Mercurial > hg > nginx-quic
annotate src/event/quic/ngx_event_quic.c @ 8559:75daac63f798 quic
QUIC: fixed dead store assignment.
Found by Clang Static Analyzer.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 24 Aug 2021 13:03:46 +0300 |
parents | a9f6540e61da |
children | cbbe901c199d |
rev | line source |
---|---|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
2 /* |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
4 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
5 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
6 |
7637 | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
9 #include <ngx_event.h> |
8386
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8385
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
11 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
12 |
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
13 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
14 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
15 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
16 ngx_quic_header_t *pkt); |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
17 static void ngx_quic_input_handler(ngx_event_t *rev); |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
18 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
19 static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
20 static void ngx_quic_close_timer_handler(ngx_event_t *ev); |
7691 | 21 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
22 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
23 ngx_quic_conf_t *conf); |
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
24 static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
25 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
26 static ngx_int_t ngx_quic_process_payload(ngx_connection_t *c, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
27 ngx_quic_header_t *pkt); |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
28 static ngx_int_t ngx_quic_check_csid(ngx_quic_connection_t *qc, |
7838 | 29 ngx_quic_header_t *pkt); |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
30 static ngx_int_t ngx_quic_handle_frames(ngx_connection_t *c, |
7691 | 31 ngx_quic_header_t *pkt); |
8411
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8410
diff
changeset
|
32 |
7775 | 33 static void ngx_quic_push_handler(ngx_event_t *ev); |
7691 | 34 |
35 | |
8267 | 36 static ngx_core_module_t ngx_quic_module_ctx = { |
37 ngx_string("quic"), | |
38 NULL, | |
39 NULL | |
40 }; | |
41 | |
42 | |
43 ngx_module_t ngx_quic_module = { | |
44 NGX_MODULE_V1, | |
45 &ngx_quic_module_ctx, /* module context */ | |
46 NULL, /* module directives */ | |
47 NGX_CORE_MODULE, /* module type */ | |
48 NULL, /* init master */ | |
49 NULL, /* init module */ | |
50 NULL, /* init process */ | |
51 NULL, /* init thread */ | |
52 NULL, /* exit thread */ | |
53 NULL, /* exit process */ | |
54 NULL, /* exit master */ | |
55 NGX_MODULE_V1_PADDING | |
56 }; | |
57 | |
58 | |
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
59 #if (NGX_DEBUG) |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
60 |
8411
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8410
diff
changeset
|
61 void |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
62 ngx_quic_connstate_dbg(ngx_connection_t *c) |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
63 { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
64 u_char *p, *last; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
65 ngx_quic_connection_t *qc; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
66 u_char buf[NGX_MAX_ERROR_STR]; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
67 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
68 p = buf; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
69 last = p + sizeof(buf); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
70 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
71 qc = ngx_quic_get_connection(c); |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
72 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
73 p = ngx_slprintf(p, last, "state:"); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
74 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
75 if (qc) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
76 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
77 if (qc->error) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
78 p = ngx_slprintf(p, last, "%s", qc->error_app ? " app" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
79 p = ngx_slprintf(p, last, " error:%ui", qc->error); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
80 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
81 if (qc->error_reason) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
82 p = ngx_slprintf(p, last, " \"%s\"", qc->error_reason); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
83 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
84 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
85 |
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
86 p = ngx_slprintf(p, last, "%s", qc->shutdown ? " shutdown" : ""); |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
87 p = ngx_slprintf(p, last, "%s", qc->closing ? " closing" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
88 p = ngx_slprintf(p, last, "%s", qc->draining ? " draining" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
89 p = ngx_slprintf(p, last, "%s", qc->key_phase ? " kp" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
90 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
91 } else { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
92 p = ngx_slprintf(p, last, " early"); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
93 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
94 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
95 if (c->read->timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
96 p = ngx_slprintf(p, last, |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
97 qc && qc->send_timer_set ? " send:%M" : " read:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
98 c->read->timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
99 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
100 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
101 if (qc) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
102 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
103 if (qc->push.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
104 p = ngx_slprintf(p, last, " push:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
105 qc->push.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
106 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
107 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
108 if (qc->pto.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
109 p = ngx_slprintf(p, last, " pto:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
110 qc->pto.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
111 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
112 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
113 if (qc->close.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
114 p = ngx_slprintf(p, last, " close:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
115 qc->close.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
116 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
117 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
118 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
119 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
120 "quic %*s", p - buf, buf); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
121 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
122 |
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
123 #endif |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
124 |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
125 |
8413
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8412
diff
changeset
|
126 ngx_int_t |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
127 ngx_quic_apply_transport_params(ngx_connection_t *c, ngx_quic_tp_t *ctp) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
128 { |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
129 ngx_str_t scid; |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
130 ngx_quic_connection_t *qc; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
131 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
132 qc = ngx_quic_get_connection(c); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
133 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
134 scid.data = qc->socket->cid->id; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
135 scid.len = qc->socket->cid->len; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
136 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
137 if (scid.len != ctp->initial_scid.len |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
138 || ngx_memcmp(scid.data, ctp->initial_scid.data, scid.len) != 0) |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
139 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
140 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
141 "quic client initial_source_connection_id mismatch"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
142 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
143 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
144 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
145 if (ctp->max_udp_payload_size < NGX_QUIC_MIN_INITIAL_SIZE |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
146 || ctp->max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
147 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
148 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
149 qc->error_reason = "invalid maximum packet size"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
150 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
151 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
152 "quic maximum packet size is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
153 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
154 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
155 } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
156 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
157 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
158 "quic client maximum packet size truncated"); |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
159 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
160 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
161 if (ctp->active_connection_id_limit < 2) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
162 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
163 qc->error_reason = "invalid active_connection_id_limit"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
164 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
165 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
166 "quic active_connection_id_limit is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
167 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
168 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
169 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
170 if (ctp->ack_delay_exponent > 20) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
171 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
172 qc->error_reason = "invalid ack_delay_exponent"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
173 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
174 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
175 "quic ack_delay_exponent is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
176 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
177 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
178 |
8507
f8ad3dd142ad
QUIC: consider max_ack_delay=16384 invalid.
Roman Arutyunyan <arut@nginx.com>
parents:
8498
diff
changeset
|
179 if (ctp->max_ack_delay >= 16384) { |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
180 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
181 qc->error_reason = "invalid max_ack_delay"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
182 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
183 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
184 "quic max_ack_delay is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
185 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
186 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
187 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
188 if (ctp->max_idle_timeout > 0 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
189 && ctp->max_idle_timeout < qc->tp.max_idle_timeout) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
190 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
191 qc->tp.max_idle_timeout = ctp->max_idle_timeout; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
192 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
193 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
194 qc->streams.server_max_streams_bidi = ctp->initial_max_streams_bidi; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
195 qc->streams.server_max_streams_uni = ctp->initial_max_streams_uni; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
196 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
197 ngx_memcpy(&qc->ctp, ctp, sizeof(ngx_quic_tp_t)); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
198 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
199 return NGX_OK; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
200 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
201 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
202 |
7691 | 203 void |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
204 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) |
7691 | 205 { |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
206 ngx_int_t rc; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
207 ngx_quic_connection_t *qc; |
7691 | 208 |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
209 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
7691 | 210 |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
211 rc = ngx_quic_input(c, c->buffer, conf); |
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
212 if (rc != NGX_OK) { |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
213 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); |
7691 | 214 return; |
215 } | |
216 | |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
217 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
218 |
8279 | 219 if (qc == NULL) { |
220 ngx_quic_close_connection(c, NGX_DONE); | |
221 return; | |
222 } | |
223 | |
224 ngx_add_timer(c->read, qc->tp.max_idle_timeout); | |
225 ngx_quic_connstate_dbg(c); | |
7691 | 226 |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
227 c->read->handler = ngx_quic_input_handler; |
7691 | 228 |
229 return; | |
230 } | |
231 | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
232 |
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
233 static ngx_quic_connection_t * |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
234 ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, |
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
235 ngx_quic_header_t *pkt) |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
236 { |
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
237 ngx_uint_t i; |
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
238 ngx_quic_tp_t *ctp; |
7691 | 239 ngx_quic_connection_t *qc; |
7864
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
240 |
7691 | 241 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
242 if (qc == NULL) { | |
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
243 return NULL; |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
244 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
245 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
246 qc->keys = ngx_quic_keys_new(c->pool); |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
247 if (qc->keys == NULL) { |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
248 return NULL; |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
249 } |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
250 |
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
251 qc->version = pkt->version; |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
252 |
7691 | 253 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
254 ngx_quic_rbtree_insert_stream); | |
255 | |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
256 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
257 ngx_queue_init(&qc->send_ctx[i].frames); |
8547
ad046179eb91
QUIC: handle EAGAIN properly on UDP sockets.
Vladimir Homutov <vl@nginx.com>
parents:
8545
diff
changeset
|
258 ngx_queue_init(&qc->send_ctx[i].sending); |
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
259 ngx_queue_init(&qc->send_ctx[i].sent); |
8157
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
260 qc->send_ctx[i].largest_pn = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
261 qc->send_ctx[i].largest_ack = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
262 qc->send_ctx[i].largest_range = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
263 qc->send_ctx[i].pending_ack = NGX_QUIC_UNSET_PN; |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
264 } |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
265 |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
266 qc->send_ctx[0].level = ssl_encryption_initial; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
267 qc->send_ctx[1].level = ssl_encryption_handshake; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
268 qc->send_ctx[2].level = ssl_encryption_application; |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
269 |
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
270 ngx_queue_init(&qc->free_frames); |
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
271 |
7987
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
272 qc->avg_rtt = NGX_QUIC_INITIAL_RTT; |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
273 qc->rttvar = NGX_QUIC_INITIAL_RTT / 2; |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
274 qc->min_rtt = NGX_TIMER_INFINITE; |
8493
004172345bdc
QUIC: persistent congestion calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8492
diff
changeset
|
275 qc->first_rtt = NGX_TIMER_INFINITE; |
7987
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
276 |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
277 /* |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
278 * qc->latest_rtt = 0 |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
279 */ |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
280 |
7990 | 281 qc->pto.log = c->log; |
282 qc->pto.data = c; | |
283 qc->pto.handler = ngx_quic_pto_handler; | |
284 qc->pto.cancelable = 1; | |
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
285 |
7775 | 286 qc->push.log = c->log; |
287 qc->push.data = c; | |
288 qc->push.handler = ngx_quic_push_handler; | |
289 qc->push.cancelable = 1; | |
290 | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
291 qc->path_validation.log = c->log; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
292 qc->path_validation.data = c; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
293 qc->path_validation.handler = ngx_quic_path_validation_handler; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
294 qc->path_validation.cancelable = 1; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
295 |
7999
0d2b2664b41c
QUIC: added "quic" listen parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
7998
diff
changeset
|
296 qc->conf = conf; |
0d2b2664b41c
QUIC: added "quic" listen parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
7998
diff
changeset
|
297 qc->tp = conf->tp; |
7691 | 298 |
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
299 ctp = &qc->ctp; |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
300 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
301 /* defaults to be used before actual client parameters are received */ |
7931
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
302 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
303 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
304 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
305 ctp->active_connection_id_limit = 2; |
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
306 |
8552
fe919fd63b0b
QUIC: client certificate validation with OCSP.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8547
diff
changeset
|
307 ngx_queue_init(&qc->streams.uninitialized); |
fe919fd63b0b
QUIC: client certificate validation with OCSP.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8547
diff
changeset
|
308 |
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
309 qc->streams.recv_max_data = qc->tp.initial_max_data; |
8492
af33d1ef1c3c
QUIC: stream flow control refactored.
Roman Arutyunyan <arut@nginx.com>
parents:
8442
diff
changeset
|
310 qc->streams.recv_window = qc->streams.recv_max_data; |
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
311 |
8014
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
312 qc->streams.client_max_streams_uni = qc->tp.initial_max_streams_uni; |
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
313 qc->streams.client_max_streams_bidi = qc->tp.initial_max_streams_bidi; |
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
314 |
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
315 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
316 ngx_max(2 * qc->tp.max_udp_payload_size, |
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
317 14720)); |
8193
8550b91e8e35
QUIC: added proper logging of special values.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
318 qc->congestion.ssthresh = (size_t) -1; |
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
319 qc->congestion.recovery_start = ngx_current_msec; |
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
320 |
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
321 if (pkt->validated && pkt->retried) { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
322 qc->tp.retry_scid.len = pkt->dcid.len; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
323 qc->tp.retry_scid.data = ngx_pstrdup(c->pool, &pkt->dcid); |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
324 if (qc->tp.retry_scid.data == NULL) { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
325 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
326 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
327 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
328 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
329 if (ngx_quic_keys_set_initial_secret(c->pool, qc->keys, &pkt->dcid, |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
330 qc->version) |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
331 != NGX_OK) |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
332 { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
333 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
334 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
335 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
336 qc->validated = pkt->validated; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
337 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
338 if (ngx_quic_open_sockets(c, qc, pkt) != NGX_OK) { |
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
339 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
340 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
341 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
342 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
343 "quic connection created"); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
344 |
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
345 return qc; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
346 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
347 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
348 |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
349 static ngx_int_t |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
350 ngx_quic_process_stateless_reset(ngx_connection_t *c, ngx_quic_header_t *pkt) |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
351 { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
352 u_char *tail, ch; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
353 ngx_uint_t i; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
354 ngx_queue_t *q; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
355 ngx_quic_client_id_t *cid; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
356 ngx_quic_connection_t *qc; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
357 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
358 qc = ngx_quic_get_connection(c); |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
359 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
360 /* A stateless reset uses an entire UDP datagram */ |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
361 if (pkt->raw->start != pkt->data) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
362 return NGX_DECLINED; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
363 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
364 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
365 tail = pkt->raw->last - NGX_QUIC_SR_TOKEN_LEN; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
366 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
367 for (q = ngx_queue_head(&qc->client_ids); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
368 q != ngx_queue_sentinel(&qc->client_ids); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
369 q = ngx_queue_next(q)) |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
370 { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
371 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
372 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
373 if (cid->seqnum == 0) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
374 /* no stateless reset token in initial connection id */ |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
375 continue; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
376 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
377 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
378 /* constant time comparison */ |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
379 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
380 for (ch = 0, i = 0; i < NGX_QUIC_SR_TOKEN_LEN; i++) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
381 ch |= tail[i] ^ cid->sr_token[i]; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
382 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
383 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
384 if (ch == 0) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
385 return NGX_OK; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
386 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
387 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
388 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
389 return NGX_DECLINED; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
390 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
391 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
392 |
7691 | 393 static void |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
394 ngx_quic_input_handler(ngx_event_t *rev) |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
395 { |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
396 ngx_int_t rc; |
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
397 ngx_buf_t *b; |
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
398 ngx_connection_t *c; |
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
399 ngx_quic_connection_t *qc; |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
400 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
401 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
402 |
7691 | 403 c = rev->data; |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
404 qc = ngx_quic_get_connection(c); |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
405 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
406 c->log->action = "handling quic input"; |
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
407 |
7691 | 408 if (rev->timedout) { |
7838 | 409 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, |
410 "quic client timed out"); | |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
411 ngx_quic_close_connection(c, NGX_DONE); |
7691 | 412 return; |
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
413 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
414 |
7691 | 415 if (c->close) { |
7937
b9bce2c4fe33
Close QUIC connection with NO_ERROR on c->close.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7934
diff
changeset
|
416 qc->error_reason = "graceful shutdown"; |
b9bce2c4fe33
Close QUIC connection with NO_ERROR on c->close.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7934
diff
changeset
|
417 ngx_quic_close_connection(c, NGX_OK); |
7691 | 418 return; |
419 } | |
7686
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7684
diff
changeset
|
420 |
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
421 if (!rev->ready) { |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
422 if (qc->closing) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
423 ngx_quic_close_connection(c, NGX_OK); |
8553
a9f6540e61da
QUIC: asynchronous shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8552
diff
changeset
|
424 |
a9f6540e61da
QUIC: asynchronous shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8552
diff
changeset
|
425 } else if (qc->shutdown) { |
a9f6540e61da
QUIC: asynchronous shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8552
diff
changeset
|
426 ngx_quic_shutdown_quic(c); |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
427 } |
8553
a9f6540e61da
QUIC: asynchronous shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8552
diff
changeset
|
428 |
7691 | 429 return; |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
430 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
431 |
8384
c61fcdc1b8e3
UDP: extended datagram context.
Vladimir Homutov <vl@nginx.com>
parents:
8380
diff
changeset
|
432 b = c->udp->dgram->buffer; |
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
433 |
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
434 rc = ngx_quic_input(c, b, NULL); |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
435 |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
436 if (rc == NGX_ERROR) { |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
437 ngx_quic_close_connection(c, NGX_ERROR); |
7691 | 438 return; |
439 } | |
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
440 |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
441 if (rc == NGX_DECLINED) { |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
442 return; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
443 } |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
444 |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
445 /* rc == NGX_OK */ |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
446 |
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
447 qc->send_timer_set = 0; |
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
448 ngx_add_timer(rev, qc->tp.max_idle_timeout); |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
449 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
450 ngx_quic_connstate_dbg(c); |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
451 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
452 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
453 |
8386
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8385
diff
changeset
|
454 void |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
455 ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
456 { |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
457 ngx_pool_t *pool; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
458 ngx_quic_connection_t *qc; |
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
459 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
460 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
461 "quic ngx_quic_close_connection rc:%i", rc); |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
462 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
463 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
464 |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
465 if (qc == NULL) { |
8279 | 466 if (rc == NGX_ERROR) { |
467 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
468 "quic close connection early error"); |
8279 | 469 } |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
470 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
471 } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
472 return; |
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
473 } |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
474 |
7691 | 475 if (c->ssl) { |
476 (void) ngx_ssl_shutdown(c); | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
477 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
478 |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
479 if (c->read->timer_set) { |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
480 ngx_del_timer(c->read); |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
481 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
482 |
7691 | 483 #if (NGX_STAT_STUB) |
484 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); | |
485 #endif | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
486 |
7691 | 487 c->destroyed = 1; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
488 |
7691 | 489 pool = c->pool; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
490 |
7691 | 491 ngx_close_connection(c); |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
492 |
7691 | 493 ngx_destroy_pool(pool); |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
494 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
495 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
496 |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
497 static ngx_int_t |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
498 ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc) |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
499 { |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
500 ngx_uint_t i; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
501 ngx_quic_send_ctx_t *ctx; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
502 ngx_quic_connection_t *qc; |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
503 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
504 qc = ngx_quic_get_connection(c); |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
505 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
506 if (!qc->closing) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
507 |
7875
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
508 /* drop packets from retransmit queues, no ack is expected */ |
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
509 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
8236
e9bd4305e68b
QUIC: fixed send contexts cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
510 ngx_quic_free_frames(c, &qc->send_ctx[i].sent); |
7875
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
511 } |
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
512 |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
513 if (rc == NGX_DONE) { |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
514 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
515 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
516 * RFC 9000, 10.1. Idle Timeout |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
517 * |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
518 * If a max_idle_timeout is specified by either endpoint in its |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
519 * transport parameters (Section 18.2), the connection is silently |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
520 * closed and its state is discarded when it remains idle |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
521 */ |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
522 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
523 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
524 "quic closing %s connection", |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
525 qc->draining ? "drained" : "idle"); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
526 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
527 } else { |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
528 |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
529 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
530 * RFC 9000, 10.2. Immediate Close |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
531 * |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
532 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
533 * to terminate the connection immediately. |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
534 */ |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
535 |
7993
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
536 qc->error_level = c->ssl ? SSL_quic_read_level(c->ssl->connection) |
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
537 : ssl_encryption_initial; |
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
538 |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
539 if (rc == NGX_OK) { |
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
540 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
541 "quic immediate close drain:%d", |
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
542 qc->draining); |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
543 |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
544 qc->close.log = c->log; |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
545 qc->close.data = c; |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
546 qc->close.handler = ngx_quic_close_timer_handler; |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
547 qc->close.cancelable = 1; |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
548 |
7993
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
549 ctx = ngx_quic_get_send_ctx(qc, qc->error_level); |
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
550 |
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
551 ngx_add_timer(&qc->close, 3 * ngx_quic_pto(c, ctx)); |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
552 |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
553 qc->error = NGX_QUIC_ERR_NO_ERROR; |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
554 |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
555 } else { |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
556 if (qc->error == 0 && !qc->error_app) { |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
557 qc->error = NGX_QUIC_ERR_INTERNAL_ERROR; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
558 } |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
559 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
560 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
561 "quic immediate close due to %s error: %ui %s", |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
562 qc->error_app ? "app " : "", qc->error, |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
563 qc->error_reason ? qc->error_reason : ""); |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
564 } |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
565 |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
566 (void) ngx_quic_send_cc(c); |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
567 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
568 if (qc->error_level == ssl_encryption_handshake) { |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
569 /* for clients that might not have handshake keys */ |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
570 qc->error_level = ssl_encryption_initial; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
571 (void) ngx_quic_send_cc(c); |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
572 } |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
573 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
574 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
575 qc->closing = 1; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
576 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
577 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
578 if (rc == NGX_ERROR && qc->close.timer_set) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
579 /* do not wait for timer in case of fatal error */ |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
580 ngx_del_timer(&qc->close); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
581 } |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
582 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
583 if (ngx_quic_close_streams(c, qc) == NGX_AGAIN) { |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
584 return NGX_AGAIN; |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
585 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
586 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
587 if (qc->push.timer_set) { |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
588 ngx_del_timer(&qc->push); |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
589 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
590 |
7990 | 591 if (qc->pto.timer_set) { |
592 ngx_del_timer(&qc->pto); | |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
593 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
594 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
595 if (qc->path_validation.timer_set) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
596 ngx_del_timer(&qc->path_validation); |
7929
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
597 } |
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
598 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
599 if (qc->push.posted) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
600 ngx_delete_posted_event(&qc->push); |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
601 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
602 |
8091
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
603 if (qc->close.timer_set) { |
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
604 return NGX_AGAIN; |
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
605 } |
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
606 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
607 ngx_quic_close_sockets(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
608 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
609 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
610 "quic part of connection is terminated"); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
611 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
612 /* may be tested from SSL callback during SSL shutdown */ |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
613 c->udp = NULL; |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
614 |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
615 return NGX_OK; |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
616 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
617 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
618 |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
619 void |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
620 ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
621 const char *reason) |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
622 { |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
623 ngx_quic_connection_t *qc; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
624 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
625 qc = ngx_quic_get_connection(c); |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
626 qc->error = err; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
627 qc->error_reason = reason; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
628 qc->error_app = 1; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
629 qc->error_ftype = 0; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
630 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
631 ngx_quic_close_connection(c, NGX_ERROR); |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
632 } |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
633 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
634 |
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
635 void |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
636 ngx_quic_shutdown_connection(ngx_connection_t *c, ngx_uint_t err, |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
637 const char *reason) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
638 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
639 ngx_quic_connection_t *qc; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
640 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
641 qc = ngx_quic_get_connection(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
642 qc->shutdown = 1; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
643 qc->shutdown_code = err; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
644 qc->shutdown_reason = reason; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
645 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
646 ngx_quic_shutdown_quic(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
647 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
648 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
649 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
650 static void |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
651 ngx_quic_close_timer_handler(ngx_event_t *ev) |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
652 { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
653 ngx_connection_t *c; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
654 |
7836 | 655 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic close timer"); |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
656 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
657 c = ev->data; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
658 ngx_quic_close_connection(c, NGX_DONE); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
659 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
660 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
661 |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
662 static ngx_int_t |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
663 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
664 { |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
665 u_char *p; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
666 ngx_int_t rc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
667 ngx_uint_t good; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
668 ngx_quic_header_t pkt; |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
669 |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
670 good = 0; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
671 |
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
672 p = b->pos; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
673 |
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
674 while (p < b->last) { |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
675 |
7691 | 676 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
677 pkt.raw = b; | |
678 pkt.data = p; | |
679 pkt.len = b->last - p; | |
680 pkt.log = c->log; | |
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
681 pkt.flags = p[0]; |
8097
a89a58c642ef
QUIC: simplified packet header parsing.
Vladimir Homutov <vl@nginx.com>
parents:
8096
diff
changeset
|
682 pkt.raw->pos++; |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
683 |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
684 rc = ngx_quic_process_packet(c, conf, &pkt); |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
685 |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
686 #if (NGX_DEBUG) |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
687 if (pkt.parsed) { |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
688 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8168
f32740ddd484
QUIC: got rid of "pkt" abbreviation in logs.
Vladimir Homutov <vl@nginx.com>
parents:
8167
diff
changeset
|
689 "quic packet %s done decr:%d pn:%L perr:%ui rc:%i", |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
690 ngx_quic_level_name(pkt.level), pkt.decrypted, |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
691 pkt.pn, pkt.error, rc); |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
692 } else { |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
693 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8168
f32740ddd484
QUIC: got rid of "pkt" abbreviation in logs.
Vladimir Homutov <vl@nginx.com>
parents:
8167
diff
changeset
|
694 "quic packet done parse failed rc:%i", rc); |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
695 } |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
696 #endif |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
697 |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
698 if (rc == NGX_ERROR) { |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
699 return NGX_ERROR; |
7691 | 700 } |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
701 |
8279 | 702 if (rc == NGX_DONE) { |
703 /* stop further processing */ | |
704 return NGX_DECLINED; | |
705 } | |
706 | |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
707 if (rc == NGX_OK) { |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
708 good = 1; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
709 } |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
710 |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
711 /* NGX_OK || NGX_DECLINED */ |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
712 |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
713 /* |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
714 * we get NGX_DECLINED when there are no keys [yet] available |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
715 * to decrypt packet. |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
716 * Instead of queueing it, we ignore it and rely on the sender's |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
717 * retransmission: |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
718 * |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
719 * RFC 9000, 12.2. Coalescing Packets |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
720 * |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
721 * For example, if decryption fails (because the keys are |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
722 * not available or for any other reason), the receiver MAY either |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
723 * discard or buffer the packet for later processing and MUST |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
724 * attempt to process the remaining packets. |
8073
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
725 * |
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
726 * We also skip packets that don't match connection state |
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
727 * or cannot be parsed properly. |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
728 */ |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
729 |
7691 | 730 /* b->pos is at header end, adjust by actual packet length */ |
8096
0f37b4ef3cd9
QUIC: keep the entire packet size in pkt->len.
Roman Arutyunyan <arut@nginx.com>
parents:
8095
diff
changeset
|
731 b->pos = pkt.data + pkt.len; |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
732 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
733 /* firefox workaround: skip zero padding at the end of quic packet */ |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
734 while (b->pos < b->last && *(b->pos) == 0) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
735 b->pos++; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
736 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
737 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
738 p = b->pos; |
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
739 } |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
740 |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
741 return good ? NGX_OK : NGX_DECLINED; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
742 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
743 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
744 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
745 static ngx_int_t |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
746 ngx_quic_process_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, |
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
747 ngx_quic_header_t *pkt) |
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
748 { |
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
749 ngx_int_t rc; |
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
750 ngx_quic_connection_t *qc; |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
751 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
752 c->log->action = "parsing quic packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
753 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
754 rc = ngx_quic_parse_packet(pkt); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
755 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
756 if (rc == NGX_DECLINED || rc == NGX_ERROR) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
757 return rc; |
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
758 } |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
759 |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
760 pkt->parsed = 1; |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
761 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
762 c->log->action = "processing quic packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
763 |
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
764 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
765 "quic packet rx dcid len:%uz %xV", |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
766 pkt->dcid.len, &pkt->dcid); |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
767 |
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
768 #if (NGX_DEBUG) |
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
769 if (pkt->level != ssl_encryption_application) { |
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
770 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
771 "quic packet rx scid len:%uz %xV", |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
772 pkt->scid.len, &pkt->scid); |
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
773 } |
8211
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
774 |
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
775 if (pkt->level == ssl_encryption_initial) { |
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
776 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
777 "quic address validation token len:%uz %xV", |
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
778 pkt->token.len, &pkt->token); |
8211
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
779 } |
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
780 #endif |
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
781 |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
782 qc = ngx_quic_get_connection(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
783 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
784 if (qc) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
785 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
786 if (rc == NGX_ABORT) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
787 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
788 "quic unsupported version: 0x%xD", pkt->version); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
789 return NGX_DECLINED; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
790 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
791 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
792 rc = ngx_quic_check_migration(c, pkt); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
793 if (rc != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
794 return rc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
795 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
796 |
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
797 if (pkt->level != ssl_encryption_application) { |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
798 |
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
799 if (pkt->version != qc->version) { |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
800 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
801 "quic version mismatch: 0x%xD", pkt->version); |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
802 return NGX_DECLINED; |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
803 } |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
804 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
805 if (ngx_quic_check_csid(qc, pkt) != NGX_OK) { |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
806 return NGX_DECLINED; |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
807 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
808 |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
809 } else { |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
810 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
811 if (ngx_quic_process_stateless_reset(c, pkt) == NGX_OK) { |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
812 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
813 "quic stateless reset packet detected"); |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
814 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
815 qc->draining = 1; |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
816 ngx_quic_close_connection(c, NGX_OK); |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
817 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
818 return NGX_OK; |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
819 } |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
820 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
821 |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
822 return ngx_quic_process_payload(c, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
823 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
824 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
825 /* packet does not belong to a connection */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
826 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
827 if (rc == NGX_ABORT) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
828 return ngx_quic_negotiate_version(c, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
829 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
830 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
831 if (pkt->level == ssl_encryption_application) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
832 return ngx_quic_send_stateless_reset(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
833 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
834 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
835 if (pkt->level != ssl_encryption_initial) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
836 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
837 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
838 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
839 c->log->action = "processing initial packet"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
840 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
841 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
842 /* RFC 9000, 7.2. Negotiating Connection IDs */ |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
843 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
844 "quic too short dcid in initial" |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
845 " packet: len:%i", pkt->dcid.len); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
846 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
847 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
848 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
849 /* process retry and initialize connection IDs */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
850 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
851 if (pkt->token.len) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
852 |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
853 rc = ngx_quic_validate_token(c, conf->av_token_key, pkt); |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
854 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
855 if (rc == NGX_ERROR) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
856 /* internal error */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
857 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
858 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
859 } else if (rc == NGX_ABORT) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
860 /* token cannot be decrypted */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
861 return ngx_quic_send_early_cc(c, pkt, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
862 NGX_QUIC_ERR_INVALID_TOKEN, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
863 "cannot decrypt token"); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
864 } else if (rc == NGX_DECLINED) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
865 /* token is invalid */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
866 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
867 if (pkt->retried) { |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
868 /* invalid address validation token */ |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
869 return ngx_quic_send_early_cc(c, pkt, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
870 NGX_QUIC_ERR_INVALID_TOKEN, |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
871 "invalid address validation token"); |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
872 } else if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
873 /* invalid NEW_TOKEN */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
874 return ngx_quic_send_retry(c, conf, pkt); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
875 } |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
876 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
877 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
878 /* NGX_OK */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
879 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
880 } else if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
881 return ngx_quic_send_retry(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
882 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
883 } else { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
884 pkt->odcid = pkt->dcid; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
885 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
886 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
887 if (ngx_terminate || ngx_exiting) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
888 if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
889 return ngx_quic_send_retry(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
890 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
891 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
892 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
893 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
894 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
895 c->log->action = "creating quic connection"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
896 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
897 qc = ngx_quic_new_connection(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
898 if (qc == NULL) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
899 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
900 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
901 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
902 return ngx_quic_process_payload(c, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
903 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
904 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
905 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
906 static ngx_int_t |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
907 ngx_quic_process_payload(ngx_connection_t *c, ngx_quic_header_t *pkt) |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
908 { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
909 ngx_int_t rc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
910 ngx_quic_send_ctx_t *ctx; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
911 ngx_quic_connection_t *qc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
912 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
913 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
914 qc = ngx_quic_get_connection(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
915 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
916 qc->error = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
917 qc->error_reason = 0; |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
918 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
919 c->log->action = "decrypting packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
920 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
921 if (!ngx_quic_keys_available(qc->keys, pkt->level)) { |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
922 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8494
80d396fd8ee8
QUIC: improved errors readability.
Vladimir Homutov <vl@nginx.com>
parents:
8493
diff
changeset
|
923 "quic no %s keys, ignoring packet", |
80d396fd8ee8
QUIC: improved errors readability.
Vladimir Homutov <vl@nginx.com>
parents:
8493
diff
changeset
|
924 ngx_quic_level_name(pkt->level)); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
925 return NGX_DECLINED; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
926 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
927 |
8541
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
928 #if !defined (OPENSSL_IS_BORINGSSL) |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
929 /* OpenSSL provides read keys for an application level before it's ready */ |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
930 |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
931 if (pkt->level == ssl_encryption_application |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
932 && SSL_quic_read_level(c->ssl->connection) |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
933 < ssl_encryption_application) |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
934 { |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
935 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
936 "quic no %s keys ready, ignoring packet", |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
937 ngx_quic_level_name(pkt->level)); |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
938 return NGX_DECLINED; |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
939 } |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
940 #endif |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
941 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
942 pkt->keys = qc->keys; |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
943 pkt->key_phase = qc->key_phase; |
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
944 pkt->plaintext = buf; |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
945 |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
946 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
947 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
948 rc = ngx_quic_decrypt(pkt, &ctx->largest_pn); |
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
949 if (rc != NGX_OK) { |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
950 qc->error = pkt->error; |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
951 qc->error_reason = "failed to decrypt packet"; |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
952 return rc; |
7689 | 953 } |
954 | |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
955 pkt->decrypted = 1; |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
956 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
957 if (ngx_quic_update_paths(c, pkt) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
958 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
959 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
960 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
961 if (c->ssl == NULL) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
962 if (ngx_quic_init_connection(c) != NGX_OK) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
963 return NGX_ERROR; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
964 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
965 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
966 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
967 if (pkt->level == ssl_encryption_handshake) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
968 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
969 * RFC 9001, 4.9.1. Discarding Initial Keys |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
970 * |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
971 * The successful use of Handshake packets indicates |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
972 * that no more Initial packets need to be exchanged |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
973 */ |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
974 ngx_quic_discard_ctx(c, ssl_encryption_initial); |
8170
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8169
diff
changeset
|
975 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
976 if (qc->socket->path->state != NGX_QUIC_PATH_VALIDATED) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
977 qc->socket->path->state = NGX_QUIC_PATH_VALIDATED; |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
978 ngx_post_event(&qc->push, &ngx_posted_events); |
8170
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8169
diff
changeset
|
979 } |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
980 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
981 |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
982 if (qc->closing) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
983 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
984 * RFC 9000, 10.2. Immediate Close |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
985 * |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
986 * ... delayed or reordered packets are properly discarded. |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
987 * |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
988 * In the closing state, an endpoint retains only enough information |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
989 * to generate a packet containing a CONNECTION_CLOSE frame and to |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
990 * identify packets as belonging to the connection. |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
991 */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
992 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
993 qc->error_level = pkt->level; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
994 qc->error = NGX_QUIC_ERR_NO_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
995 qc->error_reason = "connection is closing, packet discarded"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
996 qc->error_ftype = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
997 qc->error_app = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
998 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
999 return ngx_quic_send_cc(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1000 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1001 |
8162
c5ea341f705a
QUIC: optimized acknowledgement generation.
Vladimir Homutov <vl@nginx.com>
parents:
8161
diff
changeset
|
1002 pkt->received = ngx_current_msec; |
8133
1d4417e4f2d0
QUIC: fixed measuring ACK Delay against 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8132
diff
changeset
|
1003 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
1004 c->log->action = "handling payload"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
1005 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1006 if (pkt->level != ssl_encryption_application) { |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1007 return ngx_quic_handle_frames(c, pkt); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1008 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1009 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1010 if (!pkt->key_update) { |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1011 return ngx_quic_handle_frames(c, pkt); |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1012 } |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1013 |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1014 /* switch keys and generate next on Key Phase change */ |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1015 |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1016 qc->key_phase ^= 1; |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1017 ngx_quic_keys_switch(c, qc->keys); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1018 |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1019 rc = ngx_quic_handle_frames(c, pkt); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1020 if (rc != NGX_OK) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1021 return rc; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1022 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1023 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1024 return ngx_quic_keys_update(c, qc->keys); |
7689 | 1025 } |
1026 | |
1027 | |
8413
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8412
diff
changeset
|
1028 void |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1029 ngx_quic_discard_ctx(ngx_connection_t *c, enum ssl_encryption_level_t level) |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1030 { |
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1031 ngx_queue_t *q; |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1032 ngx_quic_frame_t *f; |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1033 ngx_quic_socket_t *qsock; |
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1034 ngx_quic_send_ctx_t *ctx; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1035 ngx_quic_connection_t *qc; |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1036 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1037 qc = ngx_quic_get_connection(c); |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1038 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1039 if (!ngx_quic_keys_available(qc->keys, level)) { |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1040 return; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1041 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1042 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1043 ngx_quic_keys_discard(qc->keys, level); |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1044 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1045 qc->pto_count = 0; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1046 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1047 ctx = ngx_quic_get_send_ctx(qc, level); |
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1048 |
8442
b3f6ad181df4
QUIC: refactored CRYPTO and STREAM buffer ordering.
Roman Arutyunyan <arut@nginx.com>
parents:
8438
diff
changeset
|
1049 ngx_quic_free_bufs(c, ctx->crypto); |
b3f6ad181df4
QUIC: refactored CRYPTO and STREAM buffer ordering.
Roman Arutyunyan <arut@nginx.com>
parents:
8438
diff
changeset
|
1050 |
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1051 while (!ngx_queue_empty(&ctx->sent)) { |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1052 q = ngx_queue_head(&ctx->sent); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1053 ngx_queue_remove(q); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1054 |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1055 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1056 ngx_quic_congestion_ack(c, f); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1057 ngx_quic_free_frame(c, f); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1058 } |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1059 |
8171
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1060 while (!ngx_queue_empty(&ctx->frames)) { |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1061 q = ngx_queue_head(&ctx->frames); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1062 ngx_queue_remove(q); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1063 |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1064 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1065 ngx_quic_congestion_ack(c, f); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1066 ngx_quic_free_frame(c, f); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1067 } |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1068 |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1069 if (level == ssl_encryption_initial) { |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1070 /* close temporary listener with odcid */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1071 qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1072 if (qsock) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1073 ngx_quic_close_socket(c, qsock); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1074 } |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1075 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1076 |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1077 ctx->send_ack = 0; |
8290
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8289
diff
changeset
|
1078 |
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8289
diff
changeset
|
1079 ngx_quic_set_lost_timer(c); |
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1080 } |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1081 |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1082 |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1083 static ngx_int_t |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1084 ngx_quic_check_csid(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) |
7838 | 1085 { |
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1086 ngx_queue_t *q; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1087 ngx_quic_client_id_t *cid; |
7858
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1088 |
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1089 for (q = ngx_queue_head(&qc->client_ids); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1090 q != ngx_queue_sentinel(&qc->client_ids); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1091 q = ngx_queue_next(q)) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1092 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1093 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1094 |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1095 if (pkt->scid.len == cid->len |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1096 && ngx_memcmp(pkt->scid.data, cid->id, cid->len) == 0) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1097 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1098 return NGX_OK; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1099 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1100 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1101 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1102 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1103 return NGX_ERROR; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1104 } |
7637 | 1105 |
1106 | |
7691 | 1107 static ngx_int_t |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1108 ngx_quic_handle_frames(ngx_connection_t *c, ngx_quic_header_t *pkt) |
7691 | 1109 { |
1110 u_char *end, *p; | |
1111 ssize_t len; | |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1112 ngx_buf_t buf; |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1113 ngx_uint_t do_close, nonprobing; |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1114 ngx_chain_t chain; |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1115 ngx_quic_frame_t frame; |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1116 ngx_quic_socket_t *qsock; |
7691 | 1117 ngx_quic_connection_t *qc; |
1118 | |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1119 qc = ngx_quic_get_connection(c); |
7691 | 1120 |
1121 p = pkt->payload.data; | |
1122 end = p + pkt->payload.len; | |
1123 | |
1124 do_close = 0; | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1125 nonprobing = 0; |
7691 | 1126 |
1127 while (p < end) { | |
1128 | |
7741 | 1129 c->log->action = "parsing frames"; |
1130 | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1131 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1132 ngx_memzero(&buf, sizeof(ngx_buf_t)); |
8243
d9f673d18e9b
QUIC: set the temporary flag for input frame buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8242
diff
changeset
|
1133 buf.temporary = 1; |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1134 |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1135 chain.buf = &buf; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1136 chain.next = NULL; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1137 frame.data = &chain; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1138 |
7706
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
7705
diff
changeset
|
1139 len = ngx_quic_parse_frame(pkt, p, end, &frame); |
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
1140 |
7691 | 1141 if (len < 0) { |
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1142 qc->error = pkt->error; |
7691 | 1143 return NGX_ERROR; |
1144 } | |
1145 | |
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
1146 ngx_quic_log_frame(c->log, &frame, 0); |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
1147 |
7741 | 1148 c->log->action = "handling frames"; |
1149 | |
7691 | 1150 p += len; |
1151 | |
1152 switch (frame.type) { | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1153 /* probing frames */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1154 case NGX_QUIC_FT_PADDING: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1155 case NGX_QUIC_FT_PATH_CHALLENGE: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1156 case NGX_QUIC_FT_PATH_RESPONSE: |
8436
901126931bd5
QUIC: consider NEW_CONNECTION_ID a probing frame.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
1157 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1158 break; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1159 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1160 /* non-probing frames */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1161 default: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1162 nonprobing = 1; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1163 break; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1164 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1165 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1166 switch (frame.type) { |
7691 | 1167 |
1168 case NGX_QUIC_FT_ACK: | |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1169 if (ngx_quic_handle_ack_frame(c, pkt, &frame) != NGX_OK) { |
7691 | 1170 return NGX_ERROR; |
1171 } | |
1172 | |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1173 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1174 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1175 case NGX_QUIC_FT_PADDING: |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1176 /* no action required */ |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1177 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1178 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1179 case NGX_QUIC_FT_CONNECTION_CLOSE: |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
1180 case NGX_QUIC_FT_CONNECTION_CLOSE_APP: |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1181 do_close = 1; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1182 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1183 } |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1184 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1185 /* got there with ack-eliciting packet */ |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1186 pkt->need_ack = 1; |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1187 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1188 switch (frame.type) { |
7691 | 1189 |
1190 case NGX_QUIC_FT_CRYPTO: | |
1191 | |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1192 if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { |
7691 | 1193 return NGX_ERROR; |
1194 } | |
1195 | |
1196 break; | |
1197 | |
1198 case NGX_QUIC_FT_PING: | |
1199 break; | |
1200 | |
8545
4009f120cad4
QUIC: eliminated stream type from ngx_quic_stream_frame_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
1201 case NGX_QUIC_FT_STREAM: |
7691 | 1202 |
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
1203 if (ngx_quic_handle_stream_frame(c, pkt, &frame) != NGX_OK) { |
7691 | 1204 return NGX_ERROR; |
1205 } | |
1206 | |
1207 break; | |
1208 | |
7703
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1209 case NGX_QUIC_FT_MAX_DATA: |
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1210 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1211 if (ngx_quic_handle_max_data_frame(c, &frame.u.max_data) != NGX_OK) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1212 { |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1213 return NGX_ERROR; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1214 } |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1215 |
7703
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1216 break; |
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1217 |
7702
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1218 case NGX_QUIC_FT_STREAMS_BLOCKED: |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1219 case NGX_QUIC_FT_STREAMS_BLOCKED2: |
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1220 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1221 if (ngx_quic_handle_streams_blocked_frame(c, pkt, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1222 &frame.u.streams_blocked) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1223 != NGX_OK) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1224 { |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1225 return NGX_ERROR; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1226 } |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1227 |
7702
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1228 break; |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1229 |
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1230 case NGX_QUIC_FT_STREAM_DATA_BLOCKED: |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1231 |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1232 if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1233 &frame.u.stream_data_blocked) |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1234 != NGX_OK) |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1235 { |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1236 return NGX_ERROR; |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1237 } |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1238 |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1239 break; |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1240 |
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1241 case NGX_QUIC_FT_MAX_STREAM_DATA: |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1242 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1243 if (ngx_quic_handle_max_stream_data_frame(c, pkt, |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1244 &frame.u.max_stream_data) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1245 != NGX_OK) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1246 { |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1247 return NGX_ERROR; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1248 } |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1249 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1250 break; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1251 |
7923
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1252 case NGX_QUIC_FT_RESET_STREAM: |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1253 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1254 if (ngx_quic_handle_reset_stream_frame(c, pkt, |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1255 &frame.u.reset_stream) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1256 != NGX_OK) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1257 { |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1258 return NGX_ERROR; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1259 } |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1260 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1261 break; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1262 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1263 case NGX_QUIC_FT_STOP_SENDING: |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1264 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1265 if (ngx_quic_handle_stop_sending_frame(c, pkt, |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1266 &frame.u.stop_sending) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1267 != NGX_OK) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1268 { |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1269 return NGX_ERROR; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1270 } |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1271 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1272 break; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1273 |
8013
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1274 case NGX_QUIC_FT_MAX_STREAMS: |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1275 case NGX_QUIC_FT_MAX_STREAMS2: |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1276 |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1277 if (ngx_quic_handle_max_streams_frame(c, pkt, &frame.u.max_streams) |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1278 != NGX_OK) |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1279 { |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1280 return NGX_ERROR; |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1281 } |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1282 |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1283 break; |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1284 |
8069
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1285 case NGX_QUIC_FT_PATH_CHALLENGE: |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1286 |
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1287 if (ngx_quic_handle_path_challenge_frame(c, &frame.u.path_challenge) |
8069
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1288 != NGX_OK) |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1289 { |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1290 return NGX_ERROR; |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1291 } |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1292 |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1293 break; |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1294 |
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1295 case NGX_QUIC_FT_PATH_RESPONSE: |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1296 |
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1297 if (ngx_quic_handle_path_response_frame(c, &frame.u.path_response) |
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1298 != NGX_OK) |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1299 { |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1300 return NGX_ERROR; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1301 } |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1302 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1303 break; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1304 |
7791
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
1305 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1306 |
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1307 if (ngx_quic_handle_new_connection_id_frame(c, &frame.u.ncid) |
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1308 != NGX_OK) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1309 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1310 return NGX_ERROR; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1311 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1312 |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1313 break; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1314 |
7791
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
1315 case NGX_QUIC_FT_RETIRE_CONNECTION_ID: |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1316 |
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1317 if (ngx_quic_handle_retire_connection_id_frame(c, |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1318 &frame.u.retire_cid) |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1319 != NGX_OK) |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1320 { |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1321 return NGX_ERROR; |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1322 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1323 |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1324 break; |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1325 |
7691 | 1326 default: |
7823
4e4485793418
Added MAX_STREAM_DATA stub handler.
Vladimir Homutov <vl@nginx.com>
parents:
7822
diff
changeset
|
1327 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
7836 | 1328 "quic missing frame handler"); |
7691 | 1329 return NGX_ERROR; |
1330 } | |
1331 } | |
1332 | |
1333 if (p != end) { | |
1334 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
1335 "quic trailing garbage in payload:%ui bytes", end - p); |
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1336 |
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1337 qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
7691 | 1338 return NGX_ERROR; |
1339 } | |
1340 | |
1341 if (do_close) { | |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1342 qc->draining = 1; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1343 ngx_quic_close_connection(c, NGX_OK); |
7691 | 1344 } |
1345 | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1346 qsock = ngx_quic_get_socket(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1347 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1348 if (qsock != qc->socket) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1349 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1350 if (qsock->path != qc->socket->path && nonprobing) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1351 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1352 * RFC 9000, 9.2. Initiating Connection Migration |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1353 * |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1354 * An endpoint can migrate a connection to a new local |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1355 * address by sending packets containing non-probing frames |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1356 * from that address. |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1357 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1358 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1359 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1360 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1361 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1362 /* |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1363 * else: packet arrived via non-default socket; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1364 * no reason to change active path |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1365 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1366 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1367 |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1368 if (ngx_quic_ack_packet(c, pkt) != NGX_OK) { |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1369 return NGX_ERROR; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1370 } |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1371 |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1372 return NGX_OK; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1373 } |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1374 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1375 |
7775 | 1376 static void |
1377 ngx_quic_push_handler(ngx_event_t *ev) | |
1378 { | |
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
1379 ngx_connection_t *c; |
7775 | 1380 |
7836 | 1381 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic push timer"); |
7775 | 1382 |
1383 c = ev->data; | |
1384 | |
1385 if (ngx_quic_output(c) != NGX_OK) { | |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1386 ngx_quic_close_connection(c, NGX_ERROR); |
7775 | 1387 return; |
1388 } | |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
1389 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
1390 ngx_quic_connstate_dbg(c); |
7775 | 1391 } |
1392 | |
1393 | |
8410
41807e581de9
QUIC: separate files for stream related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8409
diff
changeset
|
1394 void |
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1395 ngx_quic_shutdown_quic(ngx_connection_t *c) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1396 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1397 ngx_rbtree_t *tree; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1398 ngx_rbtree_node_t *node; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1399 ngx_quic_stream_t *qs; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1400 ngx_quic_connection_t *qc; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1401 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1402 qc = ngx_quic_get_connection(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1403 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1404 if (qc->closing) { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1405 return; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1406 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1407 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1408 tree = &qc->streams.tree; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1409 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1410 if (tree->root != tree->sentinel) { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1411 for (node = ngx_rbtree_min(tree->root, tree->sentinel); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1412 node; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1413 node = ngx_rbtree_next(tree, node)) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1414 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1415 qs = (ngx_quic_stream_t *) node; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1416 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1417 if (!qs->cancelable) { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1418 return; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1419 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1420 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1421 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1422 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1423 ngx_quic_finalize_connection(c, qc->shutdown_code, qc->shutdown_reason); |
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1424 } |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1425 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1426 |
8196
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1427 uint32_t |
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1428 ngx_quic_version(ngx_connection_t *c) |
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1429 { |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1430 uint32_t version; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1431 ngx_quic_connection_t *qc; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1432 |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1433 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1434 |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1435 version = qc->version; |
8196
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1436 |
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1437 return (version & 0xff000000) == 0xff000000 ? version & 0xff : version; |
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1438 } |