame(ngx_connection_t *c, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
225 ngx_quic_header_t *pkt, ngx_quic_stop_sending_frame_t *f); |
| 7691 | 226 |
| 227 static void ngx_quic_queue_frame(ngx_quic_connection_t *qc, | |
| 228 ngx_quic_frame_t *frame); | |
| 229 | |
| 230 static ngx_int_t ngx_quic_output(ngx_connection_t *c); | |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
231 static ngx_int_t ngx_quic_output_frames(ngx_connection_t *c, |
|
7809
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
232 ngx_quic_send_ctx_t *ctx); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
233 static void ngx_quic_free_frames(ngx_connection_t *c, ngx_queue_t *frames); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
234 static ngx_int_t ngx_quic_send_frames(ngx_connection_t *c, ngx_queue_t *frames); |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
235 |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
236 static void ngx_quic_set_packet_number(ngx_quic_header_t *pkt, |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
237 ngx_quic_send_ctx_t *ctx); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
238 static void ngx_quic_retransmit_handler(ngx_event_t *ev); |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
239 static ngx_int_t ngx_quic_retransmit(ngx_connection_t *c, |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
240 ngx_quic_send_ctx_t *ctx, ngx_msec_t *waitp); |
| 7775 | 241 static void ngx_quic_push_handler(ngx_event_t *ev); |
| 7691 | 242 |
| 243 static void ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, | |
| 244 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); | |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
245 static ngx_quic_stream_t *ngx_quic_find_stream(ngx_rbtree_t *rbtree, |
|
7750
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
246 uint64_t id); |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
247 static ngx_quic_stream_t *ngx_quic_create_stream(ngx_connection_t *c, |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
248 uint64_t id, size_t rcvbuf_size); |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
249 static ssize_t ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, |
|
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
250 size_t size); |
|
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
251 static ssize_t ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, |
|
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
252 size_t size); |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
253 static void ngx_quic_stream_cleanup_handler(void *data); |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
254 static ngx_chain_t *ngx_quic_stream_send_chain(ngx_connection_t *c, |
|
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
255 ngx_chain_t *in, off_t limit); |
| 7752 | 256 static ngx_quic_frame_t *ngx_quic_alloc_frame(ngx_connection_t *c, size_t size); |
| 257 static void ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame); | |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
258 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
259 static void ngx_quic_congestion_ack(ngx_connection_t *c, |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
260 ngx_quic_frame_t *frame); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
261 static void ngx_quic_congestion_lost(ngx_connection_t *c, ngx_msec_t sent); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
262 |
| 7691 | 263 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
264 static SSL_QUIC_METHOD quic_method = { |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
265 #if BORINGSSL_API_VERSION >= 10 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
266 ngx_quic_set_read_secret, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
267 ngx_quic_set_write_secret, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
268 #else |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
269 ngx_quic_set_encryption_secrets, |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
270 #endif |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
271 ngx_quic_add_handshake_data, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
272 ngx_quic_flush_flight, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
273 ngx_quic_send_alert, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
274 }; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
275 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
276 |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
277 #if BORINGSSL_API_VERSION >= 10 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
278 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
279 static int |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
280 ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
281 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
282 const uint8_t *rsecret, size_t secret_len) |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
283 { |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
284 ngx_connection_t *c; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
285 ngx_quic_secrets_t *keys; |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
286 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
287 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
288 |
| 7836 | 289 #ifdef NGX_QUIC_DEBUG_CRYPTO |
|
7837
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
290 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
291 "quic ngx_quic_set_read_secret() level:%d", level); |
|
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
292 ngx_quic_hexdump(c->log, "quic read secret", rsecret, secret_len); |
| 7836 | 293 #endif |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
294 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
295 keys = &c->quic->keys[level]; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
296 |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
297 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
298 rsecret, secret_len, |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
299 &keys->client); |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
300 } |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
301 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
302 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
303 static int |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
304 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
305 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
306 const uint8_t *wsecret, size_t secret_len) |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
307 { |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
308 ngx_connection_t *c; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
309 ngx_quic_secrets_t *keys; |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
310 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
311 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
312 |
| 7836 | 313 #ifdef NGX_QUIC_DEBUG_CRYPTO |
|
7837
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
314 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
315 "quic ngx_quic_set_write_secret() level:%d", level); |
|
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
316 ngx_quic_hexdump(c->log, "quic write secret", wsecret, secret_len); |
| 7836 | 317 #endif |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
318 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
319 keys = &c->quic->keys[level]; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
320 |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
321 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
322 wsecret, secret_len, |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
323 &keys->server); |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
324 } |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
325 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
326 #else |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
327 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
328 static int |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
329 ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
330 enum ssl_encryption_level_t level, const uint8_t *rsecret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
331 const uint8_t *wsecret, size_t secret_len) |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
332 { |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
333 ngx_int_t rc; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
334 ngx_connection_t *c; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
335 ngx_quic_secrets_t *keys; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
336 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
337 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
338 |
| 7836 | 339 #ifdef NGX_QUIC_DEBUG_CRYPTO |
|
7837
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
340 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
341 "quic ngx_quic_set_encryption_secrets() level:%d", level); |
|
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
342 ngx_quic_hexdump(c->log, "quic read", rsecret, secret_len); |
| 7836 | 343 #endif |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
344 |
|
7793
0ae50d90658a
Fixed build with OpenSSL using old callbacks API.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7792
diff
changeset
|
345 keys = &c->quic->keys[level]; |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
346 |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
347 rc = ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
348 rsecret, secret_len, |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
349 &keys->client); |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
350 if (rc != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
351 return rc; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
352 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
353 |
|
7769
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7768
diff
changeset
|
354 if (level == ssl_encryption_early_data) { |
|
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7768
diff
changeset
|
355 return 1; |
|
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7768
diff
changeset
|
356 } |
|
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7768
diff
changeset
|
357 |
| 7836 | 358 #ifdef NGX_QUIC_DEBUG_CRYPTO |
|
7837
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
359 ngx_quic_hexdump(c->log, "quic write", wsecret, secret_len); |
| 7836 | 360 #endif |
|
7769
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7768
diff
changeset
|
361 |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
362 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
363 wsecret, secret_len, |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
364 &keys->server); |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
365 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
366 |
|
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
367 #endif |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
368 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
369 |
|
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
370 static int |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
371 ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
372 enum ssl_encryption_level_t level, const uint8_t *data, size_t len) |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
373 { |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
374 u_char *p, *end; |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
375 size_t client_params_len, fsize, limit; |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
376 const uint8_t *client_params; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
377 ngx_quic_frame_t *frame; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
378 ngx_connection_t *c; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
379 ngx_quic_connection_t *qc; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
380 ngx_quic_frames_stream_t *fs; |
|
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
381 |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
382 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
383 qc = c->quic; |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
384 |
|
7652
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
385 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 386 "quic ngx_quic_add_handshake_data"); |
|
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
387 |
|
7726
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
388 if (!qc->client_tp_done) { |
| 7933 | 389 /* |
| 390 * things to do once during handshake: check ALPN and transport | |
| 391 * parameters; we want to break handshake if something is wrong | |
| 392 * here; | |
| 393 */ | |
| 394 | |
| 395 #if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) | |
| 396 { | |
| 397 unsigned int len; | |
| 398 const unsigned char *data; | |
| 399 | |
| 400 SSL_get0_alpn_selected(c->ssl->connection, &data, &len); | |
| 401 | |
| 402 if (len != NGX_QUIC_ALPN_LEN | |
| 403 || ngx_strncmp(data, NGX_QUIC_ALPN_STR, NGX_QUIC_ALPN_LEN) != 0) | |
| 404 { | |
| 405 qc->error = 0x100 + SSL_AD_NO_APPLICATION_PROTOCOL; | |
| 406 qc->error_reason = "unsupported protocol in ALPN extension"; | |
| 407 | |
| 408 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 409 "quic unsupported protocol in ALPN extension"); | |
| 410 return 0; | |
| 411 } | |
| 412 } | |
| 413 #endif | |
|
7726
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
414 |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
415 SSL_get_peer_quic_transport_params(ssl_conn, &client_params, |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
416 &client_params_len); |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
417 |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
418 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 419 "quic SSL_get_peer_quic_transport_params():" |
| 420 " params_len %ui", client_params_len); | |
|
7726
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
421 |
|
7930
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
422 if (client_params_len == 0) { |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
423 /* quic-tls 8.2 */ |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
424 qc->error = 0x100 + SSL_AD_MISSING_EXTENSION; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
425 qc->error_reason = "missing transport parameters"; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
426 |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
427 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
428 "missing transport parameters"); |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
429 return 0; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
430 } |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
431 |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
432 p = (u_char *) client_params; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
433 end = p + client_params_len; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
434 |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
435 if (ngx_quic_parse_transport_params(p, end, &qc->ctp, c->log) |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
436 != NGX_OK) |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
437 { |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
438 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
439 qc->error_reason = "failed to process transport parameters"; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
440 |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
441 return 0; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
442 } |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
443 |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
444 if (qc->ctp.max_idle_timeout > 0 |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
445 && qc->ctp.max_idle_timeout < qc->tp.max_idle_timeout) |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
446 { |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
447 qc->tp.max_idle_timeout = qc->ctp.max_idle_timeout; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
448 } |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
449 |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
450 if (qc->ctp.max_udp_payload_size < NGX_QUIC_MIN_INITIAL_SIZE |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
451 || qc->ctp.max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
452 { |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
453 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
454 qc->error_reason = "invalid maximum packet size"; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
455 |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
456 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
457 "quic maximum packet size is invalid"); |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
458 return 0; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
459 } |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
460 |
|
7931
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
461 if (qc->ctp.max_udp_payload_size > ngx_quic_max_udp_payload(c)) { |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
462 qc->ctp.max_udp_payload_size = ngx_quic_max_udp_payload(c); |
|
7930
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
463 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
464 "quic client maximum packet size truncated"); |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
465 } |
|
7927
391d06a51bc0
Limited max udp payload size for outgoing packets.
Vladimir Homutov <vl@nginx.com>
parents:
7926
diff
changeset
|
466 |
|
7912
6633f17044eb
QUIC draft-28 transport parameters support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7910
diff
changeset
|
467 #if (NGX_QUIC_DRAFT_VERSION >= 28) |
|
7930
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
468 if (qc->scid.len != qc->ctp.initial_scid.len |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
469 || ngx_memcmp(qc->scid.data, qc->ctp.initial_scid.data, |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
470 qc->scid.len) != 0) |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
471 { |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
472 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
473 "quic client initial_source_connection_id " |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
474 "mismatch"); |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
475 return 0; |
|
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
476 } |
|
7912
6633f17044eb
QUIC draft-28 transport parameters support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7910
diff
changeset
|
477 #endif |
|
6633f17044eb
QUIC draft-28 transport parameters support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7910
diff
changeset
|
478 |
|
7930
5bc9229ec4cf
QUIC: raise error on missing transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7929
diff
changeset
|
479 qc->client_tp_done = 1; |
|
7726
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
480 } |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7725
diff
changeset
|
481 |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
482 /* |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
483 * we need to fit at least 1 frame into a packet, thus account head/tail; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
484 * 17 = 1 + 8x2 is max header for CRYPTO frame, with 1 byte for frame type |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
485 */ |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
486 limit = qc->ctp.max_udp_payload_size - NGX_QUIC_MAX_LONG_HEADER - 17 |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
487 - EVP_GCM_TLS_TAG_LEN; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
488 |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
489 fs = &qc->crypto[level]; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
490 |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
491 p = (u_char *) data; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
492 end = (u_char *) data + len; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
493 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
494 while (p < end) { |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
495 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
496 fsize = ngx_min(limit, (size_t) (end - p)); |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
497 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
498 frame = ngx_quic_alloc_frame(c, fsize); |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
499 if (frame == NULL) { |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
500 return 0; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
501 } |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
502 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
503 ngx_memcpy(frame->data, p, fsize); |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
504 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
505 frame->level = level; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
506 frame->type = NGX_QUIC_FT_CRYPTO; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
507 frame->u.crypto.offset = fs->sent; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
508 frame->u.crypto.length = fsize; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
509 frame->u.crypto.data = frame->data; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
510 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
511 fs->sent += fsize; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
512 p += fsize; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
513 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
514 ngx_sprintf(frame->info, "crypto, generated by SSL len=%ui level=%d", |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
515 fsize, level); |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
516 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
517 ngx_quic_queue_frame(qc, frame); |
|
7652
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
518 } |
|
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
519 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
520 return 1; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
521 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
522 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
523 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
524 static int |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
525 ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn) |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
526 { |
|
7837
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
527 #if (NGX_DEBUG) |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
528 ngx_connection_t *c; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
529 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
530 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
531 |
| 7836 | 532 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 533 "quic ngx_quic_flush_flight()"); | |
|
7837
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
534 #endif |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
535 return 1; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
536 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
537 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
538 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
539 static int |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
540 ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
541 uint8_t alert) |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
542 { |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
543 ngx_connection_t *c; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
544 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
545 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
546 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
547 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 548 "quic ngx_quic_send_alert(), lvl=%d, alert=%d", |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
549 (int) level, (int) alert); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
550 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
551 if (c->quic == NULL) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
552 return 1; |
|
7701
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7700
diff
changeset
|
553 } |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7700
diff
changeset
|
554 |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
555 if (ngx_quic_send_cc(c, level, 0x100 + alert, 0, "TLS alert") != NGX_OK) { |
|
7701
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7700
diff
changeset
|
556 return 0; |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7700
diff
changeset
|
557 } |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7700
diff
changeset
|
558 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
559 return 1; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
560 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
561 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
562 |
| 7691 | 563 void |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
564 ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp, |
|
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
565 ngx_connection_handler_pt handler) |
| 7691 | 566 { |
| 567 ngx_buf_t *b; | |
| 568 ngx_quic_header_t pkt; | |
| 569 | |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
570 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
| 7691 | 571 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
572 c->log->action = "QUIC initialization"; |
| 7691 | 573 |
| 574 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | |
| 575 | |
| 576 b = c->buffer; | |
| 577 | |
| 578 pkt.log = c->log; | |
| 579 pkt.raw = b; | |
| 580 pkt.data = b->start; | |
| 581 pkt.len = b->last - b->start; | |
| 582 | |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
583 if (ngx_quic_new_connection(c, ssl, tp, &pkt, handler) != NGX_OK) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
584 ngx_quic_close_connection(c, NGX_ERROR); |
| 7691 | 585 return; |
| 586 } | |
| 587 | |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
588 ngx_add_timer(c->read, c->quic->in_retry ? NGX_QUIC_RETRY_TIMEOUT |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
589 : c->quic->tp.max_idle_timeout); |
| 7691 | 590 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
591 c->read->handler = ngx_quic_input_handler; |
| 7691 | 592 |
| 593 return; | |
| 594 } | |
| 595 | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
596 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
597 static ngx_int_t |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
598 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp, |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
599 ngx_quic_header_t *pkt, ngx_connection_handler_pt handler) |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
600 { |
|
7861
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
601 ngx_int_t rc; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
602 ngx_uint_t i; |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
603 ngx_quic_tp_t *ctp; |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
604 ngx_quic_secrets_t *keys; |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
605 ngx_quic_send_ctx_t *ctx; |
| 7691 | 606 ngx_quic_connection_t *qc; |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
607 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
608 |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
609 if (ngx_buf_size(pkt->raw) < NGX_QUIC_MIN_INITIAL_SIZE) { |
| 7838 | 610 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 611 "quic UDP datagram is too small for initial packet"); | |
| 7691 | 612 return NGX_ERROR; |
| 613 } | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
614 |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
615 rc = ngx_quic_parse_long_header(pkt); |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
616 if (rc != NGX_OK) { |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
617 return rc; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
618 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
619 |
|
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
620 if (!ngx_quic_pkt_in(pkt->flags)) { |
| 7691 | 621 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 622 "quic invalid initial packet: 0x%xi", pkt->flags); |
| 7691 | 623 return NGX_ERROR; |
| 624 } | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
625 |
| 7691 | 626 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
| 627 return NGX_ERROR; | |
| 628 } | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
629 |
|
7864
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
630 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { |
|
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
631 /* 7.2. Negotiating Connection IDs */ |
|
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
632 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
633 "quic too short dcid in initial packet: length %i", |
|
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
634 pkt->dcid.len); |
|
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
635 return NGX_ERROR; |
|
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
636 } |
|
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
637 |
| 7741 | 638 c->log->action = "creating new quic connection"; |
| 639 | |
| 7691 | 640 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
| 641 if (qc == NULL) { | |
| 642 return NGX_ERROR; | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
643 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
644 |
| 7691 | 645 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
| 646 ngx_quic_rbtree_insert_stream); | |
| 647 | |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
648 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
649 ngx_queue_init(&qc->send_ctx[i].frames); |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
650 ngx_queue_init(&qc->send_ctx[i].sent); |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
651 qc->send_ctx[i].largest_pn = (uint64_t) -1; |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
652 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
653 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
654 for (i = 0; i < NGX_QUIC_ENCRYPTION_LAST; i++) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
655 ngx_queue_init(&qc->crypto[i].frames); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
656 } |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
657 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
658 ngx_queue_init(&qc->free_frames); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
659 |
|
7846
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
660 qc->retransmit.log = c->log; |
|
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
661 qc->retransmit.data = c; |
|
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
662 qc->retransmit.handler = ngx_quic_retransmit_handler; |
|
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
663 qc->retransmit.cancelable = 1; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
664 |
| 7775 | 665 qc->push.log = c->log; |
| 666 qc->push.data = c; | |
| 667 qc->push.handler = ngx_quic_push_handler; | |
| 668 qc->push.cancelable = 1; | |
| 669 | |
| 7691 | 670 c->quic = qc; |
| 671 qc->ssl = ssl; | |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
672 qc->tp = *tp; |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
673 qc->streams.handler = handler; |
| 7691 | 674 |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
675 ctp = &qc->ctp; |
|
7931
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
676 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
677 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
678 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
679 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
680 qc->streams.recv_max_data = qc->tp.initial_max_data; |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
681 |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
682 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
|
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
683 ngx_max(2 * qc->tp.max_udp_payload_size, |
|
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
684 14720)); |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
685 qc->congestion.ssthresh = NGX_MAX_SIZE_T_VALUE; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
686 qc->congestion.recovery_start = ngx_current_msec; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
687 |
|
7859
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
688 if (ngx_quic_new_dcid(c, &pkt->dcid) != NGX_OK) { |
| 7691 | 689 return NGX_ERROR; |
| 690 } | |
| 7845 | 691 |
|
7916
c206233d9c29
Fixed transport parameters on a new connection with a valid token.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7912
diff
changeset
|
692 #if (NGX_QUIC_DRAFT_VERSION >= 28) |
|
7912
6633f17044eb
QUIC draft-28 transport parameters support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7910
diff
changeset
|
693 qc->tp.original_dcid = c->quic->odcid; |
|
7916
c206233d9c29
Fixed transport parameters on a new connection with a valid token.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7912
diff
changeset
|
694 #endif |
|
7912
6633f17044eb
QUIC draft-28 transport parameters support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7910
diff
changeset
|
695 qc->tp.initial_scid = c->quic->dcid; |
|
6633f17044eb
QUIC draft-28 transport parameters support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7910
diff
changeset
|
696 |
| 7691 | 697 qc->scid.len = pkt->scid.len; |
| 698 qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len); | |
| 699 if (qc->scid.data == NULL) { | |
| 700 return NGX_ERROR; | |
| 701 } | |
| 702 ngx_memcpy(qc->scid.data, pkt->scid.data, qc->scid.len); | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
703 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
704 keys = &c->quic->keys[ssl_encryption_initial]; |
| 7691 | 705 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
706 if (ngx_quic_set_initial_secret(c->pool, &keys->client, &keys->server, |
|
7858
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
707 &qc->odcid) |
| 7691 | 708 != NGX_OK) |
| 709 { | |
| 710 return NGX_ERROR; | |
| 711 } | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
712 |
|
7874
1245e274b9ba
Avoided excessive definitions for connection state.
Vladimir Homutov <vl@nginx.com>
parents:
7871
diff
changeset
|
713 qc->initialized = 1; |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
714 |
|
7938
3b5fbf1bcdee
Reject new QUIC connection with CONNECTION_REFUSED on shutdown.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7937
diff
changeset
|
715 if (ngx_terminate || ngx_exiting) { |
|
3b5fbf1bcdee
Reject new QUIC connection with CONNECTION_REFUSED on shutdown.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7937
diff
changeset
|
716 qc->error = NGX_QUIC_ERR_CONNECTION_REFUSED; |
|
3b5fbf1bcdee
Reject new QUIC connection with CONNECTION_REFUSED on shutdown.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7937
diff
changeset
|
717 return NGX_ERROR; |
|
3b5fbf1bcdee
Reject new QUIC connection with CONNECTION_REFUSED on shutdown.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7937
diff
changeset
|
718 } |
|
3b5fbf1bcdee
Reject new QUIC connection with CONNECTION_REFUSED on shutdown.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7937
diff
changeset
|
719 |
|
7861
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
720 if (pkt->token.len) { |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
721 rc = ngx_quic_validate_token(c, pkt); |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
722 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
723 if (rc == NGX_ERROR) { |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
724 ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic invalid token"); |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
725 return NGX_ERROR; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
726 } |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
727 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
728 if (rc == NGX_DECLINED) { |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
729 ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic expired token"); |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
730 return ngx_quic_retry(c); |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
731 } |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
732 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
733 /* NGX_OK */ |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
734 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
735 } else if (tp->retry) { |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
736 return ngx_quic_retry(c); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
737 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
738 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
739 pkt->secret = &keys->client; |
| 7691 | 740 pkt->level = ssl_encryption_initial; |
|
7754
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
7752
diff
changeset
|
741 pkt->plaintext = buf; |
| 7691 | 742 |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
743 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
744 |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
745 if (ngx_quic_decrypt(pkt, NULL, &ctx->largest_pn) != NGX_OK) { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
746 qc->error = pkt->error; |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
747 qc->error_reason = "failed to decrypt packet"; |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
748 |
| 7691 | 749 return NGX_ERROR; |
| 750 } | |
| 751 | |
| 752 if (ngx_quic_init_connection(c) != NGX_OK) { | |
| 753 return NGX_ERROR; | |
| 754 } | |
| 755 | |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
756 if (ngx_quic_payload_handler(c, pkt) != NGX_OK) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
757 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
758 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
759 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
760 /* pos is at header end, adjust by actual packet length */ |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
761 pkt->raw->pos += pkt->len; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
762 |
|
7854
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
763 (void) ngx_quic_skip_zero_padding(pkt->raw); |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
764 |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
765 return ngx_quic_input(c, pkt->raw); |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
766 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
767 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
768 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
769 static ngx_int_t |
|
7859
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
770 ngx_quic_new_dcid(ngx_connection_t *c, ngx_str_t *odcid) |
| 7845 | 771 { |
|
7859
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
772 uint8_t len; |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
773 ngx_quic_connection_t *qc; |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
774 |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
775 qc = c->quic; |
| 7845 | 776 |
| 777 if (RAND_bytes(&len, sizeof(len)) != 1) { | |
| 778 return NGX_ERROR; | |
| 779 } | |
| 780 | |
| 781 len = len % 10 + 10; | |
| 782 | |
|
7859
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
783 qc->dcid.len = len; |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
784 qc->dcid.data = ngx_pnalloc(c->pool, len); |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
785 if (qc->dcid.data == NULL) { |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
786 return NGX_ERROR; |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
787 } |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
788 |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
789 if (RAND_bytes(qc->dcid.data, len) != 1) { |
| 7845 | 790 return NGX_ERROR; |
| 791 } | |
| 792 | |
|
7859
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
793 #ifdef NGX_QUIC_DEBUG_PACKETS |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
794 ngx_quic_hexdump(c->log, "quic server CID", qc->dcid.data, qc->dcid.len); |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
795 #endif |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
796 |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
797 qc->odcid.len = odcid->len; |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
798 qc->odcid.data = ngx_pstrdup(c->pool, odcid); |
|
b7704303a7e5
Server CID change refactored.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7858
diff
changeset
|
799 if (qc->odcid.data == NULL) { |
| 7845 | 800 return NGX_ERROR; |
| 801 } | |
| 802 | |
| 803 return NGX_OK; | |
| 804 } | |
| 805 | |
| 806 | |
| 807 static ngx_int_t | |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
808 ngx_quic_retry(ngx_connection_t *c) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
809 { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
810 ssize_t len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
811 ngx_str_t res, token; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
812 ngx_quic_header_t pkt; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
813 u_char buf[NGX_QUIC_RETRY_BUFFER_SIZE]; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
814 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
815 if (ngx_quic_new_token(c, &token) != NGX_OK) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
816 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
817 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
818 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
819 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
820 pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_RETRY; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
821 pkt.log = c->log; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
822 pkt.odcid = c->quic->odcid; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
823 pkt.dcid = c->quic->scid; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
824 pkt.scid = c->quic->dcid; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
825 pkt.token = token; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
826 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
827 res.data = buf; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
828 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
829 if (ngx_quic_encrypt(&pkt, NULL, &res) != NGX_OK) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
830 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
831 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
832 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
833 #ifdef NGX_QUIC_DEBUG_PACKETS |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
834 ngx_quic_hexdump(c->log, "quic packet to send", res.data, res.len); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
835 #endif |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
836 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
837 len = c->send(c, res.data, res.len); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
838 if (len == NGX_ERROR || (size_t) len != res.len) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
839 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
840 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
841 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
842 c->quic->token = token; |
|
7916
c206233d9c29
Fixed transport parameters on a new connection with a valid token.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7912
diff
changeset
|
843 #if (NGX_QUIC_DRAFT_VERSION < 28) |
|
c206233d9c29
Fixed transport parameters on a new connection with a valid token.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7912
diff
changeset
|
844 c->quic->tp.original_dcid = c->quic->odcid; |
|
c206233d9c29
Fixed transport parameters on a new connection with a valid token.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7912
diff
changeset
|
845 #endif |
|
7912
6633f17044eb
QUIC draft-28 transport parameters support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7910
diff
changeset
|
846 c->quic->tp.retry_scid = c->quic->dcid; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
847 c->quic->in_retry = 1; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
848 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
849 return NGX_OK; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
850 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
851 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
852 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
853 static ngx_int_t |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
854 ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
855 { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
856 int len, iv_len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
857 u_char *data, *p, *key, *iv; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
858 ngx_msec_t now; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
859 EVP_CIPHER_CTX *ctx; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
860 const EVP_CIPHER *cipher; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
861 struct sockaddr_in *sin; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
862 #if (NGX_HAVE_INET6) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
863 struct sockaddr_in6 *sin6; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
864 #endif |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
865 u_char in[NGX_QUIC_MAX_TOKEN_SIZE]; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
866 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
867 switch (c->sockaddr->sa_family) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
868 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
869 #if (NGX_HAVE_INET6) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
870 case AF_INET6: |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
871 sin6 = (struct sockaddr_in6 *) c->sockaddr; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
872 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
873 len = sizeof(struct in6_addr); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
874 data = sin6->sin6_addr.s6_addr; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
875 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
876 break; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
877 #endif |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
878 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
879 #if (NGX_HAVE_UNIX_DOMAIN) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
880 case AF_UNIX: |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
881 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
882 len = ngx_min(c->addr_text.len, NGX_QUIC_MAX_TOKEN_SIZE - sizeof(now)); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
883 data = c->addr_text.data; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
884 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
885 break; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
886 #endif |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
887 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
888 default: /* AF_INET */ |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
889 sin = (struct sockaddr_in *) c->sockaddr; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
890 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
891 len = sizeof(in_addr_t); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
892 data = (u_char *) &sin->sin_addr; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
893 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
894 break; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
895 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
896 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
897 p = ngx_cpymem(in, data, len); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
898 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
899 now = ngx_current_msec; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
900 len += sizeof(now); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
901 ngx_memcpy(p, &now, sizeof(now)); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
902 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
903 cipher = EVP_aes_256_cbc(); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
904 iv_len = EVP_CIPHER_iv_length(cipher); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
905 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
906 token->len = iv_len + len + EVP_CIPHER_block_size(cipher); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
907 token->data = ngx_pnalloc(c->pool, token->len); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
908 if (token->data == NULL) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
909 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
910 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
911 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
912 ctx = EVP_CIPHER_CTX_new(); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
913 if (ctx == NULL) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
914 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
915 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
916 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
917 key = c->quic->tp.token_key; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
918 iv = token->data; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
919 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
920 if (RAND_bytes(iv, iv_len) <= 0 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
921 || !EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv)) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
922 { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
923 EVP_CIPHER_CTX_free(ctx); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
924 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
925 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
926 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
927 token->len = iv_len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
928 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
929 if (EVP_EncryptUpdate(ctx, token->data + token->len, &len, in, len) != 1) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
930 EVP_CIPHER_CTX_free(ctx); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
931 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
932 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
933 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
934 token->len += len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
935 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
936 if (EVP_EncryptFinal_ex(ctx, token->data + token->len, &len) <= 0) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
937 EVP_CIPHER_CTX_free(ctx); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
938 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
939 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
940 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
941 token->len += len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
942 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
943 EVP_CIPHER_CTX_free(ctx); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
944 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
945 #ifdef NGX_QUIC_DEBUG_PACKETS |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
946 ngx_quic_hexdump(c->log, "quic new token", token->data, token->len); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
947 #endif |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
948 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
949 return NGX_OK; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
950 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
951 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
952 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
953 static ngx_int_t |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
954 ngx_quic_validate_token(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
955 { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
956 int len, tlen, iv_len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
957 u_char *key, *iv, *p, *data; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
958 ngx_msec_t msec; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
959 EVP_CIPHER_CTX *ctx; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
960 const EVP_CIPHER *cipher; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
961 struct sockaddr_in *sin; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
962 #if (NGX_HAVE_INET6) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
963 struct sockaddr_in6 *sin6; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
964 #endif |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
965 ngx_quic_connection_t *qc; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
966 u_char tdec[NGX_QUIC_MAX_TOKEN_SIZE]; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
967 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
968 if (pkt->token.len == 0) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
969 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
970 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
971 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
972 qc = c->quic; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
973 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
974 /* Retry token */ |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
975 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
976 if (qc->token.len) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
977 if (pkt->token.len != qc->token.len) { |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
978 goto bad_token; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
979 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
980 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
981 if (ngx_memcmp(pkt->token.data, qc->token.data, pkt->token.len) != 0) { |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
982 goto bad_token; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
983 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
984 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
985 return NGX_OK; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
986 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
987 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
988 /* NEW_TOKEN in a previous connection */ |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
989 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
990 cipher = EVP_aes_256_cbc(); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
991 key = c->quic->tp.token_key; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
992 iv = pkt->token.data; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
993 iv_len = EVP_CIPHER_iv_length(cipher); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
994 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
995 /* sanity checks */ |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
996 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
997 if (pkt->token.len < (size_t) iv_len + EVP_CIPHER_block_size(cipher)) { |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
998 goto bad_token; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
999 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1000 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1001 if (pkt->token.len > (size_t) iv_len + NGX_QUIC_MAX_TOKEN_SIZE) { |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1002 goto bad_token; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1003 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1004 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1005 ctx = EVP_CIPHER_CTX_new(); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1006 if (ctx == NULL) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1007 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1008 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1009 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1010 if (!EVP_DecryptInit_ex(ctx, cipher, NULL, key, iv)) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1011 EVP_CIPHER_CTX_free(ctx); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1012 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1013 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1014 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1015 p = pkt->token.data + iv_len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1016 len = pkt->token.len - iv_len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1017 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1018 if (EVP_DecryptUpdate(ctx, tdec, &len, p, len) != 1) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1019 EVP_CIPHER_CTX_free(ctx); |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1020 goto bad_token; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1021 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1022 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1023 if (EVP_DecryptFinal_ex(ctx, tdec + len, &tlen) <= 0) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1024 EVP_CIPHER_CTX_free(ctx); |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1025 goto bad_token; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1026 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1027 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1028 EVP_CIPHER_CTX_free(ctx); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1029 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1030 switch (c->sockaddr->sa_family) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1031 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1032 #if (NGX_HAVE_INET6) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1033 case AF_INET6: |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1034 sin6 = (struct sockaddr_in6 *) c->sockaddr; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1035 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1036 len = sizeof(struct in6_addr); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1037 data = sin6->sin6_addr.s6_addr; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1038 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1039 break; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1040 #endif |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1041 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1042 #if (NGX_HAVE_UNIX_DOMAIN) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1043 case AF_UNIX: |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1044 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1045 len = ngx_min(c->addr_text.len, NGX_QUIC_MAX_TOKEN_SIZE - sizeof(msec)); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1046 data = c->addr_text.data; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1047 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1048 break; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1049 #endif |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1050 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1051 default: /* AF_INET */ |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1052 sin = (struct sockaddr_in *) c->sockaddr; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1053 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1054 len = sizeof(in_addr_t); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1055 data = (u_char *) &sin->sin_addr; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1056 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1057 break; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1058 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1059 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1060 if (ngx_memcmp(tdec, data, len) != 0) { |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1061 goto bad_token; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1062 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1063 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1064 ngx_memcpy(&msec, tdec + len, sizeof(msec)); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1065 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1066 if (ngx_current_msec - msec > NGX_QUIC_RETRY_LIFETIME) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1067 return NGX_DECLINED; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1068 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1069 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1070 return NGX_OK; |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1071 |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1072 bad_token: |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1073 |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1074 qc->error = NGX_QUIC_ERR_INVALID_TOKEN; |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1075 qc->error_reason = "invalid_token"; |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1076 |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1077 return NGX_ERROR; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1078 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1079 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1080 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1081 static ngx_int_t |
|
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
1082 ngx_quic_init_connection(ngx_connection_t *c) |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1083 { |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1084 u_char *p; |
|
7917
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1085 size_t clen; |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1086 ssize_t len; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1087 ngx_ssl_conn_t *ssl_conn; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1088 ngx_quic_connection_t *qc; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1089 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1090 qc = c->quic; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1091 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1092 if (ngx_ssl_create_connection(qc->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1093 return NGX_ERROR; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1094 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1095 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1096 ssl_conn = c->ssl->connection; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1097 |
|
7698
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
7697
diff
changeset
|
1098 if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { |
|
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
7697
diff
changeset
|
1099 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 1100 "quic SSL_set_quic_method() failed"); |
|
7698
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
7697
diff
changeset
|
1101 return NGX_ERROR; |
|
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
7697
diff
changeset
|
1102 } |
|
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
7697
diff
changeset
|
1103 |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1104 #ifdef SSL_READ_EARLY_DATA_SUCCESS |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1105 if (SSL_CTX_get_max_early_data(qc->ssl->ctx)) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1106 SSL_set_quic_early_data_enabled(ssl_conn, 1); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1107 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1108 #endif |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1109 |
|
7917
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1110 len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp, &clen); |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1111 /* always succeeds */ |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1112 |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1113 p = ngx_pnalloc(c->pool, len); |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1114 if (p == NULL) { |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1115 return NGX_ERROR; |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1116 } |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1117 |
|
7917
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1118 len = ngx_quic_create_transport_params(p, p + len, &qc->tp, NULL); |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1119 if (len < 0) { |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1120 return NGX_ERROR; |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1121 } |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1122 |
| 7836 | 1123 #ifdef NGX_QUIC_DEBUG_PACKETS |
|
7837
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
1124 ngx_quic_hexdump(c->log, "quic transport parameters", p, len); |
| 7836 | 1125 #endif |
| 1126 | |
|
7713
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7712
diff
changeset
|
1127 if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1128 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 1129 "quic SSL_set_quic_transport_params() failed"); |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1130 return NGX_ERROR; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1131 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1132 |
|
7917
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1133 #if NGX_OPENSSL_QUIC_ZRTT_CTX |
|
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1134 if (SSL_set_quic_early_data_context(ssl_conn, p, clen) == 0) { |
|
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1135 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1136 "quic SSL_set_quic_early_data_context() failed"); |
|
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1137 return NGX_ERROR; |
|
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1138 } |
|
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1139 #endif |
|
90b02ff6b003
Compatibility with BoringSSL master branch.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7916
diff
changeset
|
1140 |
|
7780
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
1141 qc->max_streams = qc->tp.initial_max_streams_bidi; |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1142 |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1143 return NGX_OK; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1144 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1145 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1146 |
|
7931
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1147 static ngx_inline size_t |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1148 ngx_quic_max_udp_payload(ngx_connection_t *c) |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1149 { |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1150 /* TODO: path MTU discovery */ |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1151 |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1152 #if (NGX_HAVE_INET6) |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1153 if (c->sockaddr->sa_family == AF_INET6) { |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1154 return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6; |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1155 } |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1156 #endif |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1157 |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1158 return NGX_QUIC_MAX_UDP_PAYLOAD_OUT; |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1159 } |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1160 |
|
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
1161 |
| 7691 | 1162 static void |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1163 ngx_quic_input_handler(ngx_event_t *rev) |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
1164 { |
|
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
1165 ssize_t n; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
1166 ngx_buf_t b; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
1167 ngx_connection_t *c; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
1168 ngx_quic_connection_t *qc; |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
1169 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
1170 |
| 7871 | 1171 ngx_memzero(&b, sizeof(ngx_buf_t)); |
| 7691 | 1172 b.start = buf; |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
1173 b.end = buf + sizeof(buf); |
| 7691 | 1174 b.pos = b.last = b.start; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1175 b.memory = 1; |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
1176 |
| 7691 | 1177 c = rev->data; |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
1178 qc = c->quic; |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
1179 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1180 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); |
|
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
1181 |
| 7691 | 1182 if (rev->timedout) { |
| 7838 | 1183 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, |
| 1184 "quic client timed out"); | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1185 ngx_quic_close_connection(c, NGX_DONE); |
| 7691 | 1186 return; |
|
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
1187 } |
|
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
1188 |
| 7691 | 1189 if (c->close) { |
|
7937
b9bce2c4fe33
Close QUIC connection with NO_ERROR on c->close.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7934
diff
changeset
|
1190 qc->error_reason = "graceful shutdown"; |
|
b9bce2c4fe33
Close QUIC connection with NO_ERROR on c->close.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7934
diff
changeset
|
1191 ngx_quic_close_connection(c, NGX_OK); |
| 7691 | 1192 return; |
| 1193 } | |
|
7686
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7684
diff
changeset
|
1194 |
| 7691 | 1195 n = c->recv(c, b.start, b.end - b.start); |
| 7681 | 1196 |
| 7691 | 1197 if (n == NGX_AGAIN) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1198 if (qc->closing) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1199 ngx_quic_close_connection(c, NGX_OK); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1200 } |
| 7691 | 1201 return; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1202 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1203 |
| 7691 | 1204 if (n == NGX_ERROR) { |
| 1205 c->read->eof = 1; | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1206 ngx_quic_close_connection(c, NGX_ERROR); |
| 7691 | 1207 return; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1208 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1209 |
| 7691 | 1210 b.last += n; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1211 |
| 7691 | 1212 if (ngx_quic_input(c, &b) != NGX_OK) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1213 ngx_quic_close_connection(c, NGX_ERROR); |
| 7691 | 1214 return; |
| 1215 } | |
|
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
1216 |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
1217 qc->send_timer_set = 0; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
1218 ngx_add_timer(rev, qc->tp.max_idle_timeout); |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1219 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1220 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1221 |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1222 static void |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1223 ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1224 { |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1225 ngx_pool_t *pool; |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
1226 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1227 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 1228 "quic ngx_quic_close_connection, rc: %i", rc); |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1229 |
|
7874
1245e274b9ba
Avoided excessive definitions for connection state.
Vladimir Homutov <vl@nginx.com>
parents:
7871
diff
changeset
|
1230 if (!c->quic || !c->quic->initialized) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1231 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 1232 "quic close connection early error"); |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1233 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1234 } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1235 return; |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
1236 } |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1237 |
| 7691 | 1238 if (c->ssl) { |
| 1239 (void) ngx_ssl_shutdown(c); | |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1240 } |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1241 |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1242 if (c->read->timer_set) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1243 ngx_del_timer(c->read); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1244 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1245 |
| 7691 | 1246 #if (NGX_STAT_STUB) |
| 1247 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); | |
| 1248 #endif | |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1249 |
| 7691 | 1250 c->destroyed = 1; |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1251 |
| 7691 | 1252 pool = c->pool; |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1253 |
| 7691 | 1254 ngx_close_connection(c); |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1255 |
| 7691 | 1256 ngx_destroy_pool(pool); |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1257 } |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1258 |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1259 |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
1260 static ngx_int_t |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1261 ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc) |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1262 { |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1263 ngx_uint_t i, err; |
|
7875
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
1264 ngx_quic_send_ctx_t *ctx; |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1265 ngx_quic_connection_t *qc; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1266 enum ssl_encryption_level_t level; |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1267 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1268 qc = c->quic; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1269 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1270 if (!qc->closing) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1271 |
|
7875
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
1272 /* drop packets from retransmit queues, no ack is expected */ |
|
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
1273 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
|
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
1274 ctx = ngx_quic_get_send_ctx(qc, i); |
|
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
1275 ngx_quic_free_frames(c, &ctx->sent); |
|
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
1276 } |
|
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
1277 |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1278 if (rc == NGX_DONE) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1279 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1280 /* |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1281 * 10.2. Idle Timeout |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1282 * |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1283 * If the idle timeout is enabled by either peer, a connection is |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1284 * silently closed and its state is discarded when it remains idle |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1285 */ |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1286 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1287 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1288 "quic closing %s connection", |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1289 qc->draining ? "drained" : "idle"); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1290 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1291 } else { |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1292 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1293 /* |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1294 * 10.3. Immediate Close |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1295 * |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1296 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1297 * to terminate the connection immediately. |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1298 */ |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1299 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1300 if (rc == NGX_OK) { |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1301 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1302 "quic immediate close, drain = %d", |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1303 qc->draining); |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1304 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1305 qc->close.log = c->log; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1306 qc->close.data = c; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1307 qc->close.handler = ngx_quic_close_timer_handler; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1308 qc->close.cancelable = 1; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1309 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1310 ngx_add_timer(&qc->close, 3 * NGX_QUIC_HARDCODED_PTO); |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1311 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1312 err = NGX_QUIC_ERR_NO_ERROR; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1313 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1314 } else { |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1315 err = qc->error ? qc->error : NGX_QUIC_ERR_INTERNAL_ERROR; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1316 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1317 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1318 "quic immediate close due to error: %ui %s", |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1319 qc->error, |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1320 qc->error_reason ? qc->error_reason : ""); |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1321 } |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1322 |
| 7933 | 1323 level = c->ssl ? SSL_quic_read_level(c->ssl->connection) |
| 1324 : ssl_encryption_initial; | |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1325 |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1326 (void) ngx_quic_send_cc(c, level, err, qc->error_ftype, |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1327 qc->error_reason); |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1328 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1329 if (level == ssl_encryption_handshake) { |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1330 /* for clients that might not have handshake keys */ |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1331 (void) ngx_quic_send_cc(c, ssl_encryption_initial, err, |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1332 qc->error_ftype, qc->error_reason); |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
1333 } |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1334 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1335 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1336 qc->closing = 1; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1337 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1338 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1339 if (rc == NGX_ERROR && qc->close.timer_set) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1340 /* do not wait for timer in case of fatal error */ |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1341 ngx_del_timer(&qc->close); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1342 } |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1343 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1344 if (ngx_quic_close_streams(c, qc) == NGX_AGAIN) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1345 return NGX_AGAIN; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1346 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1347 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1348 if (qc->close.timer_set) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1349 return NGX_AGAIN; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1350 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1351 |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1352 for (i = 0; i < NGX_QUIC_ENCRYPTION_LAST; i++) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1353 ngx_quic_free_frames(c, &qc->crypto[i].frames); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1354 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1355 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1356 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1357 ngx_quic_free_frames(c, &qc->send_ctx[i].frames); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1358 ngx_quic_free_frames(c, &qc->send_ctx[i].sent); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1359 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1360 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1361 if (qc->push.timer_set) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1362 ngx_del_timer(&qc->push); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1363 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1364 |
|
7846
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
1365 if (qc->retransmit.timer_set) { |
|
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
1366 ngx_del_timer(&qc->retransmit); |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1367 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1368 |
|
7929
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
1369 if (qc->push.posted) { |
|
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
1370 ngx_delete_posted_event(&qc->push); |
|
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
1371 } |
|
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
1372 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1373 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1374 "quic part of connection is terminated"); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1375 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1376 /* may be tested from SSL callback during SSL shutdown */ |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1377 c->quic = NULL; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1378 |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1379 return NGX_OK; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1380 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1381 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1382 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1383 static void |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1384 ngx_quic_close_timer_handler(ngx_event_t *ev) |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1385 { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1386 ngx_connection_t *c; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1387 |
| 7836 | 1388 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic close timer"); |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1389 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1390 c = ev->data; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1391 ngx_quic_close_connection(c, NGX_DONE); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1392 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1393 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1394 |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1395 static ngx_int_t |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1396 ngx_quic_close_streams(ngx_connection_t *c, ngx_quic_connection_t *qc) |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1397 { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1398 ngx_event_t *rev; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1399 ngx_rbtree_t *tree; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1400 ngx_rbtree_node_t *node; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1401 ngx_quic_stream_t *qs; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1402 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1403 #if (NGX_DEBUG) |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1404 ngx_uint_t ns; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1405 #endif |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1406 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1407 tree = &qc->streams.tree; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1408 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1409 if (tree->root == tree->sentinel) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1410 return NGX_OK; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1411 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1412 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1413 #if (NGX_DEBUG) |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1414 ns = 0; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1415 #endif |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1416 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1417 for (node = ngx_rbtree_min(tree->root, tree->sentinel); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1418 node; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1419 node = ngx_rbtree_next(tree, node)) |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1420 { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1421 qs = (ngx_quic_stream_t *) node; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1422 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1423 rev = qs->c->read; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1424 rev->ready = 1; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1425 rev->pending_eof = 1; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1426 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1427 ngx_post_event(rev, &ngx_posted_events); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1428 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1429 if (rev->timer_set) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1430 ngx_del_timer(rev); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1431 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1432 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1433 #if (NGX_DEBUG) |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1434 ns++; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1435 #endif |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1436 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1437 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1438 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1439 "quic connection has %ui active streams", ns); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1440 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1441 return NGX_AGAIN; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1442 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1443 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1444 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
1445 static ngx_int_t |
| 7691 | 1446 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b) |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
1447 { |
| 7691 | 1448 u_char *p; |
| 1449 ngx_int_t rc; | |
| 1450 ngx_quic_header_t pkt; | |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
1451 |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1452 p = b->pos; |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
1453 |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1454 while (p < b->last) { |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1455 c->log->action = "processing quic packet"; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1456 |
| 7691 | 1457 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
| 1458 pkt.raw = b; | |
| 1459 pkt.data = p; | |
| 1460 pkt.len = b->last - p; | |
| 1461 pkt.log = c->log; | |
|
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
1462 pkt.flags = p[0]; |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
1463 |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1464 if (c->quic->in_retry) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1465 return ngx_quic_retry_input(c, &pkt); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1466 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1467 |
|
7848
9d9531431c8c
Removed outdated/incorrect comments and fixed style.
Vladimir Homutov <vl@nginx.com>
parents:
7847
diff
changeset
|
1468 /* TODO: check current state */ |
|
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
1469 if (ngx_quic_long_pkt(pkt.flags)) { |
| 7691 | 1470 |
|
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
1471 if (ngx_quic_pkt_in(pkt.flags)) { |
| 7691 | 1472 rc = ngx_quic_initial_input(c, &pkt); |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1473 |
|
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
1474 } else if (ngx_quic_pkt_hs(pkt.flags)) { |
| 7691 | 1475 rc = ngx_quic_handshake_input(c, &pkt); |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
1476 |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1477 } else if (ngx_quic_pkt_zrtt(pkt.flags)) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1478 rc = ngx_quic_early_input(c, &pkt); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1479 |
| 7691 | 1480 } else { |
| 1481 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 7838 | 1482 "quic unknown long packet type"); |
| 7691 | 1483 return NGX_ERROR; |
| 1484 } | |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
1485 |
| 7691 | 1486 } else { |
| 1487 rc = ngx_quic_app_input(c, &pkt); | |
| 1488 } | |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
1489 |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1490 if (rc == NGX_ERROR) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1491 return NGX_ERROR; |
| 7691 | 1492 } |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1493 |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1494 /* NGX_OK || NGX_DECLINED */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1495 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1496 /* |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1497 * we get NGX_DECLINED when there are no keys [yet] available |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1498 * to decrypt packet. |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1499 * Instead of queueing it, we ignore it and rely on the sender's |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1500 * retransmission: |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1501 * |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1502 * 12.2. Coalescing Packets: |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1503 * |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1504 * For example, if decryption fails (because the keys are |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1505 * not available or any other reason), the receiver MAY either |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1506 * discard or buffer the packet for later processing and MUST |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1507 * attempt to process the remaining packets. |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1508 */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1509 |
| 7691 | 1510 /* b->pos is at header end, adjust by actual packet length */ |
|
7854
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1511 b->pos += pkt.len; |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1512 p = ngx_quic_skip_zero_padding(b); |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1513 } |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1514 |
| 7691 | 1515 return NGX_OK; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1516 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1517 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1518 |
|
7854
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1519 /* firefox workaround: skip zero padding at the end of quic packet */ |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1520 static ngx_inline u_char * |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1521 ngx_quic_skip_zero_padding(ngx_buf_t *b) |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1522 { |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1523 while (b->pos < b->last && *(b->pos) == 0) { |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1524 b->pos++; |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1525 } |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1526 |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1527 return b->pos; |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1528 } |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1529 |
|
2a94aaa70b33
Cleaned up firefox workaround.
Vladimir Homutov <vl@nginx.com>
parents:
7848
diff
changeset
|
1530 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1531 static ngx_int_t |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1532 ngx_quic_retry_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1533 { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1534 ngx_int_t rc; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1535 ngx_quic_secrets_t *keys; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1536 ngx_quic_send_ctx_t *ctx; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1537 ngx_quic_connection_t *qc; |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
1538 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1539 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1540 c->log->action = "retrying quic connection"; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1541 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1542 if (ngx_buf_size(pkt->raw) < NGX_QUIC_MIN_INITIAL_SIZE) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1543 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1544 "quic UDP datagram is too small for initial packet"); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1545 return NGX_OK; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1546 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1547 |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1548 rc = ngx_quic_parse_long_header(pkt); |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1549 if (rc != NGX_OK) { |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1550 return rc; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1551 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1552 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1553 if (ngx_quic_pkt_zrtt(pkt->flags)) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1554 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1555 "quic discard inflight 0-RTT packet"); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1556 return NGX_OK; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1557 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1558 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1559 if (!ngx_quic_pkt_in(pkt->flags)) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1560 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1561 "quic invalid initial packet: 0x%xi", pkt->flags); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1562 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1563 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1564 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1565 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1566 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1567 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1568 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1569 if (ngx_quic_new_dcid(c, &pkt->dcid) != NGX_OK) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1570 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1571 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1572 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1573 qc = c->quic; |
|
7912
6633f17044eb
QUIC draft-28 transport parameters support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7910
diff
changeset
|
1574 qc->tp.initial_scid = c->quic->dcid; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1575 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1576 keys = &c->quic->keys[ssl_encryption_initial]; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1577 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1578 if (ngx_quic_set_initial_secret(c->pool, &keys->client, &keys->server, |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1579 &qc->odcid) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1580 != NGX_OK) |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1581 { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1582 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1583 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1584 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1585 c->quic->in_retry = 0; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1586 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1587 if (ngx_quic_validate_token(c, pkt) != NGX_OK) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1588 ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic invalid token"); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1589 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1590 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1591 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1592 pkt->secret = &keys->client; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1593 pkt->level = ssl_encryption_initial; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1594 pkt->plaintext = buf; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1595 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1596 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1597 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1598 if (ngx_quic_decrypt(pkt, NULL, &ctx->largest_pn) != NGX_OK) { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1599 qc->error = pkt->error; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1600 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1601 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1602 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1603 if (ngx_quic_init_connection(c) != NGX_OK) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1604 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1605 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1606 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1607 if (ngx_quic_payload_handler(c, pkt) != NGX_OK) { |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1608 return NGX_ERROR; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1609 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1610 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1611 /* pos is at header end, adjust by actual packet length */ |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1612 pkt->raw->pos += pkt->len; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1613 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1614 (void) ngx_quic_skip_zero_padding(pkt->raw); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1615 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1616 return ngx_quic_input(c, pkt->raw); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1617 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1618 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1619 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
1620 static ngx_int_t |
| 7689 | 1621 ngx_quic_initial_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
| 1622 { | |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1623 ngx_int_t rc; |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1624 ngx_ssl_conn_t *ssl_conn; |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1625 ngx_quic_secrets_t *keys; |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1626 ngx_quic_send_ctx_t *ctx; |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
1627 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
| 7689 | 1628 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1629 c->log->action = "processing initial quic packet"; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1630 |
| 7689 | 1631 ssl_conn = c->ssl->connection; |
| 1632 | |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1633 rc = ngx_quic_parse_long_header(pkt); |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1634 if (rc != NGX_OK) { |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1635 return rc; |
| 7689 | 1636 } |
| 1637 | |
|
7690
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
7689
diff
changeset
|
1638 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
| 7689 | 1639 return NGX_ERROR; |
| 1640 } | |
| 1641 | |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1642 keys = &c->quic->keys[ssl_encryption_initial]; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1643 |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1644 pkt->secret = &keys->client; |
| 7689 | 1645 pkt->level = ssl_encryption_initial; |
|
7754
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
7752
diff
changeset
|
1646 pkt->plaintext = buf; |
| 7689 | 1647 |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1648 ctx = ngx_quic_get_send_ctx(c->quic, pkt->level); |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1649 |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1650 if (ngx_quic_decrypt(pkt, ssl_conn, &ctx->largest_pn) != NGX_OK) { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1651 c->quic->error = pkt->error; |
| 7689 | 1652 return NGX_ERROR; |
| 1653 } | |
| 1654 | |
| 1655 return ngx_quic_payload_handler(c, pkt); | |
| 1656 } | |
| 1657 | |
| 1658 | |
| 1659 static ngx_int_t | |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1660 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1661 { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1662 ngx_int_t rc; |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1663 ngx_quic_secrets_t *keys; |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1664 ngx_quic_send_ctx_t *ctx; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1665 ngx_quic_connection_t *qc; |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
1666 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1667 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1668 c->log->action = "processing handshake quic packet"; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1669 |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1670 qc = c->quic; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1671 |
|
7787
e45719a9b148
Discarding Handshake packets if no Handshake keys yet.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7786
diff
changeset
|
1672 keys = &c->quic->keys[ssl_encryption_handshake]; |
|
e45719a9b148
Discarding Handshake packets if no Handshake keys yet.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7786
diff
changeset
|
1673 |
|
e45719a9b148
Discarding Handshake packets if no Handshake keys yet.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7786
diff
changeset
|
1674 if (keys->client.key.len == 0) { |
|
e45719a9b148
Discarding Handshake packets if no Handshake keys yet.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7786
diff
changeset
|
1675 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 1676 "quic no read keys yet, packet ignored"); |
|
7787
e45719a9b148
Discarding Handshake packets if no Handshake keys yet.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7786
diff
changeset
|
1677 return NGX_DECLINED; |
|
e45719a9b148
Discarding Handshake packets if no Handshake keys yet.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7786
diff
changeset
|
1678 } |
|
e45719a9b148
Discarding Handshake packets if no Handshake keys yet.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7786
diff
changeset
|
1679 |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
1680 /* extract cleartext data into pkt */ |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1681 rc = ngx_quic_parse_long_header(pkt); |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1682 if (rc != NGX_OK) { |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1683 return rc; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1684 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1685 |
| 7838 | 1686 if (ngx_quic_check_peer(qc, pkt) != NGX_OK) { |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1687 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1688 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1689 |
|
7690
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
7689
diff
changeset
|
1690 if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) { |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1691 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1692 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1693 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1694 pkt->secret = &keys->client; |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1695 pkt->level = ssl_encryption_handshake; |
|
7754
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
7752
diff
changeset
|
1696 pkt->plaintext = buf; |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1697 |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1698 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1699 |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1700 if (ngx_quic_decrypt(pkt, c->ssl->connection, &ctx->largest_pn) != NGX_OK) { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1701 qc->error = pkt->error; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1702 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1703 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1704 |
|
7870
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
1705 /* |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
1706 * 4.10.1. The successful use of Handshake packets indicates |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
1707 * that no more Initial packets need to be exchanged |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
1708 */ |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
1709 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_initial); |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
1710 ngx_quic_free_frames(c, &ctx->sent); |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
1711 |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1712 return ngx_quic_payload_handler(c, pkt); |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1713 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1714 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1715 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1716 static ngx_int_t |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1717 ngx_quic_early_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1718 { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1719 ngx_int_t rc; |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1720 ngx_quic_secrets_t *keys; |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1721 ngx_quic_send_ctx_t *ctx; |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1722 ngx_quic_connection_t *qc; |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
1723 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1724 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1725 c->log->action = "processing early data quic packet"; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1726 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1727 qc = c->quic; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1728 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1729 /* extract cleartext data into pkt */ |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1730 rc = ngx_quic_parse_long_header(pkt); |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1731 if (rc != NGX_OK) { |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1732 return rc; |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1733 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1734 |
| 7838 | 1735 if (ngx_quic_check_peer(qc, pkt) != NGX_OK) { |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1736 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1737 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1738 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1739 if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1740 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1741 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1742 |
|
7934
cef417a24755
QUIC: cleaned up quic encryption state tracking.
Vladimir Homutov <vl@nginx.com>
parents:
7933
diff
changeset
|
1743 keys = &c->quic->keys[ssl_encryption_early_data]; |
|
cef417a24755
QUIC: cleaned up quic encryption state tracking.
Vladimir Homutov <vl@nginx.com>
parents:
7933
diff
changeset
|
1744 |
|
cef417a24755
QUIC: cleaned up quic encryption state tracking.
Vladimir Homutov <vl@nginx.com>
parents:
7933
diff
changeset
|
1745 if (keys->client.key.len == 0) { |
|
cef417a24755
QUIC: cleaned up quic encryption state tracking.
Vladimir Homutov <vl@nginx.com>
parents:
7933
diff
changeset
|
1746 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
cef417a24755
QUIC: cleaned up quic encryption state tracking.
Vladimir Homutov <vl@nginx.com>
parents:
7933
diff
changeset
|
1747 "quic no 0-RTT keys yet, packet ignored"); |
|
cef417a24755
QUIC: cleaned up quic encryption state tracking.
Vladimir Homutov <vl@nginx.com>
parents:
7933
diff
changeset
|
1748 return NGX_DECLINED; |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1749 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1750 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1751 |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1752 pkt->secret = &keys->client; |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1753 pkt->level = ssl_encryption_early_data; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1754 pkt->plaintext = buf; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1755 |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1756 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1757 |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1758 if (ngx_quic_decrypt(pkt, c->ssl->connection, &ctx->largest_pn) != NGX_OK) { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1759 qc->error = pkt->error; |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1760 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1761 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1762 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1763 return ngx_quic_payload_handler(c, pkt); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1764 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1765 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1766 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1767 static ngx_int_t |
| 7838 | 1768 ngx_quic_check_peer(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) |
| 1769 { | |
|
7858
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1770 ngx_str_t *dcid; |
|
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1771 |
|
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1772 dcid = ngx_quic_pkt_zrtt(pkt->flags) ? &qc->odcid : &qc->dcid; |
|
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1773 |
|
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1774 if (pkt->dcid.len != dcid->len) { |
| 7838 | 1775 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic dcidl"); |
| 1776 return NGX_ERROR; | |
| 1777 } | |
| 1778 | |
|
7858
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1779 if (ngx_memcmp(pkt->dcid.data, dcid->data, dcid->len) != 0) { |
| 7838 | 1780 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic dcid"); |
| 1781 return NGX_ERROR; | |
| 1782 } | |
| 1783 | |
| 1784 if (pkt->scid.len != qc->scid.len) { | |
| 1785 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scidl"); | |
| 1786 return NGX_ERROR; | |
| 1787 } | |
| 1788 | |
| 1789 if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { | |
| 1790 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); | |
| 1791 return NGX_ERROR; | |
| 1792 } | |
| 1793 | |
| 1794 return NGX_OK; | |
| 1795 } | |
| 1796 | |
| 1797 | |
| 1798 static ngx_int_t | |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1799 ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1800 { |
|
7785
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1801 ngx_int_t rc; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1802 ngx_quic_secrets_t *keys, *next, tmp; |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1803 ngx_quic_send_ctx_t *ctx; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1804 ngx_quic_connection_t *qc; |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
1805 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1806 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1807 c->log->action = "processing application data quic packet"; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1808 |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1809 qc = c->quic; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1810 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1811 keys = &c->quic->keys[ssl_encryption_application]; |
|
7785
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1812 next = &c->quic->next_key; |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1813 |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1814 if (keys->client.key.len == 0) { |
| 7689 | 1815 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 1816 "quic no read keys yet, packet ignored"); |
| 7689 | 1817 return NGX_DECLINED; |
| 1818 } | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1819 |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1820 rc = ngx_quic_parse_short_header(pkt, &qc->dcid); |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1821 if (rc != NGX_OK) { |
|
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1822 return rc; |
|
7651
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
1823 } |
|
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
1824 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
1825 pkt->secret = &keys->client; |
|
7785
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1826 pkt->next = &next->client; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1827 pkt->key_phase = c->quic->key_phase; |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1828 pkt->level = ssl_encryption_application; |
|
7754
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
7752
diff
changeset
|
1829 pkt->plaintext = buf; |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
1830 |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1831 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1832 |
|
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1833 if (ngx_quic_decrypt(pkt, c->ssl->connection, &ctx->largest_pn) != NGX_OK) { |
|
7863
81f85c479d7e
Discard packets without fixed bit or reserved bits set.
Vladimir Homutov <vl@nginx.com>
parents:
7862
diff
changeset
|
1834 qc->error = pkt->error; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
1835 return NGX_ERROR; |
|
7651
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
1836 } |
|
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
1837 |
|
7785
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1838 /* switch keys on Key Phase change */ |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1839 |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1840 if (pkt->key_update) { |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1841 c->quic->key_phase ^= 1; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1842 |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1843 tmp = *keys; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1844 *keys = *next; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1845 *next = tmp; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1846 } |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1847 |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1848 rc = ngx_quic_payload_handler(c, pkt); |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1849 |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1850 if (rc == NGX_ERROR) { |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1851 return NGX_ERROR; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1852 } |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1853 |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1854 /* generate next keys */ |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1855 |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1856 if (pkt->key_update) { |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1857 if (ngx_quic_key_update(c, keys, next) != NGX_OK) { |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1858 return NGX_ERROR; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1859 } |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1860 } |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1861 |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
1862 return rc; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1863 } |
| 7637 | 1864 |
| 1865 | |
| 7691 | 1866 static ngx_int_t |
| 1867 ngx_quic_payload_handler(ngx_connection_t *c, ngx_quic_header_t *pkt) | |
| 1868 { | |
| 1869 u_char *end, *p; | |
| 1870 ssize_t len; | |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1871 ngx_uint_t ack_sent, do_close; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1872 ngx_quic_frame_t frame; |
| 7691 | 1873 ngx_quic_connection_t *qc; |
| 1874 | |
| 1875 qc = c->quic; | |
| 1876 | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1877 if (qc->closing) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1878 /* |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1879 * 10.1 Closing and Draining Connection States |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1880 * ... delayed or reordered packets are properly discarded. |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1881 * |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1882 * An endpoint retains only enough information to generate |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1883 * a packet containing a CONNECTION_CLOSE frame and to identify |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1884 * packets as belonging to the connection. |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1885 */ |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1886 return ngx_quic_send_cc(c, pkt->level, NGX_QUIC_ERR_NO_ERROR, 0, |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
1887 "connection is closing, packet discarded"); |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1888 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1889 |
| 7691 | 1890 p = pkt->payload.data; |
| 1891 end = p + pkt->payload.len; | |
| 1892 | |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1893 ack_sent = 0; |
| 7691 | 1894 do_close = 0; |
| 1895 | |
| 1896 while (p < end) { | |
| 1897 | |
| 7741 | 1898 c->log->action = "parsing frames"; |
| 1899 | |
|
7706
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
7705
diff
changeset
|
1900 len = ngx_quic_parse_frame(pkt, p, end, &frame); |
|
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
1901 |
| 7691 | 1902 if (len < 0) { |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1903 qc->error = pkt->error; |
| 7691 | 1904 return NGX_ERROR; |
| 1905 } | |
| 1906 | |
| 7741 | 1907 c->log->action = "handling frames"; |
| 1908 | |
| 7691 | 1909 p += len; |
| 1910 | |
| 1911 switch (frame.type) { | |
| 1912 | |
| 1913 case NGX_QUIC_FT_ACK: | |
| 1914 if (ngx_quic_handle_ack_frame(c, pkt, &frame.u.ack) != NGX_OK) { | |
| 1915 return NGX_ERROR; | |
| 1916 } | |
| 1917 | |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1918 continue; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1919 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1920 case NGX_QUIC_FT_PADDING: |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1921 /* no action required */ |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1922 continue; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1923 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1924 case NGX_QUIC_FT_CONNECTION_CLOSE: |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1925 case NGX_QUIC_FT_CONNECTION_CLOSE2: |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1926 do_close = 1; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1927 continue; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1928 } |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1929 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1930 /* got there with ack-eliciting packet */ |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1931 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1932 if (!ack_sent) { |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1933 if (ngx_quic_send_ack(c, pkt) != NGX_OK) { |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1934 return NGX_ERROR; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1935 } |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1936 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1937 ack_sent = 1; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1938 } |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1939 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1940 switch (frame.type) { |
| 7691 | 1941 |
| 1942 case NGX_QUIC_FT_CRYPTO: | |
| 1943 | |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1944 if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { |
| 7691 | 1945 return NGX_ERROR; |
| 1946 } | |
| 1947 | |
| 1948 break; | |
| 1949 | |
| 1950 case NGX_QUIC_FT_PING: | |
| 1951 break; | |
| 1952 | |
| 1953 case NGX_QUIC_FT_STREAM0: | |
| 1954 case NGX_QUIC_FT_STREAM1: | |
| 1955 case NGX_QUIC_FT_STREAM2: | |
| 1956 case NGX_QUIC_FT_STREAM3: | |
| 1957 case NGX_QUIC_FT_STREAM4: | |
| 1958 case NGX_QUIC_FT_STREAM5: | |
| 1959 case NGX_QUIC_FT_STREAM6: | |
| 1960 case NGX_QUIC_FT_STREAM7: | |
| 1961 | |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
1962 if (ngx_quic_handle_stream_frame(c, pkt, &frame) != NGX_OK) { |
| 7691 | 1963 return NGX_ERROR; |
| 1964 } | |
| 1965 | |
| 1966 break; | |
| 1967 | |
|
7703
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1968 case NGX_QUIC_FT_MAX_DATA: |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1969 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1970 if (ngx_quic_handle_max_data_frame(c, &frame.u.max_data) != NGX_OK) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1971 { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1972 return NGX_ERROR; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1973 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1974 |
|
7703
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1975 break; |
|
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1976 |
|
7702
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1977 case NGX_QUIC_FT_STREAMS_BLOCKED: |
|
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1978 case NGX_QUIC_FT_STREAMS_BLOCKED2: |
|
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1979 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1980 if (ngx_quic_handle_streams_blocked_frame(c, pkt, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1981 &frame.u.streams_blocked) |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1982 != NGX_OK) |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1983 { |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1984 return NGX_ERROR; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1985 } |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1986 |
|
7702
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1987 break; |
|
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1988 |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1989 case NGX_QUIC_FT_STREAM_DATA_BLOCKED: |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1990 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1991 if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1992 &frame.u.stream_data_blocked) |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1993 != NGX_OK) |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1994 { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1995 return NGX_ERROR; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1996 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1997 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1998 break; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1999 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2000 case NGX_QUIC_FT_MAX_STREAM_DATA: |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2001 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2002 if (ngx_quic_handle_max_stream_data_frame(c, pkt, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2003 &frame.u.max_stream_data) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2004 != NGX_OK) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2005 { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2006 return NGX_ERROR; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2007 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2008 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2009 break; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2010 |
|
7923
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2011 case NGX_QUIC_FT_RESET_STREAM: |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2012 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2013 if (ngx_quic_handle_reset_stream_frame(c, pkt, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2014 &frame.u.reset_stream) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2015 != NGX_OK) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2016 { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2017 return NGX_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2018 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2019 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2020 break; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2021 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2022 case NGX_QUIC_FT_STOP_SENDING: |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2023 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2024 if (ngx_quic_handle_stop_sending_frame(c, pkt, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2025 &frame.u.stop_sending) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2026 != NGX_OK) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2027 { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2028 return NGX_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2029 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2030 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2031 break; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
2032 |
|
7791
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2033 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
|
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2034 case NGX_QUIC_FT_RETIRE_CONNECTION_ID: |
|
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2035 case NGX_QUIC_FT_PATH_CHALLENGE: |
|
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2036 case NGX_QUIC_FT_PATH_RESPONSE: |
|
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2037 |
|
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2038 /* TODO: handle */ |
|
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2039 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2040 "quic frame handler not implemented"); |
|
7791
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2041 break; |
|
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
2042 |
| 7691 | 2043 default: |
|
7823
4e4485793418
Added MAX_STREAM_DATA stub handler.
Vladimir Homutov <vl@nginx.com>
parents:
7822
diff
changeset
|
2044 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2045 "quic missing frame handler"); |
| 7691 | 2046 return NGX_ERROR; |
| 2047 } | |
| 2048 } | |
| 2049 | |
| 2050 if (p != end) { | |
| 2051 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 7838 | 2052 "quic trailing garbage in payload: %ui bytes", end - p); |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2053 |
|
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2054 qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
| 7691 | 2055 return NGX_ERROR; |
| 2056 } | |
| 2057 | |
| 2058 if (do_close) { | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2059 qc->draining = 1; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2060 ngx_quic_close_connection(c, NGX_OK); |
| 7691 | 2061 } |
| 2062 | |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2063 return NGX_OK; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2064 } |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2065 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2066 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2067 static ngx_int_t |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2068 ngx_quic_send_ack(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2069 { |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2070 ngx_quic_frame_t *frame; |
| 7691 | 2071 |
| 7741 | 2072 c->log->action = "generating acknowledgment"; |
| 2073 | |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2074 /* every ACK-eliciting packet is acknowledged, TODO ACK Ranges */ |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2075 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2076 frame = ngx_quic_alloc_frame(c, 0); |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2077 if (frame == NULL) { |
| 7691 | 2078 return NGX_ERROR; |
| 2079 } | |
| 2080 | |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2081 frame->level = (pkt->level == ssl_encryption_early_data) |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2082 ? ssl_encryption_application |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2083 : pkt->level; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2084 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2085 frame->type = NGX_QUIC_FT_ACK; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2086 frame->u.ack.largest = pkt->pn; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2087 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2088 ngx_sprintf(frame->info, "ACK for PN=%d from frame handler level=%d", |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2089 pkt->pn, frame->level); |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
2090 ngx_quic_queue_frame(c->quic, frame); |
| 7691 | 2091 |
| 7775 | 2092 return NGX_OK; |
| 7691 | 2093 } |
| 2094 | |
| 2095 | |
| 2096 static ngx_int_t | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2097 ngx_quic_send_cc(ngx_connection_t *c, enum ssl_encryption_level_t level, |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2098 ngx_uint_t err, ngx_uint_t frame_type, const char *reason) |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2099 { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2100 ngx_quic_frame_t *frame; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2101 ngx_quic_connection_t *qc; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2102 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2103 qc = c->quic; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2104 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2105 if (qc->draining) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2106 return NGX_OK; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2107 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2108 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2109 if (qc->closing |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2110 && ngx_current_msec - qc->last_cc < NGX_QUIC_CC_MIN_INTERVAL) |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2111 { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2112 /* dot not send CC too often */ |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2113 return NGX_OK; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2114 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2115 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2116 frame = ngx_quic_alloc_frame(c, 0); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2117 if (frame == NULL) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2118 return NGX_ERROR; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2119 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2120 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2121 frame->level = level; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2122 frame->type = NGX_QUIC_FT_CONNECTION_CLOSE; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2123 frame->u.close.error_code = err; |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2124 frame->u.close.frame_type = frame_type; |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2125 |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2126 if (reason) { |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2127 frame->u.close.reason.len = ngx_strlen(reason); |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2128 frame->u.close.reason.data = (u_char *) reason; |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2129 } |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2130 |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2131 ngx_snprintf(frame->info, sizeof(frame->info) - 1, |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2132 "cc from send_cc err=%ui level=%d ft=%ui reason \"%s\"", |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2133 err, level, frame_type, reason ? reason : "-"); |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2134 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2135 ngx_quic_queue_frame(c->quic, frame); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2136 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2137 qc->last_cc = ngx_current_msec; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2138 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2139 return ngx_quic_output(c); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2140 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2141 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2142 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
2143 static ngx_int_t |
|
7861
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2144 ngx_quic_send_new_token(ngx_connection_t *c) |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2145 { |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2146 ngx_str_t token; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2147 ngx_quic_frame_t *frame; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2148 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2149 if (!c->quic->tp.retry) { |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2150 return NGX_OK; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2151 } |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2152 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2153 if (ngx_quic_new_token(c, &token) != NGX_OK) { |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2154 return NGX_ERROR; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2155 } |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2156 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2157 frame = ngx_quic_alloc_frame(c, 0); |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2158 if (frame == NULL) { |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2159 return NGX_ERROR; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2160 } |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2161 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2162 frame->level = ssl_encryption_application; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2163 frame->type = NGX_QUIC_FT_NEW_TOKEN; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2164 frame->u.token.length = token.len; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2165 frame->u.token.data = token.data; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2166 ngx_sprintf(frame->info, "NEW_TOKEN"); |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2167 ngx_quic_queue_frame(c->quic, frame); |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2168 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2169 return NGX_OK; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2170 } |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2171 |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2172 static ngx_int_t |
| 7691 | 2173 ngx_quic_handle_ack_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2174 ngx_quic_ack_frame_t *ack) |
| 7691 | 2175 { |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2176 ssize_t n; |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2177 u_char *pos, *end; |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2178 uint64_t gap, range; |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2179 ngx_uint_t i, min, max; |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2180 ngx_quic_send_ctx_t *ctx; |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2181 |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2182 ctx = ngx_quic_get_send_ctx(c->quic, pkt->level); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2183 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2184 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2185 "quic ngx_quic_handle_ack_frame level %d", pkt->level); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2186 |
| 7792 | 2187 /* |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2188 * If any computed packet number is negative, an endpoint MUST |
|
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2189 * generate a connection error of type FRAME_ENCODING_ERROR. |
|
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2190 * (19.3.1) |
| 7792 | 2191 */ |
| 2192 | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2193 if (ack->first_range > ack->largest) { |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2194 c->quic->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2195 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 2196 "quic invalid first range in ack frame"); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2197 return NGX_ERROR; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2198 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2199 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2200 min = ack->largest - ack->first_range; |
| 7792 | 2201 max = ack->largest; |
| 2202 | |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2203 if (ngx_quic_handle_ack_frame_range(c, ctx, min, max) != NGX_OK) { |
| 7792 | 2204 return NGX_ERROR; |
| 2205 } | |
| 2206 | |
| 2207 /* 13.2.3. Receiver Tracking of ACK Frames */ | |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2208 if (ctx->largest_ack < max) { |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2209 ctx->largest_ack = max; |
| 7792 | 2210 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2211 "quic updated largest received ack: %ui", max); |
| 7792 | 2212 } |
| 2213 | |
| 2214 pos = ack->ranges_start; | |
| 2215 end = ack->ranges_end; | |
| 2216 | |
| 2217 for (i = 0; i < ack->range_count; i++) { | |
| 2218 | |
| 2219 n = ngx_quic_parse_ack_range(pkt, pos, end, &gap, &range); | |
| 2220 if (n == NGX_ERROR) { | |
| 2221 return NGX_ERROR; | |
| 2222 } | |
| 2223 pos += n; | |
| 2224 | |
| 2225 if (gap >= min) { | |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2226 c->quic->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
| 7792 | 2227 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 2228 "quic invalid range %ui in ack frame", i); |
| 7792 | 2229 return NGX_ERROR; |
| 2230 } | |
| 2231 | |
| 2232 max = min - 1 - gap; | |
| 2233 | |
| 2234 if (range > max + 1) { | |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2235 c->quic->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
| 7792 | 2236 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 2237 "quic invalid range %ui in ack frame", i); |
| 7792 | 2238 return NGX_ERROR; |
| 2239 } | |
| 2240 | |
| 2241 min = max - range + 1; | |
| 2242 | |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2243 if (ngx_quic_handle_ack_frame_range(c, ctx, min, max) != NGX_OK) { |
| 7792 | 2244 return NGX_ERROR; |
| 2245 } | |
| 2246 } | |
| 2247 | |
| 2248 return NGX_OK; | |
| 2249 } | |
| 2250 | |
| 2251 | |
| 2252 static ngx_int_t | |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2253 ngx_quic_handle_ack_frame_range(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, |
| 7792 | 2254 uint64_t min, uint64_t max) |
| 2255 { | |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2256 ngx_uint_t found; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2257 ngx_queue_t *q; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2258 ngx_quic_frame_t *f; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2259 ngx_quic_connection_t *qc; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2260 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2261 qc = c->quic; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2262 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2263 found = 0; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2264 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2265 q = ngx_queue_head(&ctx->sent); |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2266 |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
2267 while (q != ngx_queue_sentinel(&ctx->sent)) { |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2268 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2269 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2270 |
| 7792 | 2271 if (f->pnum >= min && f->pnum <= max) { |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2272 ngx_quic_congestion_ack(c, f); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2273 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2274 ngx_quic_handle_stream_ack(c, f); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2275 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2276 q = ngx_queue_next(q); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2277 ngx_queue_remove(&f->queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2278 ngx_quic_free_frame(c, f); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2279 found = 1; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2280 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2281 } else { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2282 q = ngx_queue_next(q); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2283 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2284 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2285 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2286 if (!found) { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2287 |
|
7932
4e75267865de
QUIC: fixed off-by-one in frame range handler.
Vladimir Homutov <vl@nginx.com>
parents:
7931
diff
changeset
|
2288 if (max < ctx->pnum) { |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2289 /* duplicate ACK or ACK for non-ack-eliciting frame */ |
| 7792 | 2290 return NGX_OK; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2291 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2292 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2293 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7878 | 2294 "quic ACK for the packet not sent"); |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2295 |
|
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2296 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; |
|
7876
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2297 qc->error_ftype = NGX_QUIC_FT_ACK; |
|
ffd362e87eb2
Added more context to CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7875
diff
changeset
|
2298 qc->error_reason = "unknown packet number"; |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
2299 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2300 return NGX_ERROR; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2301 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
2302 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2303 if (!qc->push.timer_set) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2304 ngx_post_event(&qc->push, &ngx_posted_events); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2305 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2306 |
| 7691 | 2307 return NGX_OK; |
| 2308 } | |
| 2309 | |
| 2310 | |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2311 static void |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2312 ngx_quic_handle_stream_ack(ngx_connection_t *c, ngx_quic_frame_t *f) |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2313 { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2314 uint64_t sent, unacked; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2315 ngx_event_t *wev; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2316 ngx_quic_stream_t *sn; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2317 ngx_quic_connection_t *qc; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2318 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2319 if (f->type < NGX_QUIC_FT_STREAM0 || f->type > NGX_QUIC_FT_STREAM7) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2320 return; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2321 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2322 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2323 qc = c->quic; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2324 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2325 sn = ngx_quic_find_stream(&qc->streams.tree, f->u.stream.stream_id); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2326 if (sn == NULL) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2327 return; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2328 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2329 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2330 wev = sn->c->write; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2331 sent = sn->c->sent; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2332 unacked = sent - sn->acked; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2333 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2334 if (unacked >= NGX_QUIC_STREAM_BUFSIZE && wev->active) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2335 wev->ready = 1; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2336 ngx_post_event(wev, &ngx_posted_events); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2337 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2338 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2339 sn->acked += f->u.stream.length; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2340 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2341 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, sn->c->log, 0, |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2342 "quic stream ack %uL acked:%uL, unacked:%uL", |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2343 f->u.stream.length, sn->acked, sent - sn->acked); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2344 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2345 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
2346 |
| 7691 | 2347 static ngx_int_t |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2348 ngx_quic_handle_ordered_frame(ngx_connection_t *c, ngx_quic_frames_stream_t *fs, |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2349 ngx_quic_frame_t *frame, ngx_quic_frame_handler_pt handler, void *data) |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2350 { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2351 size_t full_len; |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2352 ngx_int_t rc; |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2353 ngx_queue_t *q; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2354 ngx_quic_ordered_frame_t *f; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2355 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2356 f = &frame->u.ord; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2357 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2358 if (f->offset > fs->received) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2359 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2360 "quic out-of-order frame: expecting %ui got %ui", |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2361 fs->received, f->offset); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2362 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2363 return ngx_quic_buffer_frame(c, fs, frame); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2364 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2365 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2366 if (f->offset < fs->received) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2367 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2368 if (ngx_quic_adjust_frame_offset(c, frame, fs->received) |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2369 == NGX_DONE) |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2370 { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2371 /* old/duplicate data range */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2372 return NGX_OK; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2373 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2374 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2375 /* intersecting data range, frame modified */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2376 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2377 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2378 /* f->offset == fs->received */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2379 |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2380 rc = handler(c, frame, data); |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2381 if (rc == NGX_ERROR) { |
| 7691 | 2382 return NGX_ERROR; |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2383 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2384 } else if (rc == NGX_DONE) { |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2385 /* handler destroyed stream, queue no longer exists */ |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2386 return NGX_OK; |
| 7691 | 2387 } |
| 2388 | |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2389 /* rc == NGX_OK */ |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2390 |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2391 fs->received += f->length; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2392 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2393 /* now check the queue if we can continue with buffered frames */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2394 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2395 do { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2396 q = ngx_queue_head(&fs->frames); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2397 if (q == ngx_queue_sentinel(&fs->frames)) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2398 break; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2399 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2400 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2401 frame = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2402 f = &frame->u.ord; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2403 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2404 if (f->offset > fs->received) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2405 /* gap found, nothing more to do */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2406 break; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2407 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2408 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2409 full_len = f->length; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2410 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2411 if (f->offset < fs->received) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2412 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2413 if (ngx_quic_adjust_frame_offset(c, frame, fs->received) |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2414 == NGX_DONE) |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2415 { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2416 /* old/duplicate data range */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2417 ngx_queue_remove(q); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2418 fs->total -= f->length; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2419 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2420 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2421 "quic skipped buffered frame, total %ui", |
| 2422 fs->total); | |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2423 ngx_quic_free_frame(c, frame); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2424 continue; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2425 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2426 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2427 /* frame was adjusted, proceed to input */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2428 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2429 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2430 /* f->offset == fs->received */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2431 |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2432 rc = handler(c, frame, data); |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2433 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2434 if (rc == NGX_ERROR) { |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2435 return NGX_ERROR; |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2436 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2437 } else if (rc == NGX_DONE) { |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2438 /* handler destroyed stream, queue no longer exists */ |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2439 return NGX_OK; |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2440 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2441 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2442 fs->received += f->length; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2443 fs->total -= full_len; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2444 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2445 ngx_queue_remove(q); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2446 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2447 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2448 "quic consumed buffered frame, total %ui", fs->total); |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2449 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2450 ngx_quic_free_frame(c, frame); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2451 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2452 } while (1); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2453 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2454 return NGX_OK; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2455 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2456 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2457 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2458 static ngx_int_t |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2459 ngx_quic_adjust_frame_offset(ngx_connection_t *c, ngx_quic_frame_t *frame, |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2460 uint64_t offset_in) |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2461 { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2462 size_t tail; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2463 ngx_quic_ordered_frame_t *f; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2464 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2465 f = &frame->u.ord; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2466 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2467 tail = offset_in - f->offset; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2468 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2469 if (tail >= f->length) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2470 /* range preceeding already received data or duplicate, ignore */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2471 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2472 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2473 "quic old or duplicate data in ordered frame, ignored"); |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2474 return NGX_DONE; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2475 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2476 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2477 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2478 "quic adjusted ordered frame data start to expected offset"); |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2479 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2480 /* intersecting range: adjust data size */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2481 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2482 f->offset += tail; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2483 f->data += tail; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2484 f->length -= tail; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2485 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2486 return NGX_OK; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2487 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2488 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2489 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2490 static ngx_int_t |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2491 ngx_quic_buffer_frame(ngx_connection_t *c, ngx_quic_frames_stream_t *fs, |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2492 ngx_quic_frame_t *frame) |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2493 { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2494 u_char *data; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2495 ngx_queue_t *q; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2496 ngx_quic_frame_t *dst, *item; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2497 ngx_quic_ordered_frame_t *f, *df; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2498 |
| 7836 | 2499 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 2500 "quic ngx_quic_buffer_frame"); | |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2501 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2502 f = &frame->u.ord; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2503 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2504 /* frame start offset is in the future, buffer it */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2505 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2506 /* check limit on total size used by all buffered frames, not actual data */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2507 if (NGX_QUIC_MAX_BUFFERED - fs->total < f->length) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2508 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 7838 | 2509 "quic ordered input buffer limit exceeded"); |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2510 return NGX_ERROR; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2511 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2512 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2513 dst = ngx_quic_alloc_frame(c, f->length); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2514 if (dst == NULL) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2515 return NGX_ERROR; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2516 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2517 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2518 data = dst->data; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2519 ngx_memcpy(dst, frame, sizeof(ngx_quic_frame_t)); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2520 dst->data = data; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2521 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2522 ngx_memcpy(dst->data, f->data, f->length); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2523 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2524 df = &dst->u.ord; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2525 df->data = dst->data; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2526 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2527 fs->total += f->length; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2528 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2529 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2530 "quic ordered frame with unexpected offset:" |
| 2531 " buffered, total %ui", fs->total); | |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2532 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2533 /* TODO: do we need some timeout for this queue ? */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2534 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2535 if (ngx_queue_empty(&fs->frames)) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2536 ngx_queue_insert_after(&fs->frames, &dst->queue); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2537 return NGX_OK; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2538 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2539 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2540 for (q = ngx_queue_last(&fs->frames); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2541 q != ngx_queue_sentinel(&fs->frames); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2542 q = ngx_queue_prev(q)) |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2543 { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2544 item = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2545 f = &item->u.ord; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2546 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2547 if (f->offset < df->offset) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2548 ngx_queue_insert_after(q, &dst->queue); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2549 return NGX_OK; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2550 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2551 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2552 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2553 ngx_queue_insert_after(&fs->frames, &dst->queue); |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2554 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2555 return NGX_OK; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2556 } |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2557 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2558 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2559 static ngx_int_t |
|
7812
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2560 ngx_quic_handle_crypto_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2561 ngx_quic_frame_t *frame) |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2562 { |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2563 ngx_quic_connection_t *qc; |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2564 ngx_quic_frames_stream_t *fs; |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2565 |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2566 qc = c->quic; |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2567 fs = &qc->crypto[pkt->level]; |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2568 |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2569 return ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_crypto_input, |
|
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2570 NULL); |
|
7812
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2571 } |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2572 |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2573 |
|
76839f55bc48
Sorted functions and functions declarations.
Vladimir Homutov <vl@nginx.com>
parents:
7811
diff
changeset
|
2574 static ngx_int_t |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2575 ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2576 { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2577 int sslerr; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2578 ssize_t n; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2579 ngx_ssl_conn_t *ssl_conn; |
|
7870
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
2580 ngx_quic_send_ctx_t *ctx; |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2581 ngx_quic_crypto_frame_t *f; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2582 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2583 f = &frame->u.crypto; |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2584 |
| 7691 | 2585 ssl_conn = c->ssl->connection; |
| 2586 | |
| 2587 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
| 7836 | 2588 "quic SSL_quic_read_level: %d, SSL_quic_write_level: %d", |
| 7691 | 2589 (int) SSL_quic_read_level(ssl_conn), |
| 2590 (int) SSL_quic_write_level(ssl_conn)); | |
| 2591 | |
| 2592 if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn), | |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
2593 f->data, f->length)) |
| 7691 | 2594 { |
| 2595 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, | |
| 2596 "SSL_provide_quic_data() failed"); | |
| 2597 return NGX_ERROR; | |
| 2598 } | |
| 2599 | |
| 2600 n = SSL_do_handshake(ssl_conn); | |
| 2601 | |
| 2602 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); | |
| 2603 | |
| 2604 if (n == -1) { | |
| 2605 sslerr = SSL_get_error(ssl_conn, n); | |
| 2606 | |
| 2607 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", | |
| 2608 sslerr); | |
| 2609 | |
|
7766
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7765
diff
changeset
|
2610 if (sslerr != SSL_ERROR_WANT_READ) { |
| 7691 | 2611 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); |
|
7766
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7765
diff
changeset
|
2612 return NGX_ERROR; |
| 7691 | 2613 } |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
2614 |
|
7768
76818c9cdd6f
Sending HANDSHAKE_DONE just once with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7767
diff
changeset
|
2615 } else if (n == 1 && !SSL_in_init(ssl_conn)) { |
| 7691 | 2616 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
2617 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7765 | 2618 "quic ssl cipher: %s", SSL_get_cipher(ssl_conn)); |
| 7691 | 2619 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
2620 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2621 "quic handshake completed successfully"); |
|
7739
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2622 |
| 7752 | 2623 frame = ngx_quic_alloc_frame(c, 0); |
|
7739
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2624 if (frame == NULL) { |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2625 return NGX_ERROR; |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2626 } |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2627 |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2628 /* 12.4 Frames and frame types, figure 8 */ |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2629 frame->level = ssl_encryption_application; |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2630 frame->type = NGX_QUIC_FT_HANDSHAKE_DONE; |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2631 ngx_sprintf(frame->info, "HANDSHAKE DONE on handshake completed"); |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
7738
diff
changeset
|
2632 ngx_quic_queue_frame(c->quic, frame); |
|
7785
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2633 |
|
7861
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2634 if (ngx_quic_send_new_token(c) != NGX_OK) { |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2635 return NGX_ERROR; |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2636 } |
|
52d0c4832570
Address validation using NEW_TOKEN frame.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7860
diff
changeset
|
2637 |
|
7785
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2638 /* |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2639 * Generating next keys before a key update is received. |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2640 * See quic-tls 9.4 Header Protection Timing Side-Channels. |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2641 */ |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2642 |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2643 if (ngx_quic_key_update(c, &c->quic->keys[ssl_encryption_application], |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2644 &c->quic->next_key) |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2645 != NGX_OK) |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2646 { |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2647 return NGX_ERROR; |
|
29354c6fc5f2
TLS Key Update in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7782
diff
changeset
|
2648 } |
|
7870
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
2649 |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
2650 /* |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
2651 * 4.10.2 An endpoint MUST discard its handshake keys |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
2652 * when the TLS handshake is confirmed |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
2653 */ |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
2654 ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_handshake); |
|
e169cce912c7
Avoid retransmitting of packets with discarded keys.
Vladimir Homutov <vl@nginx.com>
parents:
7869
diff
changeset
|
2655 ngx_quic_free_frames(c, &ctx->sent); |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
2656 } |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
2657 |
| 7691 | 2658 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 2659 "quic SSL_quic_read_level: %d, SSL_quic_write_level: %d", |
| 7691 | 2660 (int) SSL_quic_read_level(ssl_conn), |
| 2661 (int) SSL_quic_write_level(ssl_conn)); | |
| 2662 | |
| 2663 return NGX_OK; | |
| 2664 } | |
| 2665 | |
| 2666 | |
| 2667 static ngx_int_t | |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2668 ngx_quic_handle_stream_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2669 ngx_quic_frame_t *frame) |
| 7691 | 2670 { |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2671 size_t n; |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2672 ngx_buf_t *b; |
|
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2673 ngx_event_t *rev; |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2674 ngx_quic_stream_t *sn; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2675 ngx_quic_connection_t *qc; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2676 ngx_quic_stream_frame_t *f; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2677 ngx_quic_frames_stream_t *fs; |
| 7691 | 2678 |
| 2679 qc = c->quic; | |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2680 f = &frame->u.stream; |
| 7691 | 2681 |
|
7922
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2682 if ((f->stream_id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2683 && (f->stream_id & NGX_QUIC_STREAM_SERVER_INITIATED)) |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2684 { |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2685 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2686 return NGX_ERROR; |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2687 } |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2688 |
| 7691 | 2689 sn = ngx_quic_find_stream(&qc->streams.tree, f->stream_id); |
| 2690 | |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2691 if (sn == NULL) { |
| 7836 | 2692 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 2693 "quic stream id 0x%xi is new", f->stream_id); | |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2694 |
|
7922
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2695 if (f->stream_id & NGX_QUIC_STREAM_SERVER_INITIATED) { |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2696 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2697 return NGX_ERROR; |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2698 } |
|
d437ee1ce81e
Reject invalid STREAM ID with STREAM_STATE_ERROR connection error.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7919
diff
changeset
|
2699 |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2700 n = (f->stream_id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2701 ? qc->tp.initial_max_stream_data_uni |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2702 : qc->tp.initial_max_stream_data_bidi_remote; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2703 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2704 if (n < NGX_QUIC_STREAM_BUFSIZE) { |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2705 n = NGX_QUIC_STREAM_BUFSIZE; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2706 } |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2707 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2708 if (n < f->length) { |
| 7838 | 2709 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 2710 "quic no space in stream buffer"); | |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2711 return NGX_ERROR; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2712 } |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2713 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2714 /* |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2715 * TODO: check IDs are increasing ? create all lower-numbered? |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2716 * |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2717 * 2.1. Stream Types and Identifiers |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2718 * |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2719 * Within each type, streams are created with numerically increasing |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2720 * stream IDs. A stream ID that is used out of order results in all |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2721 * streams of that type with lower-numbered stream IDs also being |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2722 * opened. |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2723 */ |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2724 sn = ngx_quic_create_stream(c, f->stream_id, n); |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2725 if (sn == NULL) { |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2726 return NGX_ERROR; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2727 } |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2728 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2729 rev = sn->c->read; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2730 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2731 if (f->offset == 0) { |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2732 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2733 b = sn->b; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2734 b->last = ngx_cpymem(b->last, f->data, f->length); |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2735 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2736 sn->fs.received += f->length; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2737 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2738 rev->ready = 1; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2739 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2740 if (f->fin) { |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2741 rev->pending_eof = 1; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2742 } |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2743 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2744 } else { |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2745 rev->ready = 0; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2746 } |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2747 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2748 if ((f->stream_id & NGX_QUIC_STREAM_UNIDIRECTIONAL) == 0) { |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2749 ngx_quic_handle_max_streams(c); |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2750 } |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2751 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2752 qc->streams.handler(sn->c); |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2753 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2754 if (f->offset == 0) { |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2755 return NGX_OK; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2756 } |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2757 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2758 /* out-of-order stream: proceed to buffering */ |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2759 } |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2760 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2761 fs = &sn->fs; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2762 |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2763 return ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, |
|
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2764 sn); |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2765 } |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2766 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2767 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2768 static ngx_int_t |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2769 ngx_quic_stream_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2770 { |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2771 ngx_buf_t *b; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2772 ngx_event_t *rev; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2773 ngx_quic_stream_t *sn; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2774 ngx_quic_connection_t *qc; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2775 ngx_quic_stream_frame_t *f; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2776 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2777 qc = c->quic; |
|
7855
81a4f98a2556
Cleaned up reordering code.
Vladimir Homutov <vl@nginx.com>
parents:
7854
diff
changeset
|
2778 sn = data; |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2779 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2780 f = &frame->u.stream; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2781 |
| 7836 | 2782 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic existing stream"); |
| 7691 | 2783 |
| 2784 b = sn->b; | |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2785 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2786 if ((size_t) ((b->pos - b->start) + (b->end - b->last)) < f->length) { |
| 7838 | 2787 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 2788 "quic no space in stream buffer"); | |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2789 return NGX_ERROR; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2790 } |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2791 |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2792 if ((size_t) (b->end - b->last) < f->length) { |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2793 b->last = ngx_movemem(b->start, b->pos, b->last - b->pos); |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2794 b->pos = b->start; |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2795 } |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2796 |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
2797 b->last = ngx_cpymem(b->last, f->data, f->length); |
| 7691 | 2798 |
|
7760
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
7759
diff
changeset
|
2799 rev = sn->c->read; |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
7759
diff
changeset
|
2800 rev->ready = 1; |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
7759
diff
changeset
|
2801 |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
7759
diff
changeset
|
2802 if (f->fin) { |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
7759
diff
changeset
|
2803 rev->pending_eof = 1; |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
7759
diff
changeset
|
2804 } |
| 7691 | 2805 |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2806 if (rev->active) { |
|
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2807 rev->handler(rev); |
|
7780
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2808 } |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2809 |
|
7814
ab443e80d9e4
Create new stream immediately on receiving new stream id.
Vladimir Homutov <vl@nginx.com>
parents:
7813
diff
changeset
|
2810 /* check if stream was destroyed by handler */ |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2811 if (ngx_quic_find_stream(&qc->streams.tree, f->stream_id) == NULL) { |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2812 return NGX_DONE; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2813 } |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
2814 |
| 7691 | 2815 return NGX_OK; |
| 2816 } | |
| 2817 | |
| 2818 | |
|
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2819 static ngx_int_t |
|
7780
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2820 ngx_quic_handle_max_streams(ngx_connection_t *c) |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2821 { |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2822 ngx_quic_frame_t *frame; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2823 ngx_quic_connection_t *qc; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2824 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2825 qc = c->quic; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2826 qc->cur_streams++; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2827 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2828 if (qc->cur_streams + NGX_QUIC_STREAMS_INC / 2 < qc->max_streams) { |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2829 return NGX_OK; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2830 } |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2831 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2832 frame = ngx_quic_alloc_frame(c, 0); |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2833 if (frame == NULL) { |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2834 return NGX_ERROR; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2835 } |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2836 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2837 qc->max_streams = ngx_max(qc->max_streams + NGX_QUIC_STREAMS_INC, |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2838 NGX_QUIC_STREAMS_LIMIT); |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2839 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2840 frame->level = ssl_encryption_application; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2841 frame->type = NGX_QUIC_FT_MAX_STREAMS; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2842 frame->u.max_streams.limit = qc->max_streams; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2843 frame->u.max_streams.bidi = 1; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2844 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2845 ngx_sprintf(frame->info, "MAX_STREAMS limit:%d bidi:%d level=%d", |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2846 (int) frame->u.max_streams.limit, |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2847 (int) frame->u.max_streams.bidi, |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2848 frame->level); |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2849 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2850 ngx_quic_queue_frame(qc, frame); |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2851 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2852 return NGX_OK; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2853 } |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2854 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2855 |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2856 static ngx_int_t |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2857 ngx_quic_handle_max_data_frame(ngx_connection_t *c, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2858 ngx_quic_max_data_frame_t *f) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2859 { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2860 ngx_event_t *wev; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2861 ngx_rbtree_t *tree; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2862 ngx_rbtree_node_t *node; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2863 ngx_quic_stream_t *qs; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2864 ngx_quic_connection_t *qc; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2865 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2866 qc = c->quic; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2867 tree = &qc->streams.tree; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2868 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2869 if (f->max_data <= qc->streams.send_max_data) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2870 return NGX_OK; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2871 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2872 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2873 if (qc->streams.sent >= qc->streams.send_max_data) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2874 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2875 for (node = ngx_rbtree_min(tree->root, tree->sentinel); |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2876 node; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2877 node = ngx_rbtree_next(tree, node)) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2878 { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2879 qs = (ngx_quic_stream_t *) node; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2880 wev = qs->c->write; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2881 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2882 if (wev->active) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2883 wev->ready = 1; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2884 ngx_post_event(wev, &ngx_posted_events); |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2885 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2886 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2887 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2888 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2889 qc->streams.send_max_data = f->max_data; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2890 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2891 return NGX_OK; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2892 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2893 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2894 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2895 static ngx_int_t |
|
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2896 ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2897 ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f) |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2898 { |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2899 ngx_quic_frame_t *frame; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2900 |
| 7752 | 2901 frame = ngx_quic_alloc_frame(c, 0); |
|
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2902 if (frame == NULL) { |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2903 return NGX_ERROR; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2904 } |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2905 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2906 frame->level = pkt->level; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2907 frame->type = NGX_QUIC_FT_MAX_STREAMS; |
|
7780
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2908 frame->u.max_streams.limit = ngx_max(f->limit * 2, NGX_QUIC_STREAMS_LIMIT); |
|
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2909 frame->u.max_streams.bidi = f->bidi; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2910 |
|
7780
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2911 c->quic->max_streams = frame->u.max_streams.limit; |
|
de8981bf2dd5
Advertizing MAX_STREAMS (0x12) credit in advance.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7778
diff
changeset
|
2912 |
|
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2913 ngx_sprintf(frame->info, "MAX_STREAMS limit:%d bidi:%d level=%d", |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2914 (int) frame->u.max_streams.limit, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2915 (int) frame->u.max_streams.bidi, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2916 frame->level); |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2917 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2918 ngx_quic_queue_frame(c->quic, frame); |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2919 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2920 return NGX_OK; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2921 } |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2922 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
2923 |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2924 static ngx_int_t |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2925 ngx_quic_handle_stream_data_blocked_frame(ngx_connection_t *c, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2926 ngx_quic_header_t *pkt, ngx_quic_stream_data_blocked_frame_t *f) |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2927 { |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
2928 size_t n; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
2929 ngx_buf_t *b; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
2930 ngx_quic_frame_t *frame; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
2931 ngx_quic_stream_t *sn; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
2932 ngx_quic_connection_t *qc; |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2933 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2934 qc = c->quic; |
|
7924
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2935 |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2936 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2937 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2938 { |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2939 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2940 return NGX_ERROR; |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2941 } |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2942 |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2943 sn = ngx_quic_find_stream(&qc->streams.tree, f->id); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2944 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2945 if (sn == NULL) { |
| 7838 | 2946 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 2947 "quic unknown stream id:%uL", f->id); | |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2948 return NGX_ERROR; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2949 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2950 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2951 b = sn->b; |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
2952 n = sn->fs.received + (b->pos - b->start) + (b->end - b->last); |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2953 |
| 7752 | 2954 frame = ngx_quic_alloc_frame(c, 0); |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2955 if (frame == NULL) { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2956 return NGX_ERROR; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2957 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2958 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2959 frame->level = pkt->level; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2960 frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2961 frame->u.max_stream_data.id = f->id; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2962 frame->u.max_stream_data.limit = n; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2963 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2964 ngx_sprintf(frame->info, "MAX_STREAM_DATA id:%d limit:%d level=%d", |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2965 (int) frame->u.max_stream_data.id, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2966 (int) frame->u.max_stream_data.limit, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2967 frame->level); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2968 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2969 ngx_quic_queue_frame(c->quic, frame); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2970 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2971 return NGX_OK; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2972 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2973 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
2974 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2975 static ngx_int_t |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2976 ngx_quic_handle_max_stream_data_frame(ngx_connection_t *c, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2977 ngx_quic_header_t *pkt, ngx_quic_max_stream_data_frame_t *f) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2978 { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2979 uint64_t sent; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2980 ngx_event_t *wev; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2981 ngx_quic_stream_t *sn; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2982 ngx_quic_connection_t *qc; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2983 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2984 qc = c->quic; |
|
7924
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2985 |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2986 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2987 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2988 { |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2989 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2990 return NGX_ERROR; |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2991 } |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2992 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2993 sn = ngx_quic_find_stream(&qc->streams.tree, f->id); |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2994 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2995 if (sn == NULL) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
2996 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unknown stream id:%uL", f->id); |
|
7924
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2997 |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2998 if (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) { |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
2999 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
3000 } |
|
8fc9fcf18608
Stream ID handling in MAX_STREAM_DATA and STREAM_DATA_BLOCKED.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7923
diff
changeset
|
3001 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3002 return NGX_ERROR; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3003 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3004 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3005 if (f->limit <= sn->send_max_data) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3006 return NGX_OK; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3007 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3008 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3009 sent = sn->c->sent; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3010 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3011 if (sent >= sn->send_max_data) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3012 wev = sn->c->write; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3013 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3014 if (wev->active) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3015 wev->ready = 1; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3016 ngx_post_event(wev, &ngx_posted_events); |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3017 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3018 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3019 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3020 sn->send_max_data = f->limit; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3021 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3022 return NGX_OK; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3023 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3024 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3025 |
|
7923
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3026 static ngx_int_t |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3027 ngx_quic_handle_reset_stream_frame(ngx_connection_t *c, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3028 ngx_quic_header_t *pkt, ngx_quic_reset_stream_frame_t *f) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3029 { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3030 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3031 "quic frame handler not implemented"); |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3032 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3033 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3034 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3035 { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3036 c->quic->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3037 return NGX_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3038 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3039 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3040 return NGX_OK; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3041 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3042 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3043 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3044 static ngx_int_t |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3045 ngx_quic_handle_stop_sending_frame(ngx_connection_t *c, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3046 ngx_quic_header_t *pkt, ngx_quic_stop_sending_frame_t *f) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3047 { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3048 ngx_quic_stream_t *sn; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3049 ngx_quic_connection_t *qc; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3050 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3051 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3052 "quic frame handler not implemented"); |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3053 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3054 qc = c->quic; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3055 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3056 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3057 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3058 { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3059 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3060 return NGX_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3061 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3062 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3063 sn = ngx_quic_find_stream(&qc->streams.tree, f->id); |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3064 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3065 if (sn == NULL) { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3066 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3067 "quic stream id 0x%xi is new", f->id); |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3068 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3069 if (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3070 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3071 return NGX_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3072 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3073 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3074 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3075 return NGX_OK; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3076 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3077 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
3078 |
| 7691 | 3079 static void |
| 3080 ngx_quic_queue_frame(ngx_quic_connection_t *qc, ngx_quic_frame_t *frame) | |
| 3081 { | |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3082 ngx_quic_send_ctx_t *ctx; |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3083 |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3084 ctx = ngx_quic_get_send_ctx(qc, frame->level); |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3085 |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3086 ngx_queue_insert_tail(&ctx->frames, &frame->queue); |
| 7775 | 3087 |
| 3088 /* TODO: check PUSH flag on stream and call output */ | |
| 3089 | |
| 3090 if (!qc->push.timer_set && !qc->closing) { | |
| 3091 ngx_add_timer(&qc->push, qc->tp.max_ack_delay); | |
| 3092 } | |
| 7691 | 3093 } |
| 3094 | |
| 3095 | |
| 3096 static ngx_int_t | |
| 3097 ngx_quic_output(ngx_connection_t *c) | |
| 3098 { | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3099 ngx_uint_t i; |
| 7691 | 3100 ngx_quic_connection_t *qc; |
| 3101 | |
| 7741 | 3102 c->log->action = "sending frames"; |
| 3103 | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3104 qc = c->quic; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3105 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3106 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
|
7809
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
3107 if (ngx_quic_output_frames(c, &qc->send_ctx[i]) != NGX_OK) { |
| 7691 | 3108 return NGX_ERROR; |
| 3109 } | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3110 } |
| 7691 | 3111 |
|
7788
d9bc33166361
Do not set timers after the connection is closed.
Vladimir Homutov <vl@nginx.com>
parents:
7787
diff
changeset
|
3112 if (!qc->send_timer_set && !qc->closing) { |
|
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
3113 qc->send_timer_set = 1; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
3114 ngx_add_timer(c->read, qc->tp.max_idle_timeout); |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
3115 } |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
3116 |
|
7846
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
3117 if (!qc->retransmit.timer_set && !qc->closing) { |
|
7926
70335ec6e5d4
Increased default initial retransmit timeout.
Vladimir Homutov <vl@nginx.com>
parents:
7925
diff
changeset
|
3118 ngx_add_timer(&qc->retransmit, |
|
70335ec6e5d4
Increased default initial retransmit timeout.
Vladimir Homutov <vl@nginx.com>
parents:
7925
diff
changeset
|
3119 qc->ctp.max_ack_delay + NGX_QUIC_HARDCODED_PTO); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3120 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3121 |
| 7691 | 3122 return NGX_OK; |
| 3123 } | |
| 3124 | |
| 3125 | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3126 static ngx_int_t |
|
7809
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
3127 ngx_quic_output_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3128 { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3129 size_t len, hlen, n; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3130 ngx_int_t rc; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3131 ngx_uint_t need_ack; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3132 ngx_queue_t *q, range; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3133 ngx_quic_frame_t *f; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3134 ngx_quic_congestion_t *cg; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3135 ngx_quic_connection_t *qc; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3136 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3137 qc = c->quic; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3138 cg = &qc->congestion; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3139 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3140 if (ngx_queue_empty(&ctx->frames)) { |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3141 return NGX_OK; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3142 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3143 |
|
7809
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
3144 q = ngx_queue_head(&ctx->frames); |
|
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
3145 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
3146 |
|
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
3147 /* all frames in same send_ctx share same level */ |
|
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
3148 hlen = (f->level == ssl_encryption_application) ? NGX_QUIC_MAX_SHORT_HEADER |
|
6ad871b63422
Cleaned up magic numbers in ngx_quic_output_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7808
diff
changeset
|
3149 : NGX_QUIC_MAX_LONG_HEADER; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3150 hlen += EVP_GCM_TLS_TAG_LEN; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3151 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3152 do { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3153 len = 0; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3154 need_ack = 0; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3155 ngx_queue_init(&range); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3156 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3157 do { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3158 /* process group of frames that fits into packet */ |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3159 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3160 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3161 n = ngx_quic_create_frame(NULL, f); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3162 |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
3163 if (len && hlen + len + n > qc->ctp.max_udp_payload_size) { |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3164 break; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3165 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3166 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3167 if (f->need_ack) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3168 need_ack = 1; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3169 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3170 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3171 if (need_ack && cg->in_flight + len + n > cg->window) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3172 break; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3173 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3174 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3175 q = ngx_queue_next(q); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3176 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3177 f->first = ngx_current_msec; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3178 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3179 ngx_queue_remove(&f->queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3180 ngx_queue_insert_tail(&range, &f->queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3181 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3182 len += n; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3183 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3184 } while (q != ngx_queue_sentinel(&ctx->frames)); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3185 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3186 if (ngx_queue_empty(&range)) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3187 break; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3188 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3189 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3190 rc = ngx_quic_send_frames(c, &range); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3191 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3192 if (rc == NGX_OK) { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3193 /* |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3194 * frames are moved into the sent queue |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3195 * to wait for ack/be retransmitted |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3196 */ |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3197 if (qc->closing) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3198 /* if we are closing, any ack will be discarded */ |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3199 ngx_quic_free_frames(c, &range); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3200 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3201 } else { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3202 ngx_queue_add(&ctx->sent, &range); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3203 } |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3204 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3205 cg->in_flight += len; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3206 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3207 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3208 "quic congestion send if:%uz", cg->in_flight); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3209 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3210 } else if (rc == NGX_DONE) { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3211 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3212 /* no ack is expected for this frames, can free them */ |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3213 ngx_quic_free_frames(c, &range); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3214 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3215 } else { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3216 return NGX_ERROR; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3217 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3218 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3219 } while (q != ngx_queue_sentinel(&ctx->frames)); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3220 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3221 return NGX_OK; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3222 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3223 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3224 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3225 static void |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3226 ngx_quic_free_frames(ngx_connection_t *c, ngx_queue_t *frames) |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3227 { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3228 ngx_queue_t *q; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3229 ngx_quic_frame_t *f; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3230 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3231 do { |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3232 q = ngx_queue_head(frames); |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3233 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3234 if (q == ngx_queue_sentinel(frames)) { |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3235 break; |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3236 } |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3237 |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3238 ngx_queue_remove(q); |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3239 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3240 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3241 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3242 ngx_quic_free_frame(c, f); |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3243 } while (1); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3244 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3245 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3246 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3247 static ngx_int_t |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3248 ngx_quic_send_frames(ngx_connection_t *c, ngx_queue_t *frames) |
| 7691 | 3249 { |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3250 ssize_t len; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3251 u_char *p; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3252 ngx_msec_t now; |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3253 ngx_str_t out, res; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3254 ngx_queue_t *q; |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
3255 ngx_ssl_conn_t *ssl_conn; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3256 ngx_quic_frame_t *f, *start; |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3257 ngx_quic_header_t pkt; |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
3258 ngx_quic_secrets_t *keys; |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3259 ngx_quic_send_ctx_t *ctx; |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3260 ngx_quic_connection_t *qc; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3261 static ngx_str_t initial_token = ngx_null_string; |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
3262 static u_char src[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
|
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
3263 static u_char dst[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
| 7691 | 3264 |
| 7836 | 3265 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3266 "quic ngx_quic_send_frames"); | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3267 |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
3268 ssl_conn = c->ssl ? c->ssl->connection : NULL; |
|
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
3269 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3270 q = ngx_queue_head(frames); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3271 start = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3272 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3273 ctx = ngx_quic_get_send_ctx(c->quic, start->level); |
| 7691 | 3274 |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3275 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
| 7691 | 3276 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3277 now = ngx_current_msec; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3278 |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3279 p = src; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3280 out.data = src; |
| 7691 | 3281 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3282 for (q = ngx_queue_head(frames); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3283 q != ngx_queue_sentinel(frames); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3284 q = ngx_queue_next(q)) |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3285 { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3286 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
| 7691 | 3287 |
| 7836 | 3288 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3289 "quic frame out: %s", f->info); | |
| 7691 | 3290 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3291 len = ngx_quic_create_frame(p, f); |
| 7691 | 3292 if (len == -1) { |
| 3293 return NGX_ERROR; | |
| 3294 } | |
| 3295 | |
|
7778
053fa468b044
Fixed missing propagation of need_ack flag from frames to packet.
Vladimir Homutov <vl@nginx.com>
parents:
7777
diff
changeset
|
3296 if (f->need_ack) { |
|
053fa468b044
Fixed missing propagation of need_ack flag from frames to packet.
Vladimir Homutov <vl@nginx.com>
parents:
7777
diff
changeset
|
3297 pkt.need_ack = 1; |
|
053fa468b044
Fixed missing propagation of need_ack flag from frames to packet.
Vladimir Homutov <vl@nginx.com>
parents:
7777
diff
changeset
|
3298 } |
|
053fa468b044
Fixed missing propagation of need_ack flag from frames to packet.
Vladimir Homutov <vl@nginx.com>
parents:
7777
diff
changeset
|
3299 |
| 7691 | 3300 p += len; |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3301 f->pnum = ctx->pnum; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3302 f->last = now; |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3303 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3304 |
| 7691 | 3305 out.len = p - out.data; |
| 3306 | |
|
7767
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7766
diff
changeset
|
3307 while (out.len < 4) { |
|
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7766
diff
changeset
|
3308 *p++ = NGX_QUIC_FT_PADDING; |
|
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7766
diff
changeset
|
3309 out.len++; |
|
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7766
diff
changeset
|
3310 } |
|
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7766
diff
changeset
|
3311 |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3312 qc = c->quic; |
| 7691 | 3313 |
|
7772
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
3314 keys = &c->quic->keys[start->level]; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
3315 |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
3316 pkt.secret = &keys->server; |
|
058a5af7ddfc
Refactored QUIC secrets storage.
Vladimir Homutov <vl@nginx.com>
parents:
7771
diff
changeset
|
3317 |
|
7847
262396242352
Reworked macros for parsing/assembling packet types.
Vladimir Homutov <vl@nginx.com>
parents:
7846
diff
changeset
|
3318 pkt.flags = NGX_QUIC_PKT_FIXED_BIT; |
|
262396242352
Reworked macros for parsing/assembling packet types.
Vladimir Homutov <vl@nginx.com>
parents:
7846
diff
changeset
|
3319 |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3320 if (start->level == ssl_encryption_initial) { |
|
7847
262396242352
Reworked macros for parsing/assembling packet types.
Vladimir Homutov <vl@nginx.com>
parents:
7846
diff
changeset
|
3321 pkt.flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_INITIAL; |
| 7691 | 3322 pkt.token = initial_token; |
| 3323 | |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3324 } else if (start->level == ssl_encryption_handshake) { |
|
7847
262396242352
Reworked macros for parsing/assembling packet types.
Vladimir Homutov <vl@nginx.com>
parents:
7846
diff
changeset
|
3325 pkt.flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_HANDSHAKE; |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3326 |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3327 } else { |
|
7847
262396242352
Reworked macros for parsing/assembling packet types.
Vladimir Homutov <vl@nginx.com>
parents:
7846
diff
changeset
|
3328 if (c->quic->key_phase) { |
|
262396242352
Reworked macros for parsing/assembling packet types.
Vladimir Homutov <vl@nginx.com>
parents:
7846
diff
changeset
|
3329 pkt.flags |= NGX_QUIC_PKT_KPHASE; |
|
262396242352
Reworked macros for parsing/assembling packet types.
Vladimir Homutov <vl@nginx.com>
parents:
7846
diff
changeset
|
3330 } |
| 7691 | 3331 } |
| 3332 | |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3333 ngx_quic_set_packet_number(&pkt, ctx); |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3334 |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3335 pkt.log = c->log; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3336 pkt.level = start->level; |
|
7821
e0abe17a2878
Removed source/destination swap from the function creating header.
Vladimir Homutov <vl@nginx.com>
parents:
7820
diff
changeset
|
3337 pkt.dcid = qc->scid; |
|
e0abe17a2878
Removed source/destination swap from the function creating header.
Vladimir Homutov <vl@nginx.com>
parents:
7820
diff
changeset
|
3338 pkt.scid = qc->dcid; |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3339 pkt.payload = out; |
|
7751
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
7750
diff
changeset
|
3340 |
|
7755
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
7754
diff
changeset
|
3341 res.data = dst; |
|
7751
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
7750
diff
changeset
|
3342 |
| 7836 | 3343 ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3344 "quic packet ready: %ui bytes at level %d" | |
| 3345 " need_ack: %d number: %L encoded %d:0x%xD", | |
| 3346 out.len, start->level, pkt.need_ack, pkt.number, | |
| 3347 pkt.num_len, pkt.trunc); | |
| 3348 | |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
3349 if (ngx_quic_encrypt(&pkt, ssl_conn, &res) != NGX_OK) { |
| 7691 | 3350 return NGX_ERROR; |
| 3351 } | |
| 3352 | |
| 7836 | 3353 #ifdef NGX_QUIC_DEBUG_PACKETS |
|
7837
f175006124d0
Cleaned up hexdumps in debug output.
Vladimir Homutov <vl@nginx.com>
parents:
7836
diff
changeset
|
3354 ngx_quic_hexdump(c->log, "quic packet to send", res.data, res.len); |
| 7836 | 3355 #endif |
| 7691 | 3356 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3357 len = c->send(c, res.data, res.len); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3358 if (len == NGX_ERROR || (size_t) len != res.len) { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3359 return NGX_ERROR; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3360 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3361 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3362 /* len == NGX_OK || NGX_AGAIN */ |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3363 ctx->pnum++; |
| 7691 | 3364 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3365 return pkt.need_ack ? NGX_OK : NGX_DONE; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3366 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3367 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3368 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3369 static void |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3370 ngx_quic_set_packet_number(ngx_quic_header_t *pkt, ngx_quic_send_ctx_t *ctx) |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3371 { |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3372 uint64_t delta; |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3373 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3374 delta = ctx->pnum - ctx->largest_ack; |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3375 pkt->number = ctx->pnum; |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3376 |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3377 if (delta <= 0x7F) { |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3378 pkt->num_len = 1; |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3379 pkt->trunc = ctx->pnum & 0xff; |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3380 |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3381 } else if (delta <= 0x7FFF) { |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3382 pkt->num_len = 2; |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3383 pkt->flags |= 0x1; |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3384 pkt->trunc = ctx->pnum & 0xffff; |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3385 |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3386 } else if (delta <= 0x7FFFFF) { |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3387 pkt->num_len = 3; |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3388 pkt->flags |= 0x2; |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3389 pkt->trunc = ctx->pnum & 0xffffff; |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3390 |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3391 } else { |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3392 pkt->num_len = 4; |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3393 pkt->flags |= 0x3; |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3394 pkt->trunc = ctx->pnum & 0xffffffff; |
|
7781
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3395 } |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3396 } |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3397 |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3398 |
|
fdda518d10ba
Proper handling of packet number in header.
Vladimir Homutov <vl@nginx.com>
parents:
7780
diff
changeset
|
3399 static void |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3400 ngx_quic_retransmit_handler(ngx_event_t *ev) |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3401 { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3402 ngx_uint_t i; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3403 ngx_msec_t wait, nswait; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3404 ngx_connection_t *c; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3405 ngx_quic_connection_t *qc; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3406 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3407 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, |
| 7836 | 3408 "quic retransmit timer"); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3409 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3410 c = ev->data; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3411 qc = c->quic; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3412 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3413 wait = 0; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3414 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3415 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3416 if (ngx_quic_retransmit(c, &qc->send_ctx[i], &nswait) != NGX_OK) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3417 ngx_quic_close_connection(c, NGX_ERROR); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3418 return; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3419 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3420 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3421 if (i == 0) { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3422 wait = nswait; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3423 |
|
7869
5ffb21c5c93d
Fixed frame retransmissions.
Vladimir Homutov <vl@nginx.com>
parents:
7865
diff
changeset
|
3424 } else if (nswait > 0 && (wait == 0 || wait > nswait)) { |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3425 wait = nswait; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3426 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3427 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3428 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3429 if (wait > 0) { |
|
7846
bddf704d62c1
Renamed retransmit event object in preparation for retry support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7845
diff
changeset
|
3430 ngx_add_timer(&qc->retransmit, wait); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3431 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3432 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3433 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3434 |
| 7775 | 3435 static void |
| 3436 ngx_quic_push_handler(ngx_event_t *ev) | |
| 3437 { | |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3438 ngx_connection_t *c; |
| 7775 | 3439 |
| 7836 | 3440 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic push timer"); |
| 7775 | 3441 |
| 3442 c = ev->data; | |
| 3443 | |
| 3444 if (ngx_quic_output(c) != NGX_OK) { | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3445 ngx_quic_close_connection(c, NGX_ERROR); |
| 7775 | 3446 return; |
| 3447 } | |
| 3448 } | |
| 3449 | |
| 3450 | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3451 static ngx_int_t |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3452 ngx_quic_retransmit(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3453 ngx_msec_t *waitp) |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3454 { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3455 uint64_t pn; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3456 ngx_msec_t now, wait; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3457 ngx_queue_t *q, range; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3458 ngx_quic_frame_t *f, *start; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3459 ngx_quic_connection_t *qc; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3460 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3461 qc = c->quic; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3462 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3463 now = ngx_current_msec; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3464 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3465 if (ngx_queue_empty(&ctx->sent)) { |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3466 *waitp = 0; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3467 return NGX_OK; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3468 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3469 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3470 q = ngx_queue_head(&ctx->sent); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3471 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3472 do { |
|
7840
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3473 start = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3474 |
|
7926
70335ec6e5d4
Increased default initial retransmit timeout.
Vladimir Homutov <vl@nginx.com>
parents:
7925
diff
changeset
|
3475 wait = start->last + qc->ctp.max_ack_delay |
|
70335ec6e5d4
Increased default initial retransmit timeout.
Vladimir Homutov <vl@nginx.com>
parents:
7925
diff
changeset
|
3476 + NGX_QUIC_HARDCODED_PTO - now; |
|
7840
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3477 |
|
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3478 if ((ngx_msec_int_t) wait > 0) { |
|
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3479 break; |
|
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3480 } |
|
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3481 |
|
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3482 pn = start->pnum; |
|
d3395396ce51
Fixed packet retransmission.
Roman Arutyunyan <arut@nginx.com>
parents:
7839
diff
changeset
|
3483 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3484 ngx_queue_init(&range); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3485 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3486 /* send frames with same packet number to the wire */ |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3487 do { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3488 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3489 |
| 7865 | 3490 if (now - start->first > qc->tp.max_idle_timeout) { |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3491 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
| 7838 | 3492 "quic retransmission timeout"); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3493 return NGX_DECLINED; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3494 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3495 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3496 if (f->pnum != pn) { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3497 break; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3498 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3499 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3500 q = ngx_queue_next(q); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3501 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3502 ngx_queue_remove(&f->queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3503 ngx_queue_insert_tail(&range, &f->queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3504 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3505 } while (q != ngx_queue_sentinel(&ctx->sent)); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3506 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3507 ngx_quic_congestion_lost(c, start->last); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3508 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3509 /* NGX_DONE is impossible here, such frames don't get into this queue */ |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3510 if (ngx_quic_send_frames(c, &range) != NGX_OK) { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3511 return NGX_ERROR; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3512 } |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3513 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3514 /* move frames group to the end of queue */ |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3515 ngx_queue_add(&ctx->sent, &range); |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3516 |
|
7926
70335ec6e5d4
Increased default initial retransmit timeout.
Vladimir Homutov <vl@nginx.com>
parents:
7925
diff
changeset
|
3517 wait = qc->ctp.max_ack_delay + NGX_QUIC_HARDCODED_PTO; |
|
7869
5ffb21c5c93d
Fixed frame retransmissions.
Vladimir Homutov <vl@nginx.com>
parents:
7865
diff
changeset
|
3518 |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
3519 } while (q != ngx_queue_sentinel(&ctx->sent)); |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3520 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3521 *waitp = wait; |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
3522 |
| 7691 | 3523 return NGX_OK; |
| 3524 } | |
| 3525 | |
| 3526 | |
| 3527 ngx_connection_t * | |
| 3528 ngx_quic_create_uni_stream(ngx_connection_t *c) | |
| 3529 { | |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3530 ngx_uint_t id; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3531 ngx_quic_stream_t *qs, *sn; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3532 ngx_quic_connection_t *qc; |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3533 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3534 qs = c->qs; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3535 qc = qs->parent->quic; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3536 |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3537 id = (qc->streams.id_counter << 2) |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3538 | NGX_QUIC_STREAM_SERVER_INITIATED |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3539 | NGX_QUIC_STREAM_UNIDIRECTIONAL; |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3540 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3541 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 3542 "quic creating server uni stream #%ui id %ui", |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3543 qc->streams.id_counter, id); |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3544 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3545 qc->streams.id_counter++; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3546 |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3547 sn = ngx_quic_create_stream(qs->parent, id, 0); |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3548 if (sn == NULL) { |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3549 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3550 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3551 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3552 return sn->c; |
| 7691 | 3553 } |
| 3554 | |
| 3555 | |
| 3556 static void | |
| 3557 ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, | |
| 3558 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel) | |
| 3559 { | |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3560 ngx_rbtree_node_t **p; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3561 ngx_quic_stream_t *qn, *qnt; |
| 7691 | 3562 |
| 3563 for ( ;; ) { | |
|
7750
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3564 qn = (ngx_quic_stream_t *) node; |
|
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3565 qnt = (ngx_quic_stream_t *) temp; |
| 7691 | 3566 |
|
7750
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3567 p = (qn->id < qnt->id) ? &temp->left : &temp->right; |
| 7691 | 3568 |
| 3569 if (*p == sentinel) { | |
| 3570 break; | |
| 3571 } | |
| 3572 | |
| 3573 temp = *p; | |
| 3574 } | |
| 3575 | |
| 3576 *p = node; | |
| 3577 node->parent = temp; | |
| 3578 node->left = sentinel; | |
| 3579 node->right = sentinel; | |
| 3580 ngx_rbt_red(node); | |
| 3581 } | |
| 3582 | |
| 3583 | |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3584 static ngx_quic_stream_t * |
|
7750
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3585 ngx_quic_find_stream(ngx_rbtree_t *rbtree, uint64_t id) |
| 7691 | 3586 { |
| 3587 ngx_rbtree_node_t *node, *sentinel; | |
|
7750
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3588 ngx_quic_stream_t *qn; |
| 7691 | 3589 |
| 3590 node = rbtree->root; | |
| 3591 sentinel = rbtree->sentinel; | |
| 3592 | |
| 3593 while (node != sentinel) { | |
|
7750
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3594 qn = (ngx_quic_stream_t *) node; |
| 7691 | 3595 |
|
7750
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3596 if (id == qn->id) { |
|
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3597 return qn; |
| 7691 | 3598 } |
| 3599 | |
|
7750
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
7748
diff
changeset
|
3600 node = (id < qn->id) ? node->left : node->right; |
| 7691 | 3601 } |
| 3602 | |
| 3603 return NULL; | |
| 3604 } | |
| 3605 | |
| 3606 | |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3607 static ngx_quic_stream_t * |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3608 ngx_quic_create_stream(ngx_connection_t *c, uint64_t id, size_t rcvbuf_size) |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3609 { |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3610 ngx_log_t *log; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3611 ngx_pool_t *pool; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3612 ngx_quic_stream_t *sn; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3613 ngx_pool_cleanup_t *cln; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3614 ngx_quic_connection_t *qc; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3615 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3616 qc = c->quic; |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3617 |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3618 pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3619 if (pool == NULL) { |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3620 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3621 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3622 |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3623 sn = ngx_pcalloc(pool, sizeof(ngx_quic_stream_t)); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3624 if (sn == NULL) { |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3625 ngx_destroy_pool(pool); |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3626 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3627 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3628 |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3629 sn->node.key = id; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3630 sn->parent = c; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3631 sn->id = id; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3632 |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3633 sn->b = ngx_create_temp_buf(pool, rcvbuf_size); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3634 if (sn->b == NULL) { |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3635 ngx_destroy_pool(pool); |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3636 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3637 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3638 |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3639 ngx_queue_init(&sn->fs.frames); |
|
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
3640 |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3641 log = ngx_palloc(pool, sizeof(ngx_log_t)); |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3642 if (log == NULL) { |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3643 ngx_destroy_pool(pool); |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3644 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3645 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3646 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3647 *log = *c->log; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3648 pool->log = log; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3649 |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3650 sn->c = ngx_get_connection(-1, log); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3651 if (sn->c == NULL) { |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3652 ngx_destroy_pool(pool); |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3653 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3654 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3655 |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3656 sn->c->qs = sn; |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3657 sn->c->pool = pool; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3658 sn->c->ssl = c->ssl; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3659 sn->c->sockaddr = c->sockaddr; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3660 sn->c->listening = c->listening; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3661 sn->c->addr_text = c->addr_text; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3662 sn->c->local_sockaddr = c->local_sockaddr; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3663 sn->c->number = ngx_atomic_fetch_add(ngx_connection_counter, 1); |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3664 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3665 sn->c->recv = ngx_quic_stream_recv; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3666 sn->c->send = ngx_quic_stream_send; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3667 sn->c->send_chain = ngx_quic_stream_send_chain; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3668 |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3669 sn->c->read->log = c->log; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3670 sn->c->write->log = c->log; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3671 |
|
7839
44cac24aaa44
Assign connection number to every QUIC stream log.
Roman Arutyunyan <arut@nginx.com>
parents:
7838
diff
changeset
|
3672 log->connection = sn->c->number; |
|
44cac24aaa44
Assign connection number to every QUIC stream log.
Roman Arutyunyan <arut@nginx.com>
parents:
7838
diff
changeset
|
3673 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3674 if ((id & NGX_QUIC_STREAM_UNIDIRECTIONAL) == 0 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3675 || (id & NGX_QUIC_STREAM_SERVER_INITIATED)) |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3676 { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3677 sn->c->write->ready = 1; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3678 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3679 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3680 if (id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3681 if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3682 sn->send_max_data = qc->ctp.initial_max_stream_data_uni; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3683 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3684 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3685 } else { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3686 if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3687 sn->send_max_data = qc->ctp.initial_max_stream_data_bidi_remote; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3688 } else { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3689 sn->send_max_data = qc->ctp.initial_max_stream_data_bidi_local; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3690 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3691 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3692 |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3693 cln = ngx_pool_cleanup_add(pool, 0); |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3694 if (cln == NULL) { |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3695 ngx_close_connection(sn->c); |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3696 ngx_destroy_pool(pool); |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3697 return NULL; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3698 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3699 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3700 cln->handler = ngx_quic_stream_cleanup_handler; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3701 cln->data = sn->c; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3702 |
|
7748
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3703 ngx_rbtree_insert(&c->quic->streams.tree, &sn->node); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
7747
diff
changeset
|
3704 |
|
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3705 return sn; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3706 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3707 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
3708 |
| 7691 | 3709 static ssize_t |
| 3710 ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, size_t size) | |
| 3711 { | |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3712 ssize_t len; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3713 ngx_buf_t *b; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3714 ngx_event_t *rev; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3715 ngx_connection_t *pc; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3716 ngx_quic_frame_t *frame; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3717 ngx_quic_stream_t *qs; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3718 ngx_quic_connection_t *qc; |
| 7691 | 3719 |
| 3720 qs = c->qs; | |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3721 b = qs->b; |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3722 pc = qs->parent; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3723 qc = pc->quic; |
|
7745
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3724 rev = c->read; |
| 7691 | 3725 |
| 7836 | 3726 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3727 "quic stream id 0x%xi recv: eof:%d, avail:%z", | |
| 3728 qs->id, rev->pending_eof, b->last - b->pos); | |
|
7745
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3729 |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
3730 if (b->pos == b->last) { |
|
7745
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3731 rev->ready = 0; |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3732 |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3733 if (rev->pending_eof) { |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3734 rev->eof = 1; |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3735 return 0; |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3736 } |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7744
diff
changeset
|
3737 |
| 7836 | 3738 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3739 "quic stream id 0x%xi recv() not ready", qs->id); | |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
3740 return NGX_AGAIN; |
| 7691 | 3741 } |
| 3742 | |
| 3743 len = ngx_min(b->last - b->pos, (ssize_t) size); | |
| 3744 | |
| 3745 ngx_memcpy(buf, b->pos, len); | |
| 3746 | |
| 3747 b->pos += len; | |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3748 qc->streams.received += len; |
| 7691 | 3749 |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
3750 if (b->pos == b->last) { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
3751 b->pos = b->start; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
3752 b->last = b->start; |
|
7760
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
7759
diff
changeset
|
3753 rev->ready = rev->pending_eof; |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
3754 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
3755 |
| 7836 | 3756 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3757 "quic stream id 0x%xi recv: %z of %uz", qs->id, len, size); | |
| 7691 | 3758 |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3759 if (!rev->pending_eof) { |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3760 frame = ngx_quic_alloc_frame(pc, 0); |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3761 if (frame == NULL) { |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3762 return NGX_ERROR; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3763 } |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3764 |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3765 frame->level = ssl_encryption_application; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3766 frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3767 frame->u.max_stream_data.id = qs->id; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3768 frame->u.max_stream_data.limit = qs->fs.received + (b->pos - b->start) |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3769 + (b->end - b->last); |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3770 |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3771 ngx_sprintf(frame->info, "MAX_STREAM_DATA id:%d limit:%d l=%d on recv", |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3772 (int) frame->u.max_stream_data.id, |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3773 (int) frame->u.max_stream_data.limit, |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3774 frame->level); |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3775 |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3776 ngx_quic_queue_frame(pc->quic, frame); |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3777 } |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3778 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3779 if ((qc->streams.recv_max_data / 2) < qc->streams.received) { |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3780 |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3781 frame = ngx_quic_alloc_frame(pc, 0); |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3782 |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3783 if (frame == NULL) { |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3784 return NGX_ERROR; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3785 } |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3786 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3787 qc->streams.recv_max_data *= 2; |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3788 |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3789 frame->level = ssl_encryption_application; |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3790 frame->type = NGX_QUIC_FT_MAX_DATA; |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3791 frame->u.max_data.max_data = qc->streams.recv_max_data; |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3792 |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3793 ngx_sprintf(frame->info, "MAX_DATA max_data:%d level=%d on recv", |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3794 (int) frame->u.max_data.max_data, frame->level); |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3795 |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3796 ngx_quic_queue_frame(pc->quic, frame); |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3797 |
| 7836 | 3798 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3799 "quic stream id 0x%xi recv: increased max data: %ui", | |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3800 qs->id, qc->streams.recv_max_data); |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3801 } |
|
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
3802 |
| 7691 | 3803 return len; |
| 3804 } | |
| 3805 | |
| 3806 | |
| 3807 static ssize_t | |
| 3808 ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, size_t size) | |
| 3809 { | |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3810 u_char *p, *end; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3811 size_t fsize, limit, n, len; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3812 uint64_t sent, unacked; |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3813 ngx_connection_t *pc; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3814 ngx_quic_frame_t *frame; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3815 ngx_quic_stream_t *qs; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3816 ngx_quic_connection_t *qc; |
| 7691 | 3817 |
| 3818 qs = c->qs; | |
| 3819 pc = qs->parent; | |
| 3820 qc = pc->quic; | |
| 3821 | |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3822 if (qc->closing) { |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3823 return NGX_ERROR; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3824 } |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3825 |
| 7836 | 3826 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3827 "quic stream id 0x%xi send: %uz", qs->id, size); | |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3828 |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3829 /* |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3830 * we need to fit at least 1 frame into a packet, thus account head/tail; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3831 * 25 = 1 + 8x3 is max header for STREAM frame, with 1 byte for frame type |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3832 */ |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
3833 limit = qc->ctp.max_udp_payload_size - NGX_QUIC_MAX_SHORT_HEADER - 25 |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3834 - EVP_GCM_TLS_TAG_LEN; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3835 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3836 len = size; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3837 sent = c->sent; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3838 unacked = sent - qs->acked; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3839 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3840 if (qc->streams.send_max_data == 0) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3841 qc->streams.send_max_data = qc->ctp.initial_max_data; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3842 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3843 |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3844 if (unacked >= NGX_QUIC_STREAM_BUFSIZE) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3845 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3846 "quic send hit buffer size"); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3847 len = 0; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3848 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3849 } else if (unacked + len > NGX_QUIC_STREAM_BUFSIZE) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3850 len = NGX_QUIC_STREAM_BUFSIZE - unacked; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3851 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3852 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3853 if (qc->streams.sent >= qc->streams.send_max_data) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3854 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3855 "quic send hit MAX_DATA"); |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3856 len = 0; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3857 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3858 } else if (qc->streams.sent + len > qc->streams.send_max_data) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3859 len = qc->streams.send_max_data - qc->streams.sent; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3860 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3861 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3862 if (sent >= qs->send_max_data) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3863 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3864 "quic send hit MAX_STREAM_DATA"); |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3865 len = 0; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3866 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3867 } else if (sent + len > qs->send_max_data) { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3868 len = qs->send_max_data - sent; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3869 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3870 |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3871 p = (u_char *) buf; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3872 end = (u_char *) buf + len; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3873 n = 0; |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3874 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3875 while (p < end) { |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3876 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3877 fsize = ngx_min(limit, (size_t) (end - p)); |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3878 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3879 frame = ngx_quic_alloc_frame(pc, fsize); |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3880 if (frame == NULL) { |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3881 return 0; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3882 } |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3883 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3884 ngx_memcpy(frame->data, p, fsize); |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3885 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3886 frame->level = ssl_encryption_application; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3887 frame->type = NGX_QUIC_FT_STREAM6; /* OFF=1 LEN=1 FIN=0 */ |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3888 frame->u.stream.off = 1; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3889 frame->u.stream.len = 1; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3890 frame->u.stream.fin = 0; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3891 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3892 frame->u.stream.type = frame->type; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3893 frame->u.stream.stream_id = qs->id; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3894 frame->u.stream.offset = c->sent; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3895 frame->u.stream.length = fsize; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3896 frame->u.stream.data = frame->data; |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3897 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3898 c->sent += fsize; |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3899 qc->streams.sent += fsize; |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3900 p += fsize; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3901 n += fsize; |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3902 |
| 7836 | 3903 ngx_sprintf(frame->info, "stream 0x%xi len=%ui level=%d", |
|
7822
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3904 qs->id, fsize, frame->level); |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3905 |
|
6481427ca3fc
Respecting maximum packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7821
diff
changeset
|
3906 ngx_quic_queue_frame(qc, frame); |
| 7691 | 3907 } |
| 3908 | |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3909 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3910 "quic send %uz of %uz, sent:%O, unacked:%uL", |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
3911 n, size, c->sent, (uint64_t) c->sent - qs->acked); |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3912 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3913 if (n != size) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3914 c->write->ready = 0; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3915 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3916 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3917 if (n == 0) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3918 return NGX_AGAIN; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3919 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3920 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
3921 return n; |
| 7691 | 3922 } |
| 3923 | |
| 3924 | |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3925 static void |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3926 ngx_quic_stream_cleanup_handler(void *data) |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3927 { |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3928 ngx_connection_t *c = data; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3929 |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3930 ngx_connection_t *pc; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3931 ngx_quic_frame_t *frame; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3932 ngx_quic_stream_t *qs; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3933 ngx_quic_connection_t *qc; |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3934 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3935 qs = c->qs; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3936 pc = qs->parent; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3937 qc = pc->quic; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3938 |
| 7836 | 3939 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3940 "quic stream id 0x%xi cleanup", qs->id); | |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3941 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3942 ngx_rbtree_delete(&qc->streams.tree, &qs->node); |
|
7825
d42b50d239f4
Fixed memory leak with reordered stream frames.
Vladimir Homutov <vl@nginx.com>
parents:
7823
diff
changeset
|
3943 ngx_quic_free_frames(pc, &qs->fs.frames); |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3944 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3945 if (qc->closing) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
3946 /* schedule handler call to continue ngx_quic_close_connection() */ |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3947 ngx_post_event(pc->read, &ngx_posted_events); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3948 return; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3949 } |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
3950 |
|
7746
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7745
diff
changeset
|
3951 if ((qs->id & 0x03) == NGX_QUIC_STREAM_UNIDIRECTIONAL) { |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3952 /* do not send fin for client unidirectional streams */ |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3953 return; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3954 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3955 |
| 7836 | 3956 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 3957 "quic stream id 0x%xi send fin", qs->id); | |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3958 |
| 7752 | 3959 frame = ngx_quic_alloc_frame(pc, 0); |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3960 if (frame == NULL) { |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3961 return; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3962 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3963 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3964 frame->level = ssl_encryption_application; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3965 frame->type = NGX_QUIC_FT_STREAM7; /* OFF=1 LEN=1 FIN=1 */ |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3966 frame->u.stream.off = 1; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3967 frame->u.stream.len = 1; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3968 frame->u.stream.fin = 1; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3969 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3970 frame->u.stream.type = frame->type; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3971 frame->u.stream.stream_id = qs->id; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3972 frame->u.stream.offset = c->sent; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3973 frame->u.stream.length = 0; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3974 frame->u.stream.data = NULL; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3975 |
| 7836 | 3976 ngx_sprintf(frame->info, "stream 0x%xi fin=1 level=%d", |
| 3977 qs->id, frame->level); | |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3978 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3979 ngx_quic_queue_frame(qc, frame); |
|
7759
1ec905f4d851
Push QUIC stream frames in send() and cleanup handler.
Roman Arutyunyan <arut@nginx.com>
parents:
7756
diff
changeset
|
3980 |
|
1ec905f4d851
Push QUIC stream frames in send() and cleanup handler.
Roman Arutyunyan <arut@nginx.com>
parents:
7756
diff
changeset
|
3981 (void) ngx_quic_output(pc); |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3982 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3983 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
3984 |
| 7691 | 3985 static ngx_chain_t * |
| 3986 ngx_quic_stream_send_chain(ngx_connection_t *c, ngx_chain_t *in, | |
| 3987 off_t limit) | |
| 3988 { | |
| 3989 size_t len; | |
| 3990 ssize_t n; | |
| 3991 ngx_buf_t *b; | |
| 3992 | |
| 3993 for ( /* void */; in; in = in->next) { | |
| 3994 b = in->buf; | |
| 3995 | |
| 3996 if (!ngx_buf_in_memory(b)) { | |
| 3997 continue; | |
| 3998 } | |
| 3999 | |
| 4000 if (ngx_buf_size(b) == 0) { | |
| 4001 continue; | |
| 4002 } | |
| 4003 | |
| 4004 len = b->last - b->pos; | |
| 4005 | |
| 4006 n = ngx_quic_stream_send(c, b->pos, len); | |
| 4007 | |
| 4008 if (n == NGX_ERROR) { | |
| 4009 return NGX_CHAIN_ERROR; | |
| 4010 } | |
| 4011 | |
| 4012 if (n == NGX_AGAIN) { | |
| 4013 return in; | |
| 4014 } | |
| 4015 | |
|
7827
47dac6e0521a
Fixed QUIC buffer consumption in send_chain().
Roman Arutyunyan <arut@nginx.com>
parents:
7825
diff
changeset
|
4016 b->pos += n; |
|
47dac6e0521a
Fixed QUIC buffer consumption in send_chain().
Roman Arutyunyan <arut@nginx.com>
parents:
7825
diff
changeset
|
4017 |
| 7691 | 4018 if (n != (ssize_t) len) { |
| 4019 return in; | |
| 4020 } | |
| 4021 } | |
| 4022 | |
| 4023 return NULL; | |
| 4024 } | |
| 7752 | 4025 |
| 4026 | |
| 4027 static ngx_quic_frame_t * | |
| 4028 ngx_quic_alloc_frame(ngx_connection_t *c, size_t size) | |
| 4029 { | |
| 4030 u_char *p; | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4031 ngx_queue_t *q; |
| 7752 | 4032 ngx_quic_frame_t *frame; |
| 4033 ngx_quic_connection_t *qc; | |
| 4034 | |
| 4035 if (size) { | |
| 4036 p = ngx_alloc(size, c->log); | |
| 4037 if (p == NULL) { | |
| 4038 return NULL; | |
| 4039 } | |
| 4040 | |
| 4041 } else { | |
| 4042 p = NULL; | |
| 4043 } | |
| 4044 | |
| 4045 qc = c->quic; | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4046 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4047 if (!ngx_queue_empty(&qc->free_frames)) { |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4048 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4049 q = ngx_queue_head(&qc->free_frames); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4050 frame = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4051 |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4052 ngx_queue_remove(&frame->queue); |
| 7752 | 4053 |
| 7836 | 4054 #ifdef NGX_QUIC_DEBUG_FRAMES_ALLOC |
| 7752 | 4055 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 4056 "quic reuse frame n:%ui", qc->nframes); |
| 4057 #endif | |
| 7752 | 4058 |
| 4059 } else { | |
| 4060 frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); | |
| 4061 if (frame == NULL) { | |
| 4062 ngx_free(p); | |
| 4063 return NULL; | |
| 4064 } | |
| 4065 | |
| 4066 #if (NGX_DEBUG) | |
| 4067 ++qc->nframes; | |
| 4068 #endif | |
| 4069 | |
| 7836 | 4070 #ifdef NGX_QUIC_DEBUG_FRAMES_ALLOC |
| 7752 | 4071 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 4072 "quic alloc frame n:%ui", qc->nframes); |
| 4073 #endif | |
| 7752 | 4074 } |
| 4075 | |
| 4076 ngx_memzero(frame, sizeof(ngx_quic_frame_t)); | |
| 4077 | |
| 4078 frame->data = p; | |
| 4079 | |
| 4080 return frame; | |
| 4081 } | |
| 4082 | |
| 4083 | |
| 4084 static void | |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4085 ngx_quic_congestion_ack(ngx_connection_t *c, ngx_quic_frame_t *f) |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4086 { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4087 ssize_t n; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4088 ngx_msec_t timer; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4089 ngx_quic_congestion_t *cg; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4090 ngx_quic_connection_t *qc; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4091 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4092 qc = c->quic; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4093 cg = &qc->congestion; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4094 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4095 n = ngx_quic_create_frame(NULL, f); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4096 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4097 cg->in_flight -= n; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4098 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4099 timer = f->last - cg->recovery_start; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4100 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4101 if ((ngx_msec_int_t) timer <= 0) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4102 return; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4103 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4104 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4105 if (cg->window < cg->ssthresh) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4106 cg->window += n; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4107 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4108 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4109 "quic congestion slow start win:%uz, ss:%uz, if:%uz", |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4110 cg->window, cg->ssthresh, cg->in_flight); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4111 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4112 } else { |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
4113 cg->window += qc->tp.max_udp_payload_size * n / cg->window; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4114 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4115 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4116 "quic congestion avoidance win:%uz, ss:%uz, if:%uz", |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4117 cg->window, cg->ssthresh, cg->in_flight); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4118 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4119 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4120 /* prevent recovery_start from wrapping */ |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4121 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4122 timer = cg->recovery_start - ngx_current_msec + qc->tp.max_idle_timeout * 2; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4123 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4124 if ((ngx_msec_int_t) timer < 0) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4125 cg->recovery_start = ngx_current_msec - qc->tp.max_idle_timeout * 2; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4126 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4127 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4128 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4129 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4130 static void |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4131 ngx_quic_congestion_lost(ngx_connection_t *c, ngx_msec_t sent) |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4132 { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4133 ngx_msec_t timer; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4134 ngx_quic_congestion_t *cg; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4135 ngx_quic_connection_t *qc; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4136 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4137 qc = c->quic; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4138 cg = &qc->congestion; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4139 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4140 timer = sent - cg->recovery_start; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4141 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4142 if ((ngx_msec_int_t) timer <= 0) { |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4143 return; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4144 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4145 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4146 cg->recovery_start = ngx_current_msec; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4147 cg->window /= 2; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4148 |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
4149 if (cg->window < qc->tp.max_udp_payload_size * 2) { |
|
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
4150 cg->window = qc->tp.max_udp_payload_size * 2; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4151 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4152 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4153 cg->ssthresh = cg->window; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4154 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4155 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4156 "quic congestion lost win:%uz, ss:%uz, if:%uz", |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4157 cg->window, cg->ssthresh, cg->in_flight); |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4158 } |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4159 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4160 |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
4161 static void |
| 7752 | 4162 ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame) |
| 4163 { | |
| 4164 ngx_quic_connection_t *qc; | |
| 4165 | |
| 4166 qc = c->quic; | |
| 4167 | |
| 4168 if (frame->data) { | |
| 4169 ngx_free(frame->data); | |
| 7871 | 4170 frame->data = NULL; |
| 7752 | 4171 } |
| 4172 | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
4173 ngx_queue_insert_head(&qc->free_frames, &frame->queue); |
| 7752 | 4174 |
| 7836 | 4175 #ifdef NGX_QUIC_DEBUG_FRAMES_ALLOC |
| 7752 | 4176 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 4177 "quic free frame n:%ui", qc->nframes); |
| 4178 #endif | |
| 7752 | 4179 } |