Mercurial > hg > nginx-quic
annotate src/event/ngx_event_quic.c @ 7697:78540e2160d0 quic
Added parsing of RESET_STREAM and STOP_SENDING frames
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 18 Mar 2020 16:35:11 +0300 |
parents | cfc429911c0d |
children | 253cf267f95a |
rev | line source |
---|---|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
2 /* |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
4 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
5 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
6 |
7637 | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
9 #include <ngx_event.h> |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
10 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
11 |
7691 | 12 typedef struct { |
13 ngx_rbtree_node_t node; | |
14 ngx_buf_t *b; | |
15 ngx_connection_t *c; | |
16 ngx_quic_stream_t s; | |
17 } ngx_quic_stream_node_t; | |
18 | |
19 | |
20 typedef struct { | |
21 ngx_rbtree_t tree; | |
22 ngx_rbtree_node_t sentinel; | |
23 ngx_msec_t timeout; | |
24 ngx_connection_handler_pt handler; | |
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
25 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
26 ngx_uint_t id_counter; |
7691 | 27 } ngx_quic_streams_t; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
28 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
29 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
30 struct ngx_quic_connection_s { |
7691 | 31 ngx_str_t scid; |
32 ngx_str_t dcid; | |
33 ngx_str_t token; | |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
34 |
7691 | 35 /* current packet numbers for each namespace */ |
36 ngx_uint_t initial_pn; | |
37 ngx_uint_t handshake_pn; | |
38 ngx_uint_t appdata_pn; | |
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
39 |
7691 | 40 ngx_quic_secrets_t secrets; |
41 ngx_ssl_t *ssl; | |
42 ngx_quic_frame_t *frames; | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
43 |
7691 | 44 ngx_quic_streams_t streams; |
45 }; | |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
46 |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
47 |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
48 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
49 static int ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
50 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
51 const uint8_t *secret, size_t secret_len); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
52 static int ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
53 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
54 const uint8_t *secret, size_t secret_len); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
55 #else |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
56 static int ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
57 enum ssl_encryption_level_t level, const uint8_t *read_secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
58 const uint8_t *write_secret, size_t secret_len); |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
59 #endif |
7691 | 60 |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
61 static int ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
62 enum ssl_encryption_level_t level, const uint8_t *data, size_t len); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
63 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
64 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
65 enum ssl_encryption_level_t level, uint8_t alert); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
66 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
67 |
7691 | 68 static ngx_int_t ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, |
69 ngx_quic_header_t *pkt); | |
70 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); | |
71 static void ngx_quic_handshake_handler(ngx_event_t *rev); | |
72 static void ngx_quic_close_connection(ngx_connection_t *c); | |
73 | |
74 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b); | |
75 static ngx_int_t ngx_quic_initial_input(ngx_connection_t *c, | |
76 ngx_quic_header_t *pkt); | |
77 static ngx_int_t ngx_quic_handshake_input(ngx_connection_t *c, | |
78 ngx_quic_header_t *pkt); | |
79 static ngx_int_t ngx_quic_app_input(ngx_connection_t *c, | |
80 ngx_quic_header_t *pkt); | |
81 static ngx_int_t ngx_quic_payload_handler(ngx_connection_t *c, | |
82 ngx_quic_header_t *pkt); | |
83 | |
84 static ngx_int_t ngx_quic_handle_ack_frame(ngx_connection_t *c, | |
85 ngx_quic_header_t *pkt, ngx_quic_ack_frame_t *f); | |
86 static ngx_int_t ngx_quic_handle_crypto_frame(ngx_connection_t *c, | |
87 ngx_quic_header_t *pkt, ngx_quic_crypto_frame_t *frame); | |
88 static ngx_int_t ngx_quic_handle_stream_frame(ngx_connection_t *c, | |
89 ngx_quic_header_t *pkt, ngx_quic_stream_frame_t *frame); | |
90 | |
91 static void ngx_quic_queue_frame(ngx_quic_connection_t *qc, | |
92 ngx_quic_frame_t *frame); | |
93 | |
94 static ngx_int_t ngx_quic_output(ngx_connection_t *c); | |
95 ngx_int_t ngx_quic_frames_send(ngx_connection_t *c, ngx_quic_frame_t *start, | |
96 ngx_quic_frame_t *end, size_t total); | |
97 static ngx_int_t ngx_quic_send_packet(ngx_connection_t *c, | |
98 ngx_quic_connection_t *qc, enum ssl_encryption_level_t level, | |
99 ngx_str_t *payload); | |
100 | |
101 | |
102 static void ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, | |
103 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); | |
104 static ngx_quic_stream_node_t *ngx_quic_find_stream(ngx_rbtree_t *rbtree, | |
105 ngx_uint_t key); | |
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
106 static ngx_quic_stream_node_t *ngx_quic_create_stream(ngx_connection_t *c, |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
107 ngx_uint_t id); |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
108 static ssize_t ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
109 size_t size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
110 static ssize_t ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
111 size_t size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
112 static ngx_chain_t *ngx_quic_stream_send_chain(ngx_connection_t *c, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
113 ngx_chain_t *in, off_t limit); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
114 |
7691 | 115 |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
116 static SSL_QUIC_METHOD quic_method = { |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
117 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
118 ngx_quic_set_read_secret, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
119 ngx_quic_set_write_secret, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
120 #else |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
121 ngx_quic_set_encryption_secrets, |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
122 #endif |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
123 ngx_quic_add_handshake_data, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
124 ngx_quic_flush_flight, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
125 ngx_quic_send_alert, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
126 }; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
127 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
128 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
129 void |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
130 ngx_quic_init_ssl_methods(SSL_CTX* ctx) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
131 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
132 SSL_CTX_set_quic_method(ctx, &quic_method); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
133 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
134 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
135 |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
136 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
137 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
138 static int |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
139 ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
140 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
141 const uint8_t *rsecret, size_t secret_len) |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
142 { |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
143 ngx_connection_t *c; |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
144 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
145 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
146 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
147 ngx_quic_hexdump(c->log, "level:%d read secret", |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
148 rsecret, secret_len, level); |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
149 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
150 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
151 rsecret, secret_len, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
152 &c->quic->secrets.client); |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
153 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
154 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
155 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
156 static int |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
157 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
158 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
159 const uint8_t *wsecret, size_t secret_len) |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
160 { |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
161 ngx_connection_t *c; |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
162 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
163 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
164 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
165 ngx_quic_hexdump(c->log, "level:%d write secret", |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
166 wsecret, secret_len, level); |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
167 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
168 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
169 wsecret, secret_len, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
170 &c->quic->secrets.server); |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
171 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
172 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
173 #else |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
174 |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
175 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
176 ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
177 enum ssl_encryption_level_t level, const uint8_t *rsecret, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
178 const uint8_t *wsecret, size_t secret_len) |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
179 { |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
180 ngx_int_t rc; |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
181 ngx_connection_t *c; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
182 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
183 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
184 |
7688
bec4cd55361e
Fixed a typo with OpenSSL.
Vladimir Homutov <vl@nginx.com>
parents:
7687
diff
changeset
|
185 ngx_quic_hexdump(c->log, "level:%d read", rsecret, secret_len, level); |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
186 ngx_quic_hexdump(c->log, "level:%d write", wsecret, secret_len, level); |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
187 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
188 rc = ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
189 rsecret, secret_len, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
190 &c->quic->secrets.client); |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
191 if (rc != 1) { |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
192 return rc; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
193 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
194 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
195 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
196 wsecret, secret_len, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
197 &c->quic->secrets.server); |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
198 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
199 |
7670
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
200 #endif |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7669
diff
changeset
|
201 |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
202 |
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
203 static int |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
204 ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
205 enum ssl_encryption_level_t level, const uint8_t *data, size_t len) |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
206 { |
7691 | 207 u_char *p; |
208 ngx_quic_frame_t *frame; | |
209 ngx_connection_t *c; | |
210 ngx_quic_connection_t *qc; | |
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
211 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
212 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
213 qc = c->quic; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
214 |
7652
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
215 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
216 "ngx_quic_add_handshake_data"); |
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
217 |
7652
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
218 frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
219 if (frame == NULL) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
220 return 0; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
221 } |
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
222 |
7652
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
223 p = ngx_pnalloc(c->pool, len); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
224 if (p == NULL) { |
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
225 return 0; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
226 } |
7652
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
227 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
228 ngx_memcpy(p, data, len); |
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
229 |
7652
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
230 frame->level = level; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
231 frame->type = NGX_QUIC_FT_CRYPTO; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
232 frame->u.crypto.len = len; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
233 frame->u.crypto.data = p; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
234 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
235 ngx_sprintf(frame->info, "crypto, generated by SSL len=%ui level=%d", len, level); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
236 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
7651
diff
changeset
|
237 ngx_quic_queue_frame(qc, frame); |
7650
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
7649
diff
changeset
|
238 |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
239 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
240 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
241 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
242 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
243 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
244 ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
245 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
246 ngx_connection_t *c; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
247 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
248 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
249 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
250 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "ngx_quic_flush_flight()"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
251 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
252 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
253 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
254 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
255 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
256 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
257 ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
258 uint8_t alert) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
259 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
260 ngx_connection_t *c; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
261 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
262 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
263 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
264 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
265 "ngx_quic_send_alert(), lvl=%d, alert=%d", |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
266 (int) level, (int) alert); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
267 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
268 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
269 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
270 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
271 |
7691 | 272 void |
273 ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_msec_t timeout, | |
274 ngx_connection_handler_pt handler) | |
275 { | |
276 ngx_buf_t *b; | |
277 ngx_quic_header_t pkt; | |
278 | |
279 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic handshake"); | |
280 | |
281 c->log->action = "QUIC handshaking"; | |
282 | |
283 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | |
284 | |
285 b = c->buffer; | |
286 | |
287 pkt.log = c->log; | |
288 pkt.raw = b; | |
289 pkt.data = b->start; | |
290 pkt.len = b->last - b->start; | |
291 | |
292 if (ngx_quic_new_connection(c, ssl, &pkt) != NGX_OK) { | |
293 ngx_quic_close_connection(c); | |
294 return; | |
295 } | |
296 | |
297 // we don't need stream handler for initial packet processing | |
298 c->quic->streams.handler = handler; | |
299 c->quic->streams.timeout = timeout; | |
300 | |
301 ngx_add_timer(c->read, timeout); | |
302 | |
303 c->read->handler = ngx_quic_handshake_handler; | |
304 | |
305 return; | |
306 } | |
307 | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
308 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
309 static ngx_int_t |
7691 | 310 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, |
311 ngx_quic_header_t *pkt) | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
312 { |
7691 | 313 ngx_quic_connection_t *qc; |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
314 |
7691 | 315 if (ngx_buf_size(pkt->raw) < 1200) { |
316 ngx_log_error(NGX_LOG_INFO, c->log, 0, "too small UDP datagram"); | |
317 return NGX_ERROR; | |
318 } | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
319 |
7691 | 320 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
321 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
322 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
323 |
7691 | 324 if ((pkt->flags & 0xf0) != NGX_QUIC_PKT_INITIAL) { |
325 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
326 "invalid initial packet: 0x%xi", pkt->flags); | |
327 return NGX_ERROR; | |
328 } | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
329 |
7691 | 330 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
331 return NGX_ERROR; | |
332 } | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
333 |
7691 | 334 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
335 if (qc == NULL) { | |
336 return NGX_ERROR; | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
337 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
338 |
7691 | 339 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
340 ngx_quic_rbtree_insert_stream); | |
341 | |
342 c->quic = qc; | |
343 qc->ssl = ssl; | |
344 | |
345 qc->dcid.len = pkt->dcid.len; | |
346 qc->dcid.data = ngx_pnalloc(c->pool, pkt->dcid.len); | |
347 if (qc->dcid.data == NULL) { | |
348 return NGX_ERROR; | |
349 } | |
350 ngx_memcpy(qc->dcid.data, pkt->dcid.data, qc->dcid.len); | |
351 | |
352 qc->scid.len = pkt->scid.len; | |
353 qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len); | |
354 if (qc->scid.data == NULL) { | |
355 return NGX_ERROR; | |
356 } | |
357 ngx_memcpy(qc->scid.data, pkt->scid.data, qc->scid.len); | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
358 |
7691 | 359 qc->token.len = pkt->token.len; |
360 qc->token.data = ngx_pnalloc(c->pool, qc->token.len); | |
361 if (qc->token.data == NULL) { | |
362 return NGX_ERROR; | |
363 } | |
364 ngx_memcpy(qc->token.data, pkt->token.data, qc->token.len); | |
365 | |
366 | |
367 if (ngx_quic_set_initial_secret(c->pool, &qc->secrets, &qc->dcid) | |
368 != NGX_OK) | |
369 { | |
370 return NGX_ERROR; | |
371 } | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
372 |
7691 | 373 pkt->secret = &qc->secrets.client.in; |
374 pkt->level = ssl_encryption_initial; | |
375 | |
376 if (ngx_quic_decrypt(c->pool, NULL, pkt) != NGX_OK) { | |
377 return NGX_ERROR; | |
378 } | |
379 | |
380 if (ngx_quic_init_connection(c) != NGX_OK) { | |
381 return NGX_ERROR; | |
382 } | |
383 | |
384 return ngx_quic_payload_handler(c, pkt); | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
385 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
386 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
387 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
388 static ngx_int_t |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
389 ngx_quic_init_connection(ngx_connection_t *c) |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
390 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
391 int n, sslerr; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
392 ngx_ssl_conn_t *ssl_conn; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
393 ngx_quic_connection_t *qc; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
394 |
7671
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
395 static const uint8_t params[] = |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
396 "\x00\x29" /* parameters length: 41 bytes */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
397 "\x00\x0e\x00\x01\x05" /* active connection id limit: 5 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
398 "\x00\x04\x00\x04\x80\x98\x96\x80" /* initial max data = 10000000 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
399 "\x00\x09\x00\x01\x03" /* initial max streams uni: 3 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
400 "\x00\x08\x00\x01\x10" /* initial max streams bidi: 16 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
401 "\x00\x05\x00\x02\x40\xff" /* initial max stream bidi local: 255 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
402 "\x00\x06\x00\x02\x40\xff" /* initial max stream bidi remote: 255 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
403 "\x00\x07\x00\x02\x40\xff"; /* initial max stream data uni: 255 */ |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
404 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
405 qc = c->quic; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
406 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
407 if (ngx_ssl_create_connection(qc->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
408 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
409 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
410 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
411 ssl_conn = c->ssl->connection; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
412 |
7671
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
7670
diff
changeset
|
413 if (SSL_set_quic_transport_params(ssl_conn, params, sizeof(params) - 1) == 0) { |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
414 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
415 "SSL_set_quic_transport_params() failed"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
416 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
417 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
418 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
419 n = SSL_do_handshake(ssl_conn); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
420 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
421 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
422 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
423 if (n == -1) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
424 sslerr = SSL_get_error(ssl_conn, n); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
425 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
426 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
427 sslerr); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
428 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
429 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
430 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
431 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
432 (int) SSL_quic_read_level(ssl_conn), |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
433 (int) SSL_quic_write_level(ssl_conn)); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
434 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
435 return NGX_OK; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
436 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
437 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
438 |
7691 | 439 static void |
440 ngx_quic_handshake_handler(ngx_event_t *rev) | |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
441 { |
7691 | 442 ssize_t n; |
443 ngx_buf_t b; | |
444 ngx_connection_t *c; | |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
445 |
7691 | 446 u_char buf[512]; |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
447 |
7691 | 448 b.start = buf; |
449 b.end = buf + 512; | |
450 b.pos = b.last = b.start; | |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
451 |
7691 | 452 c = rev->data; |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
453 |
7691 | 454 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic handshake handler"); |
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
455 |
7691 | 456 if (rev->timedout) { |
457 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); | |
458 ngx_quic_close_connection(c); | |
459 return; | |
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
460 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
461 |
7691 | 462 if (c->close) { |
463 ngx_quic_close_connection(c); | |
464 return; | |
465 } | |
7686
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7684
diff
changeset
|
466 |
7691 | 467 n = c->recv(c, b.start, b.end - b.start); |
7681 | 468 |
7691 | 469 if (n == NGX_AGAIN) { |
470 return; | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
471 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
472 |
7691 | 473 if (n == NGX_ERROR) { |
474 c->read->eof = 1; | |
475 ngx_quic_close_connection(c); | |
476 return; | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
477 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
478 |
7691 | 479 b.last += n; |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
480 |
7691 | 481 if (ngx_quic_input(c, &b) != NGX_OK) { |
482 ngx_quic_close_connection(c); | |
483 return; | |
484 } | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
485 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
486 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
487 |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
488 static void |
7691 | 489 ngx_quic_close_connection(ngx_connection_t *c) |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
490 { |
7691 | 491 ngx_pool_t *pool; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
492 |
7691 | 493 /* XXX wait for all streams to close */ |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
494 |
7691 | 495 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
496 "close quic connection: %d", c->fd); | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
497 |
7691 | 498 if (c->ssl) { |
499 (void) ngx_ssl_shutdown(c); | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
500 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
501 |
7691 | 502 #if (NGX_STAT_STUB) |
503 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); | |
504 #endif | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
505 |
7691 | 506 c->destroyed = 1; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
507 |
7691 | 508 pool = c->pool; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
509 |
7691 | 510 ngx_close_connection(c); |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
511 |
7691 | 512 ngx_destroy_pool(pool); |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
513 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
514 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
515 |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
516 static ngx_int_t |
7691 | 517 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b) |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
518 { |
7691 | 519 u_char *p; |
520 ngx_int_t rc; | |
521 ngx_quic_header_t pkt; | |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
522 |
7691 | 523 if (c->quic == NULL) { |
524 // XXX: possible? | |
525 ngx_log_error(NGX_LOG_INFO, c->log, 0, "BUG: no QUIC in connection"); | |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
526 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
527 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
528 |
7691 | 529 p = b->start; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
530 |
7691 | 531 do { |
532 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | |
533 pkt.raw = b; | |
534 pkt.data = p; | |
535 pkt.len = b->last - p; | |
536 pkt.log = c->log; | |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
537 |
7691 | 538 if (p[0] == 0) { |
539 /* XXX: no idea WTF is this, just ignore */ | |
540 ngx_log_error(NGX_LOG_ALERT, c->log, 0, "FIREFOX: ZEROES"); | |
541 break; | |
542 } | |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
543 |
7691 | 544 // TODO: check current state |
545 if (p[0] & NGX_QUIC_PKT_LONG) { | |
546 | |
547 if ((p[0] & 0xf0) == NGX_QUIC_PKT_INITIAL) { | |
548 rc = ngx_quic_initial_input(c, &pkt); | |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
549 |
7691 | 550 } else if ((p[0] & 0xf0) == NGX_QUIC_PKT_HANDSHAKE) { |
551 rc = ngx_quic_handshake_input(c, &pkt); | |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
552 |
7691 | 553 } else { |
554 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
555 "BUG: unknown quic state"); | |
556 return NGX_ERROR; | |
557 } | |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
558 |
7691 | 559 } else { |
560 rc = ngx_quic_app_input(c, &pkt); | |
561 } | |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
562 |
7691 | 563 if (rc == NGX_ERROR) { |
564 return NGX_ERROR; | |
565 } | |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
566 |
7691 | 567 /* b->pos is at header end, adjust by actual packet length */ |
568 p = b->pos + pkt.len; | |
569 b->pos = p; /* reset b->pos to the next packet start */ | |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
570 |
7691 | 571 } while (p < b->last); |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
572 |
7691 | 573 return NGX_OK; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
574 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
575 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
576 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
577 static ngx_int_t |
7689 | 578 ngx_quic_initial_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
579 { | |
580 ngx_ssl_conn_t *ssl_conn; | |
581 ngx_quic_connection_t *qc; | |
582 | |
583 qc = c->quic; | |
584 ssl_conn = c->ssl->connection; | |
585 | |
7690
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
7689
diff
changeset
|
586 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
7689 | 587 return NGX_ERROR; |
588 } | |
589 | |
7690
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
7689
diff
changeset
|
590 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
7689 | 591 return NGX_ERROR; |
592 } | |
593 | |
594 pkt->secret = &qc->secrets.client.in; | |
595 pkt->level = ssl_encryption_initial; | |
596 | |
597 if (ngx_quic_decrypt(c->pool, ssl_conn, pkt) != NGX_OK) { | |
598 return NGX_ERROR; | |
599 } | |
600 | |
601 return ngx_quic_payload_handler(c, pkt); | |
602 } | |
603 | |
604 | |
605 static ngx_int_t | |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
606 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
607 { |
7654
bf555b94e387
Using cached ssl_conn in ngx_quic_handshake_input(), NFC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7653
diff
changeset
|
608 ngx_ssl_conn_t *ssl_conn; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
609 ngx_quic_connection_t *qc; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
610 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
611 qc = c->quic; |
7654
bf555b94e387
Using cached ssl_conn in ngx_quic_handshake_input(), NFC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7653
diff
changeset
|
612 ssl_conn = c->ssl->connection; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
613 |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
614 /* extract cleartext data into pkt */ |
7690
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
7689
diff
changeset
|
615 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
616 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
617 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
618 |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
619 if (pkt->dcid.len != qc->dcid.len) { |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
620 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcidl"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
621 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
622 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
623 |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
624 if (ngx_memcmp(pkt->dcid.data, qc->dcid.data, qc->dcid.len) != 0) { |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
625 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcid"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
626 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
627 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
628 |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
629 if (pkt->scid.len != qc->scid.len) { |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
630 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scidl"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
631 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
632 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
633 |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
634 if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
635 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scid"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
636 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
637 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
638 |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
639 if ((pkt->flags & 0xf0) != NGX_QUIC_PKT_HANDSHAKE) { |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
640 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
641 "invalid packet type: 0x%xi", pkt->flags); |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
642 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
643 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
644 |
7690
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
7689
diff
changeset
|
645 if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) { |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
646 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
647 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
648 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
649 pkt->secret = &qc->secrets.client.hs; |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
650 pkt->level = ssl_encryption_handshake; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
651 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
652 if (ngx_quic_decrypt(c->pool, c->ssl->connection, pkt) != NGX_OK) { |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
653 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
654 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
655 |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
656 return ngx_quic_payload_handler(c, pkt); |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
657 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
658 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
659 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
660 static ngx_int_t |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
661 ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
662 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
663 ngx_quic_connection_t *qc; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
664 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
665 qc = c->quic; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
666 |
7689 | 667 if (qc->secrets.client.ad.key.len == 0) { |
668 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
669 "no read keys yet, packet ignored"); | |
670 return NGX_DECLINED; | |
671 } | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
672 |
7690
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
7689
diff
changeset
|
673 if (ngx_quic_parse_short_header(pkt, &qc->dcid) != NGX_OK) { |
7651
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
674 return NGX_ERROR; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
675 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
676 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
677 pkt->secret = &qc->secrets.client.ad; |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
678 pkt->level = ssl_encryption_application; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
679 |
7687
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
7686
diff
changeset
|
680 if (ngx_quic_decrypt(c->pool, c->ssl->connection, pkt) != NGX_OK) { |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
681 return NGX_ERROR; |
7651
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
682 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7650
diff
changeset
|
683 |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
684 return ngx_quic_payload_handler(c, pkt); |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
685 } |
7637 | 686 |
687 | |
7691 | 688 static ngx_int_t |
689 ngx_quic_payload_handler(ngx_connection_t *c, ngx_quic_header_t *pkt) | |
690 { | |
691 u_char *end, *p; | |
692 ssize_t len; | |
693 ngx_uint_t ack_this, do_close; | |
694 ngx_quic_frame_t frame, *ack_frame; | |
695 ngx_quic_connection_t *qc; | |
696 | |
697 qc = c->quic; | |
698 | |
699 p = pkt->payload.data; | |
700 end = p + pkt->payload.len; | |
701 | |
702 ack_this = 0; | |
703 do_close = 0; | |
704 | |
705 while (p < end) { | |
706 | |
707 len = ngx_quic_parse_frame(p, end, &frame); | |
708 if (len < 0) { | |
709 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
710 "failed to parse frame type %xi", frame.type); | |
711 return NGX_ERROR; | |
712 } | |
713 | |
714 p += len; | |
715 | |
716 switch (frame.type) { | |
717 | |
718 case NGX_QUIC_FT_ACK: | |
719 | |
720 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
721 "ACK: { largest=%ui delay=%ui first=%ui count=%ui}", | |
722 frame.u.ack.largest, | |
723 frame.u.ack.delay, | |
724 frame.u.ack.first_range, | |
725 frame.u.ack.range_count); | |
726 | |
727 if (ngx_quic_handle_ack_frame(c, pkt, &frame.u.ack) != NGX_OK) { | |
728 return NGX_ERROR; | |
729 } | |
730 | |
731 break; | |
732 | |
733 case NGX_QUIC_FT_CRYPTO: | |
734 | |
735 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
736 "quic CRYPTO frame length: %uL off:%uL pp:%p", | |
737 frame.u.crypto.len, frame.u.crypto.offset, | |
738 frame.u.crypto.data); | |
739 | |
740 ngx_quic_hexdump0(c->log, "CRYPTO frame contents", | |
741 frame.u.crypto.data, frame.u.crypto.len); | |
742 | |
743 | |
744 if (ngx_quic_handle_crypto_frame(c, pkt, &frame.u.crypto) | |
745 != NGX_OK) | |
746 { | |
747 return NGX_ERROR; | |
748 } | |
749 | |
750 ack_this = 1; | |
751 break; | |
752 | |
753 case NGX_QUIC_FT_PADDING: | |
754 break; | |
755 | |
756 case NGX_QUIC_FT_PING: | |
757 ack_this = 1; | |
758 break; | |
759 | |
760 case NGX_QUIC_FT_NEW_CONNECTION_ID: | |
761 ack_this = 1; | |
762 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
763 "NCID: { seq=%ui retire=%ui len=%ui}", | |
764 frame.u.ncid.seqnum, | |
765 frame.u.ncid.retire, | |
766 frame.u.ncid.len); | |
767 break; | |
768 | |
769 case NGX_QUIC_FT_CONNECTION_CLOSE: | |
770 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
771 "CONN.CLOSE: { %s (0x%xi) type=0x%xi reason='%V'}", | |
772 ngx_quic_error_text(frame.u.close.error_code), | |
773 frame.u.close.error_code, | |
774 frame.u.close.frame_type, | |
775 &frame.u.close.reason); | |
776 | |
777 do_close = 1; | |
778 break; | |
779 | |
780 case NGX_QUIC_FT_STREAM0: | |
781 case NGX_QUIC_FT_STREAM1: | |
782 case NGX_QUIC_FT_STREAM2: | |
783 case NGX_QUIC_FT_STREAM3: | |
784 case NGX_QUIC_FT_STREAM4: | |
785 case NGX_QUIC_FT_STREAM5: | |
786 case NGX_QUIC_FT_STREAM6: | |
787 case NGX_QUIC_FT_STREAM7: | |
788 | |
789 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
790 "STREAM frame { 0x%xi id 0x%xi offset 0x%xi len 0x%xi bits:off=%d len=%d fin=%d }", | |
791 frame.type, | |
792 frame.u.stream.stream_id, | |
793 frame.u.stream.offset, | |
794 frame.u.stream.length, | |
795 frame.u.stream.off, | |
796 frame.u.stream.len, | |
797 frame.u.stream.fin); | |
798 | |
799 ngx_quic_hexdump0(c->log, "STREAM frame contents", | |
800 frame.u.stream.data, frame.u.stream.length); | |
801 | |
802 if (ngx_quic_handle_stream_frame(c, pkt, &frame.u.stream) | |
803 != NGX_OK) | |
804 { | |
805 return NGX_ERROR; | |
806 } | |
807 | |
808 ack_this = 1; | |
809 break; | |
810 | |
7697
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
811 case NGX_QUIC_FT_RESET_STREAM: |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
812 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
813 "RESET STREAM frame" |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
814 " { id 0x%xi error_code 0x%xi final_size 0x%xi }", |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
815 frame.u.reset_stream.id, |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
816 frame.u.reset_stream.error_code, |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
817 frame.u.reset_stream.final_size); |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
818 break; |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
819 |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
820 case NGX_QUIC_FT_STOP_SENDING: |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
821 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
822 "STOP SENDING frame" |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
823 " { id 0x%xi error_code 0x%xi}", |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
824 frame.u.stop_sending.id, |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
825 frame.u.stop_sending.error_code); |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
826 break; |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
7695
diff
changeset
|
827 |
7691 | 828 default: |
829 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
830 "unsupported frame type 0x%xd in packet", frame.type); | |
831 return NGX_ERROR; | |
832 } | |
833 } | |
834 | |
835 if (p != end) { | |
836 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
837 "trailing garbage in payload: %ui bytes", end - p); | |
838 return NGX_ERROR; | |
839 } | |
840 | |
841 if (do_close) { | |
842 // TODO: handle stream close | |
843 } | |
844 | |
845 if (ack_this == 0) { | |
846 /* do not ack packets with ACKs and PADDING */ | |
847 return NGX_OK; | |
848 } | |
849 | |
850 // packet processed, ACK it now if required | |
851 // TODO: if (ack_required) ... - currently just ack each packet | |
852 | |
853 ack_frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); | |
854 if (ack_frame == NULL) { | |
855 return NGX_ERROR; | |
856 } | |
857 | |
858 ack_frame->level = pkt->level; | |
859 ack_frame->type = NGX_QUIC_FT_ACK; | |
860 ack_frame->u.ack.pn = pkt->pn; | |
861 | |
862 ngx_sprintf(ack_frame->info, "ACK for PN=%d from frame handler level=%d", pkt->pn, pkt->level); | |
863 ngx_quic_queue_frame(qc, ack_frame); | |
864 | |
865 return ngx_quic_output(c); | |
866 } | |
867 | |
868 | |
869 static ngx_int_t | |
870 ngx_quic_handle_ack_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, | |
871 ngx_quic_ack_frame_t *f) | |
872 { | |
873 /* TODO: handle ACK here */ | |
874 return NGX_OK; | |
875 } | |
876 | |
877 | |
878 static ngx_int_t | |
879 ngx_quic_handle_crypto_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, | |
880 ngx_quic_crypto_frame_t *f) | |
881 { | |
882 int sslerr; | |
883 ssize_t n; | |
884 ngx_ssl_conn_t *ssl_conn; | |
885 | |
886 if (f->offset != 0x0) { | |
887 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
888 "crypto frame with non-zero offset"); | |
889 // TODO: add support for crypto frames spanning packets | |
890 return NGX_ERROR; | |
891 } | |
892 | |
893 ssl_conn = c->ssl->connection; | |
894 | |
895 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
896 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", | |
897 (int) SSL_quic_read_level(ssl_conn), | |
898 (int) SSL_quic_write_level(ssl_conn)); | |
899 | |
900 if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn), | |
901 f->data, f->len)) | |
902 { | |
903 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, | |
904 "SSL_provide_quic_data() failed"); | |
905 return NGX_ERROR; | |
906 } | |
907 | |
908 n = SSL_do_handshake(ssl_conn); | |
909 | |
910 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); | |
911 | |
912 if (n == -1) { | |
913 sslerr = SSL_get_error(ssl_conn, n); | |
914 | |
915 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", | |
916 sslerr); | |
917 | |
918 if (sslerr == SSL_ERROR_SSL) { | |
919 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); | |
920 } | |
921 } | |
922 | |
923 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
924 "quic ssl cipher: %s", SSL_get_cipher(ssl_conn)); | |
925 | |
926 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
927 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", | |
928 (int) SSL_quic_read_level(ssl_conn), | |
929 (int) SSL_quic_write_level(ssl_conn)); | |
930 | |
931 return NGX_OK; | |
932 } | |
933 | |
934 | |
935 static ngx_int_t | |
936 ngx_quic_handle_stream_frame(ngx_connection_t *c, | |
937 ngx_quic_header_t *pkt, ngx_quic_stream_frame_t *f) | |
938 { | |
939 ngx_buf_t *b; | |
940 ngx_quic_connection_t *qc; | |
941 ngx_quic_stream_node_t *sn; | |
942 | |
943 qc = c->quic; | |
944 | |
945 sn = ngx_quic_find_stream(&qc->streams.tree, f->stream_id); | |
946 | |
947 if (sn) { | |
948 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "existing stream"); | |
949 b = sn->b; | |
950 | |
951 if ((size_t) (b->end - b->pos) < f->length) { | |
952 ngx_log_error(NGX_LOG_INFO, c->log, 0, "no space in stream buffer"); | |
953 return NGX_ERROR; | |
954 } | |
955 | |
956 ngx_memcpy(b->pos, f->data, f->length); | |
957 b->pos += f->length; | |
958 | |
959 // TODO: notify | |
960 | |
961 return NGX_OK; | |
962 } | |
963 | |
964 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "stream is new"); | |
965 | |
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
966 sn = ngx_quic_create_stream(c, f->stream_id); |
7691 | 967 if (sn == NULL) { |
968 return NGX_ERROR; | |
969 } | |
970 | |
971 b = sn->b; | |
972 | |
973 ngx_memcpy(b->start, f->data, f->length); | |
974 b->last = b->start + f->length; | |
975 | |
976 qc->streams.handler(sn->c); | |
977 | |
978 return NGX_OK; | |
979 } | |
980 | |
981 | |
982 static void | |
983 ngx_quic_queue_frame(ngx_quic_connection_t *qc, ngx_quic_frame_t *frame) | |
984 { | |
985 ngx_quic_frame_t *f; | |
986 | |
987 if (qc->frames == NULL) { | |
988 qc->frames = frame; | |
989 return; | |
990 } | |
991 | |
992 for (f = qc->frames; f->next; f = f->next) { | |
993 if (f->next->level > frame->level) { | |
994 break; | |
995 } | |
996 } | |
997 | |
998 frame->next = f->next; | |
999 f->next = frame; | |
1000 } | |
1001 | |
1002 | |
1003 static ngx_int_t | |
1004 ngx_quic_output(ngx_connection_t *c) | |
1005 { | |
1006 size_t len; | |
1007 ngx_uint_t lvl; | |
1008 ngx_quic_frame_t *f, *start; | |
1009 ngx_quic_connection_t *qc; | |
1010 | |
1011 qc = c->quic; | |
1012 | |
1013 if (qc->frames == NULL) { | |
1014 return NGX_OK; | |
1015 } | |
1016 | |
1017 lvl = qc->frames->level; | |
1018 start = qc->frames; | |
1019 f = start; | |
1020 | |
1021 do { | |
1022 len = 0; | |
1023 | |
1024 do { | |
1025 /* process same-level group of frames */ | |
1026 | |
1027 len += ngx_quic_frame_len(f);// TODO: handle overflow, max size | |
1028 | |
1029 f = f->next; | |
1030 } while (f && f->level == lvl); | |
1031 | |
1032 | |
1033 if (ngx_quic_frames_send(c, start, f, len) != NGX_OK) { | |
1034 return NGX_ERROR; | |
1035 } | |
1036 | |
1037 if (f == NULL) { | |
1038 break; | |
1039 } | |
1040 | |
1041 lvl = f->level; // TODO: must not decrease (ever, also between calls) | |
1042 start = f; | |
1043 | |
1044 } while (1); | |
1045 | |
1046 qc->frames = NULL; | |
1047 | |
1048 return NGX_OK; | |
1049 } | |
1050 | |
1051 | |
1052 /* pack a group of frames [start; end) into memory p and send as single packet */ | |
1053 ngx_int_t | |
1054 ngx_quic_frames_send(ngx_connection_t *c, ngx_quic_frame_t *start, | |
1055 ngx_quic_frame_t *end, size_t total) | |
1056 { | |
1057 ssize_t len; | |
1058 u_char *p; | |
1059 ngx_str_t out; | |
1060 ngx_quic_frame_t *f; | |
1061 | |
1062 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1063 "sending frames %p...%p", start, end); | |
1064 | |
1065 p = ngx_pnalloc(c->pool, total); | |
1066 if (p == NULL) { | |
1067 return NGX_ERROR; | |
1068 } | |
1069 | |
1070 out.data = p; | |
1071 | |
1072 for (f = start; f != end; f = f->next) { | |
1073 | |
1074 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "frame: %s", f->info); | |
1075 | |
1076 len = ngx_quic_create_frame(p, p + total, f); | |
1077 if (len == -1) { | |
1078 return NGX_ERROR; | |
1079 } | |
1080 | |
1081 p += len; | |
1082 } | |
1083 | |
1084 out.len = p - out.data; | |
1085 | |
1086 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1087 "packet ready: %ui bytes at level %d", | |
1088 out.len, start->level); | |
1089 | |
1090 // IOVEC/sendmsg_chain ? | |
1091 if (ngx_quic_send_packet(c, c->quic, start->level, &out) != NGX_OK) { | |
1092 return NGX_ERROR; | |
1093 } | |
1094 | |
1095 return NGX_OK; | |
1096 } | |
1097 | |
1098 | |
1099 static ngx_int_t | |
1100 ngx_quic_send_packet(ngx_connection_t *c, ngx_quic_connection_t *qc, | |
1101 enum ssl_encryption_level_t level, ngx_str_t *payload) | |
1102 { | |
1103 ngx_str_t res; | |
1104 ngx_quic_header_t pkt; | |
1105 | |
1106 pkt.log = c->log; | |
1107 | |
1108 static ngx_str_t initial_token = ngx_null_string; | |
1109 | |
1110 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | |
1111 ngx_quic_hexdump0(c->log, "payload", payload->data, payload->len); | |
1112 | |
1113 pkt.level = level; | |
1114 pkt.dcid = qc->dcid; | |
1115 pkt.scid = qc->scid; | |
1116 | |
1117 if (level == ssl_encryption_initial) { | |
1118 pkt.number = &qc->initial_pn; | |
1119 pkt.flags = NGX_QUIC_PKT_INITIAL; | |
1120 pkt.secret = &qc->secrets.server.in; | |
1121 pkt.token = initial_token; | |
1122 | |
1123 } else if (level == ssl_encryption_handshake) { | |
1124 pkt.number = &qc->handshake_pn; | |
1125 pkt.flags = NGX_QUIC_PKT_HANDSHAKE; | |
1126 pkt.secret = &qc->secrets.server.hs; | |
1127 | |
1128 } else { | |
1129 pkt.number = &qc->appdata_pn; | |
1130 pkt.secret = &qc->secrets.server.ad; | |
1131 } | |
1132 | |
1133 if (ngx_quic_encrypt(c->pool, c->ssl->connection, &pkt, payload, &res) | |
1134 != NGX_OK) | |
1135 { | |
1136 return NGX_ERROR; | |
1137 } | |
1138 | |
1139 ngx_quic_hexdump0(c->log, "packet to send", res.data, res.len); | |
1140 | |
1141 c->send(c, res.data, res.len); // TODO: err handling | |
1142 | |
1143 (*pkt.number)++; | |
1144 | |
1145 return NGX_OK; | |
1146 } | |
1147 | |
1148 | |
1149 ngx_connection_t * | |
1150 ngx_quic_create_uni_stream(ngx_connection_t *c) | |
1151 { | |
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1152 ngx_uint_t id; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1153 ngx_quic_stream_t *qs; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1154 ngx_quic_connection_t *qc; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1155 ngx_quic_stream_node_t *sn; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1156 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1157 qs = c->qs; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1158 qc = qs->parent->quic; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1159 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1160 /* |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1161 * A stream ID is a 62-bit integer that is unique for all streams |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1162 * on a connection. |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1163 * |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1164 * 0x3 | Server-Initiated, Unidirectional |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1165 */ |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1166 id = (qc->streams.id_counter << 2) | 0x3; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1167 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1168 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1169 "creating server uni stream #%ui id %ui", |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1170 qc->streams.id_counter, id); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1171 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1172 qc->streams.id_counter++; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1173 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1174 sn = ngx_quic_create_stream(qs->parent, id); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1175 if (sn == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1176 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1177 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1178 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1179 return sn->c; |
7691 | 1180 } |
1181 | |
1182 | |
1183 static void | |
1184 ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, | |
1185 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel) | |
1186 { | |
1187 ngx_rbtree_node_t **p; | |
1188 ngx_quic_stream_node_t *qn, *qnt; | |
1189 | |
1190 for ( ;; ) { | |
1191 | |
1192 if (node->key < temp->key) { | |
1193 | |
1194 p = &temp->left; | |
1195 | |
1196 } else if (node->key > temp->key) { | |
1197 | |
1198 p = &temp->right; | |
1199 | |
1200 } else { /* node->key == temp->key */ | |
1201 | |
1202 qn = (ngx_quic_stream_node_t *) &node->color; | |
1203 qnt = (ngx_quic_stream_node_t *) &temp->color; | |
1204 | |
1205 if (qn->c < qnt->c) { | |
1206 p = &temp->left; | |
1207 } else { | |
1208 p = &temp->right; | |
1209 } | |
1210 } | |
1211 | |
1212 if (*p == sentinel) { | |
1213 break; | |
1214 } | |
1215 | |
1216 temp = *p; | |
1217 } | |
1218 | |
1219 *p = node; | |
1220 node->parent = temp; | |
1221 node->left = sentinel; | |
1222 node->right = sentinel; | |
1223 ngx_rbt_red(node); | |
1224 } | |
1225 | |
1226 | |
1227 static ngx_quic_stream_node_t * | |
1228 ngx_quic_find_stream(ngx_rbtree_t *rbtree, ngx_uint_t key) | |
1229 { | |
1230 ngx_rbtree_node_t *node, *sentinel; | |
1231 | |
1232 node = rbtree->root; | |
1233 sentinel = rbtree->sentinel; | |
1234 | |
1235 while (node != sentinel) { | |
1236 | |
1237 if (key == node->key) { | |
1238 return (ngx_quic_stream_node_t *) node; | |
1239 } | |
1240 | |
1241 node = (key < node->key) ? node->left : node->right; | |
1242 } | |
1243 | |
1244 return NULL; | |
1245 } | |
1246 | |
1247 | |
7695
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1248 static ngx_quic_stream_node_t * |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1249 ngx_quic_create_stream(ngx_connection_t *c, ngx_uint_t id) |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1250 { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1251 ngx_log_t *log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1252 ngx_pool_t *pool; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1253 ngx_event_t *rev, *wev; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1254 ngx_quic_connection_t *qc; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1255 ngx_quic_stream_node_t *sn; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1256 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1257 qc = c->quic; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1258 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1259 sn = ngx_pcalloc(c->pool, sizeof(ngx_quic_stream_node_t)); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1260 if (sn == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1261 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1262 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1263 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1264 sn->c = ngx_get_connection(-1, c->log); // TODO: free on connection termination |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1265 if (sn->c == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1266 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1267 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1268 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1269 pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1270 if (pool == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1271 /* XXX free connection */ |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1272 // TODO: add pool cleanup handdler |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1273 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1274 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1275 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1276 log = ngx_palloc(pool, sizeof(ngx_log_t)); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1277 if (log == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1278 /* XXX free pool and connection */ |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1279 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1280 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1281 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1282 *log = *c->log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1283 pool->log = log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1284 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1285 sn->c->log = log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1286 sn->c->pool = pool; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1287 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1288 sn->c->listening = c->listening; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1289 sn->c->sockaddr = c->sockaddr; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1290 sn->c->local_sockaddr = c->local_sockaddr; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1291 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1292 rev = sn->c->read; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1293 wev = sn->c->write; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1294 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1295 rev->ready = 1; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1296 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1297 rev->log = c->log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1298 wev->log = c->log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1299 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1300 sn->c->number = ngx_atomic_fetch_add(ngx_connection_counter, 1); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1301 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1302 sn->node.key =id; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1303 sn->b = ngx_create_temp_buf(pool, 16 * 1024); // XXX enough for everyone |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1304 if (sn->b == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1305 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1306 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1307 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1308 ngx_rbtree_insert(&qc->streams.tree, &sn->node); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1309 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1310 sn->s.id = id; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1311 sn->s.unidirectional = (sn->s.id & 0x02) ? 1 : 0; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1312 sn->s.parent = c; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1313 sn->c->qs = &sn->s; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1314 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1315 sn->c->recv = ngx_quic_stream_recv; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1316 sn->c->send = ngx_quic_stream_send; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1317 sn->c->send_chain = ngx_quic_stream_send_chain; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1318 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1319 return sn; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1320 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1321 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
7691
diff
changeset
|
1322 |
7691 | 1323 static ssize_t |
1324 ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, size_t size) | |
1325 { | |
1326 ssize_t len; | |
1327 ngx_buf_t *b; | |
1328 ngx_quic_stream_t *qs; | |
1329 ngx_quic_connection_t *qc; | |
1330 ngx_quic_stream_node_t *sn; | |
1331 | |
1332 qs = c->qs; | |
1333 qc = qs->parent->quic; | |
1334 | |
1335 // XXX: get direct pointer from stream structure? | |
1336 sn = ngx_quic_find_stream(&qc->streams.tree, qs->id); | |
1337 | |
1338 if (sn == NULL) { | |
1339 return NGX_ERROR; | |
1340 } | |
1341 | |
1342 // XXX: how to return EOF? | |
1343 | |
1344 b = sn->b; | |
1345 | |
1346 if (b->last - b->pos == 0) { | |
1347 c->read->ready = 0; | |
1348 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1349 "quic recv() not ready"); | |
1350 return NGX_AGAIN; // ? | |
1351 } | |
1352 | |
1353 len = ngx_min(b->last - b->pos, (ssize_t) size); | |
1354 | |
1355 ngx_memcpy(buf, b->pos, len); | |
1356 | |
1357 b->pos += len; | |
1358 | |
1359 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1360 "quic recv: %z of %uz", len, size); | |
1361 | |
1362 return len; | |
1363 } | |
1364 | |
1365 | |
1366 static ssize_t | |
1367 ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, size_t size) | |
1368 { | |
1369 u_char *p; | |
1370 ngx_connection_t *pc; | |
1371 ngx_quic_frame_t *frame; | |
1372 ngx_quic_stream_t *qs; | |
1373 ngx_quic_connection_t *qc; | |
1374 ngx_quic_stream_node_t *sn; | |
1375 | |
1376 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic send: %uz", size); | |
1377 | |
1378 qs = c->qs; | |
1379 pc = qs->parent; | |
1380 qc = pc->quic; | |
1381 | |
1382 // XXX: get direct pointer from stream structure? | |
1383 sn = ngx_quic_find_stream(&qc->streams.tree, qs->id); | |
1384 | |
1385 if (sn == NULL) { | |
1386 return NGX_ERROR; | |
1387 } | |
1388 | |
1389 frame = ngx_pcalloc(pc->pool, sizeof(ngx_quic_frame_t)); | |
1390 if (frame == NULL) { | |
1391 return 0; | |
1392 } | |
1393 | |
1394 p = ngx_pnalloc(pc->pool, size); | |
1395 if (p == NULL) { | |
1396 return 0; | |
1397 } | |
1398 | |
1399 ngx_memcpy(p, buf, size); | |
1400 | |
1401 frame->level = ssl_encryption_application; | |
1402 frame->type = NGX_QUIC_FT_STREAM6; /* OFF=1 LEN=1 FIN=0 */ | |
1403 frame->u.stream.off = 1; | |
1404 frame->u.stream.len = 1; | |
1405 frame->u.stream.fin = 0; | |
1406 | |
1407 frame->u.stream.type = frame->type; | |
1408 frame->u.stream.stream_id = qs->id; | |
1409 frame->u.stream.offset = c->sent; | |
1410 frame->u.stream.length = size; | |
1411 frame->u.stream.data = p; | |
1412 | |
1413 c->sent += size; | |
1414 | |
1415 ngx_sprintf(frame->info, "stream %xi len=%ui level=%d", | |
1416 qs->id, size, frame->level); | |
1417 | |
1418 ngx_quic_queue_frame(qc, frame); | |
1419 | |
1420 return size; | |
1421 } | |
1422 | |
1423 | |
1424 static ngx_chain_t * | |
1425 ngx_quic_stream_send_chain(ngx_connection_t *c, ngx_chain_t *in, | |
1426 off_t limit) | |
1427 { | |
1428 size_t len; | |
1429 ssize_t n; | |
1430 ngx_buf_t *b; | |
1431 | |
1432 for ( /* void */; in; in = in->next) { | |
1433 b = in->buf; | |
1434 | |
1435 if (!ngx_buf_in_memory(b)) { | |
1436 continue; | |
1437 } | |
1438 | |
1439 if (ngx_buf_size(b) == 0) { | |
1440 continue; | |
1441 } | |
1442 | |
1443 len = b->last - b->pos; | |
1444 | |
1445 n = ngx_quic_stream_send(c, b->pos, len); | |
1446 | |
1447 if (n == NGX_ERROR) { | |
1448 return NGX_CHAIN_ERROR; | |
1449 } | |
1450 | |
1451 if (n == NGX_AGAIN) { | |
1452 return in; | |
1453 } | |
1454 | |
1455 if (n != (ssize_t) len) { | |
1456 b->pos += n; | |
1457 return in; | |
1458 } | |
1459 } | |
1460 | |
1461 return NULL; | |
1462 } |