Mercurial > hg > nginx-quic
annotate src/event/quic/ngx_event_quic.c @ 8442:b3f6ad181df4 quic
QUIC: refactored CRYPTO and STREAM buffer ordering.
Generic function ngx_quic_order_bufs() is introduced. This function creates
and maintains a chain of buffers with holes. Holes are marked with b->sync
flag. Several buffers and holes in this chain may share the same underlying
memory buffer.
When processing STREAM frames with this function, frame data is copied only
once to the right place in the stream input chain. Previously data could
be copied twice. First when buffering an out-of-order frame data, and then
when filling stream buffer from ordered frame queue. Now there's only one
data chain for both tasks.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Tue, 25 May 2021 13:55:12 +0300 |
| parents | 5186ee5a94b9 |
| children | af33d1ef1c3c |
| rev | line source |
|---|---|
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
2 /* |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
4 */ |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
5 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
6 |
| 7637 | 7 #include <ngx_config.h> |
| 8 #include <ngx_core.h> | |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
9 #include <ngx_event.h> |
|
8386
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8385
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
11 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
12 |
|
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
13 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, |
|
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
14 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
|
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
15 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
16 ngx_quic_header_t *pkt); |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
17 static void ngx_quic_input_handler(ngx_event_t *rev); |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
18 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
19 static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
20 static void ngx_quic_close_timer_handler(ngx_event_t *ev); |
| 7691 | 21 |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
22 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, |
|
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
23 ngx_quic_conf_t *conf); |
|
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
24 static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
25 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
26 static ngx_int_t ngx_quic_process_payload(ngx_connection_t *c, |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
27 ngx_quic_header_t *pkt); |
|
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
28 static ngx_int_t ngx_quic_check_csid(ngx_quic_connection_t *qc, |
| 7838 | 29 ngx_quic_header_t *pkt); |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
30 static ngx_int_t ngx_quic_handle_frames(ngx_connection_t *c, |
| 7691 | 31 ngx_quic_header_t *pkt); |
|
8411
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8410
diff
changeset
|
32 |
| 7775 | 33 static void ngx_quic_push_handler(ngx_event_t *ev); |
| 7691 | 34 |
| 35 | |
| 8267 | 36 static ngx_core_module_t ngx_quic_module_ctx = { |
| 37 ngx_string("quic"), | |
| 38 NULL, | |
| 39 NULL | |
| 40 }; | |
| 41 | |
| 42 | |
| 43 ngx_module_t ngx_quic_module = { | |
| 44 NGX_MODULE_V1, | |
| 45 &ngx_quic_module_ctx, /* module context */ | |
| 46 NULL, /* module directives */ | |
| 47 NGX_CORE_MODULE, /* module type */ | |
| 48 NULL, /* init master */ | |
| 49 NULL, /* init module */ | |
| 50 NULL, /* init process */ | |
| 51 NULL, /* init thread */ | |
| 52 NULL, /* exit thread */ | |
| 53 NULL, /* exit process */ | |
| 54 NULL, /* exit master */ | |
| 55 NGX_MODULE_V1_PADDING | |
| 56 }; | |
| 57 | |
| 58 | |
|
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
59 #if (NGX_DEBUG) |
|
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
60 |
|
8411
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8410
diff
changeset
|
61 void |
|
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
62 ngx_quic_connstate_dbg(ngx_connection_t *c) |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
63 { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
64 u_char *p, *last; |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
65 ngx_quic_connection_t *qc; |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
66 u_char buf[NGX_MAX_ERROR_STR]; |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
67 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
68 p = buf; |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
69 last = p + sizeof(buf); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
70 |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
71 qc = ngx_quic_get_connection(c); |
|
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
72 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
73 p = ngx_slprintf(p, last, "state:"); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
74 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
75 if (qc) { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
76 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
77 if (qc->error) { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
78 p = ngx_slprintf(p, last, "%s", qc->error_app ? " app" : ""); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
79 p = ngx_slprintf(p, last, " error:%ui", qc->error); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
80 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
81 if (qc->error_reason) { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
82 p = ngx_slprintf(p, last, " \"%s\"", qc->error_reason); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
83 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
84 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
85 |
|
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
86 p = ngx_slprintf(p, last, "%s", qc->shutdown ? " shutdown" : ""); |
|
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
87 p = ngx_slprintf(p, last, "%s", qc->closing ? " closing" : ""); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
88 p = ngx_slprintf(p, last, "%s", qc->draining ? " draining" : ""); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
89 p = ngx_slprintf(p, last, "%s", qc->key_phase ? " kp" : ""); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
90 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
91 } else { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
92 p = ngx_slprintf(p, last, " early"); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
93 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
94 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
95 if (c->read->timer_set) { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
96 p = ngx_slprintf(p, last, |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
97 qc && qc->send_timer_set ? " send:%M" : " read:%M", |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
98 c->read->timer.key - ngx_current_msec); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
99 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
100 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
101 if (qc) { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
102 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
103 if (qc->push.timer_set) { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
104 p = ngx_slprintf(p, last, " push:%M", |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
105 qc->push.timer.key - ngx_current_msec); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
106 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
107 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
108 if (qc->pto.timer_set) { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
109 p = ngx_slprintf(p, last, " pto:%M", |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
110 qc->pto.timer.key - ngx_current_msec); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
111 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
112 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
113 if (qc->close.timer_set) { |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
114 p = ngx_slprintf(p, last, " close:%M", |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
115 qc->close.timer.key - ngx_current_msec); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
116 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
117 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
118 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
119 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
120 "quic %*s", p - buf, buf); |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
121 } |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
122 |
|
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
123 #endif |
|
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
124 |
|
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
125 |
|
8413
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8412
diff
changeset
|
126 ngx_int_t |
|
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
127 ngx_quic_apply_transport_params(ngx_connection_t *c, ngx_quic_tp_t *ctp) |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
128 { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
129 ngx_str_t scid; |
|
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
130 ngx_quic_connection_t *qc; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
131 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
132 qc = ngx_quic_get_connection(c); |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
133 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
134 scid.data = qc->socket->cid->id; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
135 scid.len = qc->socket->cid->len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
136 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
137 if (scid.len != ctp->initial_scid.len |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
138 || ngx_memcmp(scid.data, ctp->initial_scid.data, scid.len) != 0) |
|
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
139 { |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
140 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
141 "quic client initial_source_connection_id mismatch"); |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
142 return NGX_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
143 } |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
144 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
145 if (ctp->max_udp_payload_size < NGX_QUIC_MIN_INITIAL_SIZE |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
146 || ctp->max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
147 { |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
148 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
149 qc->error_reason = "invalid maximum packet size"; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
150 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
151 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
152 "quic maximum packet size is invalid"); |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
153 return NGX_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
154 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
155 } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) { |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
156 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
157 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
158 "quic client maximum packet size truncated"); |
|
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
159 } |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
160 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
161 if (ctp->active_connection_id_limit < 2) { |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
162 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
163 qc->error_reason = "invalid active_connection_id_limit"; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
164 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
165 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
166 "quic active_connection_id_limit is invalid"); |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
167 return NGX_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
168 } |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
169 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
170 if (ctp->ack_delay_exponent > 20) { |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
171 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
172 qc->error_reason = "invalid ack_delay_exponent"; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
173 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
174 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
175 "quic ack_delay_exponent is invalid"); |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
176 return NGX_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
177 } |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
178 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
179 if (ctp->max_ack_delay > 16384) { |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
180 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
181 qc->error_reason = "invalid max_ack_delay"; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
182 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
183 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
184 "quic max_ack_delay is invalid"); |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
185 return NGX_ERROR; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
186 } |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
187 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
188 if (ctp->max_idle_timeout > 0 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
189 && ctp->max_idle_timeout < qc->tp.max_idle_timeout) |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
190 { |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
191 qc->tp.max_idle_timeout = ctp->max_idle_timeout; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
192 } |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
193 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
194 qc->streams.server_max_streams_bidi = ctp->initial_max_streams_bidi; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
195 qc->streams.server_max_streams_uni = ctp->initial_max_streams_uni; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
196 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
197 ngx_memcpy(&qc->ctp, ctp, sizeof(ngx_quic_tp_t)); |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
198 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
199 return NGX_OK; |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
200 } |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
201 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
202 |
| 7691 | 203 void |
|
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
204 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) |
| 7691 | 205 { |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
206 ngx_int_t rc; |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
207 ngx_quic_connection_t *qc; |
| 7691 | 208 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
209 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
| 7691 | 210 |
|
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
211 rc = ngx_quic_input(c, c->buffer, conf); |
|
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
212 if (rc != NGX_OK) { |
|
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
213 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); |
| 7691 | 214 return; |
| 215 } | |
| 216 | |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
217 qc = ngx_quic_get_connection(c); |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
218 |
| 8279 | 219 if (qc == NULL) { |
| 220 ngx_quic_close_connection(c, NGX_DONE); | |
| 221 return; | |
| 222 } | |
| 223 | |
| 224 ngx_add_timer(c->read, qc->tp.max_idle_timeout); | |
| 225 ngx_quic_connstate_dbg(c); | |
| 7691 | 226 |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
227 c->read->handler = ngx_quic_input_handler; |
| 7691 | 228 |
| 229 return; | |
| 230 } | |
| 231 | |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
232 |
|
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
233 static ngx_quic_connection_t * |
|
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
234 ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, |
|
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
235 ngx_quic_header_t *pkt) |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
236 { |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
237 ngx_uint_t i; |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
238 ngx_quic_tp_t *ctp; |
| 7691 | 239 ngx_quic_connection_t *qc; |
|
7864
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
240 |
| 7691 | 241 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
| 242 if (qc == NULL) { | |
|
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
243 return NULL; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
244 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
245 |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
246 qc->keys = ngx_quic_keys_new(c->pool); |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
247 if (qc->keys == NULL) { |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
248 return NULL; |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
249 } |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
250 |
|
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
251 qc->version = pkt->version; |
|
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
252 |
| 7691 | 253 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
| 254 ngx_quic_rbtree_insert_stream); | |
| 255 | |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
256 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
|
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
257 ngx_queue_init(&qc->send_ctx[i].frames); |
|
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
258 ngx_queue_init(&qc->send_ctx[i].sent); |
|
8157
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
259 qc->send_ctx[i].largest_pn = NGX_QUIC_UNSET_PN; |
|
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
260 qc->send_ctx[i].largest_ack = NGX_QUIC_UNSET_PN; |
|
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
261 qc->send_ctx[i].largest_range = NGX_QUIC_UNSET_PN; |
|
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
262 qc->send_ctx[i].pending_ack = NGX_QUIC_UNSET_PN; |
|
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
263 } |
|
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
264 |
|
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
265 qc->send_ctx[0].level = ssl_encryption_initial; |
|
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
266 qc->send_ctx[1].level = ssl_encryption_handshake; |
|
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
267 qc->send_ctx[2].level = ssl_encryption_application; |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
268 |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
269 ngx_queue_init(&qc->free_frames); |
|
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
270 |
|
7987
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
271 qc->avg_rtt = NGX_QUIC_INITIAL_RTT; |
|
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
272 qc->rttvar = NGX_QUIC_INITIAL_RTT / 2; |
|
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
273 qc->min_rtt = NGX_TIMER_INFINITE; |
|
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
274 |
|
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
275 /* |
|
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
276 * qc->latest_rtt = 0 |
|
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
277 */ |
|
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
278 |
| 7990 | 279 qc->pto.log = c->log; |
| 280 qc->pto.data = c; | |
| 281 qc->pto.handler = ngx_quic_pto_handler; | |
| 282 qc->pto.cancelable = 1; | |
|
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
283 |
| 7775 | 284 qc->push.log = c->log; |
| 285 qc->push.data = c; | |
| 286 qc->push.handler = ngx_quic_push_handler; | |
| 287 qc->push.cancelable = 1; | |
| 288 | |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
289 qc->path_validation.log = c->log; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
290 qc->path_validation.data = c; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
291 qc->path_validation.handler = ngx_quic_path_validation_handler; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
292 qc->path_validation.cancelable = 1; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
293 |
|
7999
0d2b2664b41c
QUIC: added "quic" listen parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
7998
diff
changeset
|
294 qc->conf = conf; |
|
0d2b2664b41c
QUIC: added "quic" listen parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
7998
diff
changeset
|
295 qc->tp = conf->tp; |
| 7691 | 296 |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
297 ctp = &qc->ctp; |
|
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
298 |
|
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
299 /* defaults to be used before actual client parameters are received */ |
|
7931
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
300 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
301 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
302 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
|
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
303 ctp->active_connection_id_limit = 2; |
|
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
304 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
305 qc->streams.recv_max_data = qc->tp.initial_max_data; |
|
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
306 |
|
8014
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
307 qc->streams.client_max_streams_uni = qc->tp.initial_max_streams_uni; |
|
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
308 qc->streams.client_max_streams_bidi = qc->tp.initial_max_streams_bidi; |
|
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
309 |
|
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
310 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
|
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
311 ngx_max(2 * qc->tp.max_udp_payload_size, |
|
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
312 14720)); |
|
8193
8550b91e8e35
QUIC: added proper logging of special values.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
313 qc->congestion.ssthresh = (size_t) -1; |
|
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
314 qc->congestion.recovery_start = ngx_current_msec; |
|
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
315 |
|
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
316 if (pkt->validated && pkt->retried) { |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
317 qc->tp.retry_scid.len = pkt->dcid.len; |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
318 qc->tp.retry_scid.data = ngx_pstrdup(c->pool, &pkt->dcid); |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
319 if (qc->tp.retry_scid.data == NULL) { |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
320 return NULL; |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
321 } |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
322 } |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
323 |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
324 if (ngx_quic_keys_set_initial_secret(c->pool, qc->keys, &pkt->dcid, |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
325 qc->version) |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
326 != NGX_OK) |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
327 { |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
328 return NULL; |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
329 } |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
330 |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
331 qc->validated = pkt->validated; |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
332 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
333 if (ngx_quic_open_sockets(c, qc, pkt) != NGX_OK) { |
|
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
334 return NULL; |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
335 } |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
336 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
337 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
338 "quic connection created"); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
339 |
|
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
340 return qc; |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
341 } |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
342 |
|
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
343 |
|
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
344 static ngx_int_t |
|
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
345 ngx_quic_process_stateless_reset(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
346 { |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
347 u_char *tail, ch; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
348 ngx_uint_t i; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
349 ngx_queue_t *q; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
350 ngx_quic_client_id_t *cid; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
351 ngx_quic_connection_t *qc; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
352 |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
353 qc = ngx_quic_get_connection(c); |
|
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
354 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
355 /* A stateless reset uses an entire UDP datagram */ |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
356 if (pkt->raw->start != pkt->data) { |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
357 return NGX_DECLINED; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
358 } |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
359 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
360 tail = pkt->raw->last - NGX_QUIC_SR_TOKEN_LEN; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
361 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
362 for (q = ngx_queue_head(&qc->client_ids); |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
363 q != ngx_queue_sentinel(&qc->client_ids); |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
364 q = ngx_queue_next(q)) |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
365 { |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
366 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
367 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
368 if (cid->seqnum == 0) { |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
369 /* no stateless reset token in initial connection id */ |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
370 continue; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
371 } |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
372 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
373 /* constant time comparison */ |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
374 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
375 for (ch = 0, i = 0; i < NGX_QUIC_SR_TOKEN_LEN; i++) { |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
376 ch |= tail[i] ^ cid->sr_token[i]; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
377 } |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
378 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
379 if (ch == 0) { |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
380 return NGX_OK; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
381 } |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
382 } |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
383 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
384 return NGX_DECLINED; |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
385 } |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
386 |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
387 |
| 7691 | 388 static void |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
389 ngx_quic_input_handler(ngx_event_t *rev) |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
390 { |
|
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
391 ngx_int_t rc; |
|
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
392 ngx_buf_t *b; |
|
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
393 ngx_connection_t *c; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
394 ngx_quic_connection_t *qc; |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
395 |
|
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
396 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); |
|
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
397 |
| 7691 | 398 c = rev->data; |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
399 qc = ngx_quic_get_connection(c); |
|
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
400 |
|
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
401 c->log->action = "handling quic input"; |
|
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
402 |
| 7691 | 403 if (rev->timedout) { |
| 7838 | 404 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, |
| 405 "quic client timed out"); | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
406 ngx_quic_close_connection(c, NGX_DONE); |
| 7691 | 407 return; |
|
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
408 } |
|
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
409 |
| 7691 | 410 if (c->close) { |
|
7937
b9bce2c4fe33
Close QUIC connection with NO_ERROR on c->close.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7934
diff
changeset
|
411 qc->error_reason = "graceful shutdown"; |
|
b9bce2c4fe33
Close QUIC connection with NO_ERROR on c->close.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7934
diff
changeset
|
412 ngx_quic_close_connection(c, NGX_OK); |
| 7691 | 413 return; |
| 414 } | |
|
7686
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7684
diff
changeset
|
415 |
|
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
416 if (!rev->ready) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
417 if (qc->closing) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
418 ngx_quic_close_connection(c, NGX_OK); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
419 } |
| 7691 | 420 return; |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
421 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
422 |
|
8384
c61fcdc1b8e3
UDP: extended datagram context.
Vladimir Homutov <vl@nginx.com>
parents:
8380
diff
changeset
|
423 b = c->udp->dgram->buffer; |
|
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
424 |
|
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
425 rc = ngx_quic_input(c, b, NULL); |
|
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
426 |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
427 if (rc == NGX_ERROR) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
428 ngx_quic_close_connection(c, NGX_ERROR); |
| 7691 | 429 return; |
| 430 } | |
|
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
431 |
|
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
432 if (rc == NGX_DECLINED) { |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
433 return; |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
434 } |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
435 |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
436 /* rc == NGX_OK */ |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
437 |
|
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
438 qc->send_timer_set = 0; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
439 ngx_add_timer(rev, qc->tp.max_idle_timeout); |
|
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
440 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
441 ngx_quic_connstate_dbg(c); |
|
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
442 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
443 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
444 |
|
8386
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8385
diff
changeset
|
445 void |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
446 ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
447 { |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
448 ngx_pool_t *pool; |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
449 ngx_quic_connection_t *qc; |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
450 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
451 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
452 "quic ngx_quic_close_connection rc:%i", rc); |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
453 |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
454 qc = ngx_quic_get_connection(c); |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
455 |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
456 if (qc == NULL) { |
| 8279 | 457 if (rc == NGX_ERROR) { |
| 458 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
|
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
459 "quic close connection early error"); |
| 8279 | 460 } |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
461 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
462 } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
463 return; |
|
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
464 } |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
465 |
| 7691 | 466 if (c->ssl) { |
| 467 (void) ngx_ssl_shutdown(c); | |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
468 } |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
469 |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
470 if (c->read->timer_set) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
471 ngx_del_timer(c->read); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
472 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
473 |
| 7691 | 474 #if (NGX_STAT_STUB) |
| 475 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); | |
| 476 #endif | |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
477 |
| 7691 | 478 c->destroyed = 1; |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
479 |
| 7691 | 480 pool = c->pool; |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
481 |
| 7691 | 482 ngx_close_connection(c); |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
483 |
| 7691 | 484 ngx_destroy_pool(pool); |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
485 } |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
486 |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
487 |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
488 static ngx_int_t |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
489 ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc) |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
490 { |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
491 ngx_uint_t i; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
492 ngx_quic_send_ctx_t *ctx; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
493 ngx_quic_connection_t *qc; |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
494 |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
495 qc = ngx_quic_get_connection(c); |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
496 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
497 if (!qc->closing) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
498 |
|
7875
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
499 /* drop packets from retransmit queues, no ack is expected */ |
|
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
500 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
|
8236
e9bd4305e68b
QUIC: fixed send contexts cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
501 ngx_quic_free_frames(c, &qc->send_ctx[i].sent); |
|
7875
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
502 } |
|
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
503 |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
504 if (rc == NGX_DONE) { |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
505 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
506 /* |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
507 * 10.2. Idle Timeout |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
508 * |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
509 * If the idle timeout is enabled by either peer, a connection is |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
510 * silently closed and its state is discarded when it remains idle |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
511 */ |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
512 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
513 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
514 "quic closing %s connection", |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
515 qc->draining ? "drained" : "idle"); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
516 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
517 } else { |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
518 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
519 /* |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
520 * 10.3. Immediate Close |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
521 * |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
522 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
523 * to terminate the connection immediately. |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
524 */ |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
525 |
|
7993
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
526 qc->error_level = c->ssl ? SSL_quic_read_level(c->ssl->connection) |
|
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
527 : ssl_encryption_initial; |
|
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
528 |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
529 if (rc == NGX_OK) { |
|
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
530 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
531 "quic immediate close drain:%d", |
|
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
532 qc->draining); |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
533 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
534 qc->close.log = c->log; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
535 qc->close.data = c; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
536 qc->close.handler = ngx_quic_close_timer_handler; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
537 qc->close.cancelable = 1; |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
538 |
|
7993
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
539 ctx = ngx_quic_get_send_ctx(qc, qc->error_level); |
|
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
540 |
|
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
541 ngx_add_timer(&qc->close, 3 * ngx_quic_pto(c, ctx)); |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
542 |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
543 qc->error = NGX_QUIC_ERR_NO_ERROR; |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
544 |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
545 } else { |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
546 if (qc->error == 0 && !qc->error_app) { |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
547 qc->error = NGX_QUIC_ERR_INTERNAL_ERROR; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
548 } |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
549 |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
550 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
551 "quic immediate close due to %s error: %ui %s", |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
552 qc->error_app ? "app " : "", qc->error, |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
553 qc->error_reason ? qc->error_reason : ""); |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
554 } |
|
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
555 |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
556 (void) ngx_quic_send_cc(c); |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
557 |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
558 if (qc->error_level == ssl_encryption_handshake) { |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
559 /* for clients that might not have handshake keys */ |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
560 qc->error_level = ssl_encryption_initial; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
561 (void) ngx_quic_send_cc(c); |
|
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
562 } |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
563 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
564 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
565 qc->closing = 1; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
566 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
567 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
568 if (rc == NGX_ERROR && qc->close.timer_set) { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
569 /* do not wait for timer in case of fatal error */ |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
570 ngx_del_timer(&qc->close); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
571 } |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
572 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
573 if (ngx_quic_close_streams(c, qc) == NGX_AGAIN) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
574 return NGX_AGAIN; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
575 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
576 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
577 if (qc->push.timer_set) { |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
578 ngx_del_timer(&qc->push); |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
579 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
580 |
| 7990 | 581 if (qc->pto.timer_set) { |
| 582 ngx_del_timer(&qc->pto); | |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
583 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
584 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
585 if (qc->path_validation.timer_set) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
586 ngx_del_timer(&qc->path_validation); |
|
7929
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
587 } |
|
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
588 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
589 if (qc->push.posted) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
590 ngx_delete_posted_event(&qc->push); |
|
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
591 } |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
592 |
|
8091
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
593 if (qc->close.timer_set) { |
|
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
594 return NGX_AGAIN; |
|
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
595 } |
|
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
596 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
597 ngx_quic_close_sockets(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
598 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
599 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
600 "quic part of connection is terminated"); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
601 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
602 /* may be tested from SSL callback during SSL shutdown */ |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
603 c->udp = NULL; |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
604 |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
605 return NGX_OK; |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
606 } |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
607 |
|
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
608 |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
609 void |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
610 ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
611 const char *reason) |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
612 { |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
613 ngx_quic_connection_t *qc; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
614 |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
615 qc = ngx_quic_get_connection(c); |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
616 qc->error = err; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
617 qc->error_reason = reason; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
618 qc->error_app = 1; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
619 qc->error_ftype = 0; |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
620 |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
621 ngx_quic_close_connection(c, NGX_ERROR); |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
622 } |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
623 |
|
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
624 |
|
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
625 void |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
626 ngx_quic_shutdown_connection(ngx_connection_t *c, ngx_uint_t err, |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
627 const char *reason) |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
628 { |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
629 ngx_quic_connection_t *qc; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
630 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
631 qc = ngx_quic_get_connection(c); |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
632 qc->shutdown = 1; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
633 qc->shutdown_code = err; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
634 qc->shutdown_reason = reason; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
635 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
636 ngx_quic_shutdown_quic(c); |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
637 } |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
638 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
639 |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
640 static void |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
641 ngx_quic_close_timer_handler(ngx_event_t *ev) |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
642 { |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
643 ngx_connection_t *c; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
644 |
| 7836 | 645 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic close timer"); |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
646 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
647 c = ev->data; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
648 ngx_quic_close_connection(c, NGX_DONE); |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
649 } |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
650 |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
651 |
|
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
652 static ngx_int_t |
|
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
653 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
654 { |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
655 u_char *p; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
656 ngx_int_t rc; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
657 ngx_uint_t good; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
658 ngx_quic_header_t pkt; |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
659 |
|
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
660 good = 0; |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
661 |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
662 p = b->pos; |
|
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
663 |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
664 while (p < b->last) { |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
665 |
| 7691 | 666 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
| 667 pkt.raw = b; | |
| 668 pkt.data = p; | |
| 669 pkt.len = b->last - p; | |
| 670 pkt.log = c->log; | |
|
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
671 pkt.flags = p[0]; |
|
8097
a89a58c642ef
QUIC: simplified packet header parsing.
Vladimir Homutov <vl@nginx.com>
parents:
8096
diff
changeset
|
672 pkt.raw->pos++; |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
673 |
|
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
674 rc = ngx_quic_process_packet(c, conf, &pkt); |
|
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
675 |
|
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
676 #if (NGX_DEBUG) |
|
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
677 if (pkt.parsed) { |
|
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
678 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8168
f32740ddd484
QUIC: got rid of "pkt" abbreviation in logs.
Vladimir Homutov <vl@nginx.com>
parents:
8167
diff
changeset
|
679 "quic packet %s done decr:%d pn:%L perr:%ui rc:%i", |
|
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
680 ngx_quic_level_name(pkt.level), pkt.decrypted, |
|
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
681 pkt.pn, pkt.error, rc); |
|
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
682 } else { |
|
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
683 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8168
f32740ddd484
QUIC: got rid of "pkt" abbreviation in logs.
Vladimir Homutov <vl@nginx.com>
parents:
8167
diff
changeset
|
684 "quic packet done parse failed rc:%i", rc); |
|
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
685 } |
|
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
686 #endif |
|
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
687 |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
688 if (rc == NGX_ERROR) { |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
689 return NGX_ERROR; |
| 7691 | 690 } |
|
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
691 |
| 8279 | 692 if (rc == NGX_DONE) { |
| 693 /* stop further processing */ | |
| 694 return NGX_DECLINED; | |
| 695 } | |
| 696 | |
|
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
697 if (rc == NGX_OK) { |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
698 good = 1; |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
699 } |
|
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
700 |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
701 /* NGX_OK || NGX_DECLINED */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
702 |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
703 /* |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
704 * we get NGX_DECLINED when there are no keys [yet] available |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
705 * to decrypt packet. |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
706 * Instead of queueing it, we ignore it and rely on the sender's |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
707 * retransmission: |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
708 * |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
709 * 12.2. Coalescing Packets: |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
710 * |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
711 * For example, if decryption fails (because the keys are |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
712 * not available or any other reason), the receiver MAY either |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
713 * discard or buffer the packet for later processing and MUST |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
714 * attempt to process the remaining packets. |
|
8073
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
715 * |
|
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
716 * We also skip packets that don't match connection state |
|
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
717 * or cannot be parsed properly. |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
718 */ |
|
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
719 |
| 7691 | 720 /* b->pos is at header end, adjust by actual packet length */ |
|
8096
0f37b4ef3cd9
QUIC: keep the entire packet size in pkt->len.
Roman Arutyunyan <arut@nginx.com>
parents:
8095
diff
changeset
|
721 b->pos = pkt.data + pkt.len; |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
722 |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
723 /* firefox workaround: skip zero padding at the end of quic packet */ |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
724 while (b->pos < b->last && *(b->pos) == 0) { |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
725 b->pos++; |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
726 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
727 |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
728 p = b->pos; |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
729 } |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
730 |
|
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
731 return good ? NGX_OK : NGX_DECLINED; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
732 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
733 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
734 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
735 static ngx_int_t |
|
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
736 ngx_quic_process_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, |
|
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
737 ngx_quic_header_t *pkt) |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
738 { |
|
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
739 ngx_int_t rc; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
740 ngx_quic_connection_t *qc; |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
741 |
|
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
742 c->log->action = "parsing quic packet"; |
|
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
743 |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
744 rc = ngx_quic_parse_packet(pkt); |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
745 |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
746 if (rc == NGX_DECLINED || rc == NGX_ERROR) { |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
747 return rc; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
748 } |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
749 |
|
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
750 pkt->parsed = 1; |
|
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
751 |
|
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
752 c->log->action = "processing quic packet"; |
|
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
753 |
|
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
754 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
755 "quic packet rx dcid len:%uz %xV", |
|
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
756 pkt->dcid.len, &pkt->dcid); |
|
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
757 |
|
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
758 #if (NGX_DEBUG) |
|
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
759 if (pkt->level != ssl_encryption_application) { |
|
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
760 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
761 "quic packet rx scid len:%uz %xV", |
|
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
762 pkt->scid.len, &pkt->scid); |
|
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
763 } |
|
8211
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
764 |
|
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
765 if (pkt->level == ssl_encryption_initial) { |
|
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
766 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
767 "quic address validation token len:%uz %xV", |
|
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
768 pkt->token.len, &pkt->token); |
|
8211
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
769 } |
|
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
770 #endif |
|
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
771 |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
772 qc = ngx_quic_get_connection(c); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
773 |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
774 if (qc) { |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
775 |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
776 if (rc == NGX_ABORT) { |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
777 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
778 "quic unsupported version: 0x%xD", pkt->version); |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
779 return NGX_DECLINED; |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
780 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
781 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
782 rc = ngx_quic_check_migration(c, pkt); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
783 if (rc != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
784 return rc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
785 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
786 |
|
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
787 if (pkt->level != ssl_encryption_application) { |
|
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
788 |
|
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
789 if (pkt->version != qc->version) { |
|
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
790 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
791 "quic version mismatch: 0x%xD", pkt->version); |
|
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
792 return NGX_DECLINED; |
|
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
793 } |
|
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
794 |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
795 if (ngx_quic_check_csid(qc, pkt) != NGX_OK) { |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
796 return NGX_DECLINED; |
|
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
797 } |
|
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
798 |
|
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
799 } else { |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
800 |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
801 if (ngx_quic_process_stateless_reset(c, pkt) == NGX_OK) { |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
802 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
803 "quic stateless reset packet detected"); |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
804 |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
805 qc->draining = 1; |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
806 ngx_quic_close_connection(c, NGX_OK); |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
807 |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
808 return NGX_OK; |
|
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
809 } |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
810 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
811 |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
812 return ngx_quic_process_payload(c, pkt); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
813 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
814 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
815 /* packet does not belong to a connection */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
816 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
817 if (rc == NGX_ABORT) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
818 return ngx_quic_negotiate_version(c, pkt); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
819 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
820 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
821 if (pkt->level == ssl_encryption_application) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
822 return ngx_quic_send_stateless_reset(c, conf, pkt); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
823 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
824 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
825 if (pkt->level != ssl_encryption_initial) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
826 return NGX_ERROR; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
827 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
828 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
829 c->log->action = "processing initial packet"; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
830 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
831 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
832 /* 7.2. Negotiating Connection IDs */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
833 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
834 "quic too short dcid in initial" |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
835 " packet: len:%i", pkt->dcid.len); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
836 return NGX_ERROR; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
837 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
838 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
839 /* process retry and initialize connection IDs */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
840 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
841 if (pkt->token.len) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
842 |
|
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
843 rc = ngx_quic_validate_token(c, conf->av_token_key, pkt); |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
844 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
845 if (rc == NGX_ERROR) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
846 /* internal error */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
847 return NGX_ERROR; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
848 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
849 } else if (rc == NGX_ABORT) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
850 /* token cannot be decrypted */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
851 return ngx_quic_send_early_cc(c, pkt, |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
852 NGX_QUIC_ERR_INVALID_TOKEN, |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
853 "cannot decrypt token"); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
854 } else if (rc == NGX_DECLINED) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
855 /* token is invalid */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
856 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
857 if (pkt->retried) { |
|
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
858 /* invalid address validation token */ |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
859 return ngx_quic_send_early_cc(c, pkt, |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
860 NGX_QUIC_ERR_INVALID_TOKEN, |
|
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
861 "invalid address validation token"); |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
862 } else if (conf->retry) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
863 /* invalid NEW_TOKEN */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
864 return ngx_quic_send_retry(c, conf, pkt); |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
865 } |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
866 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
867 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
868 /* NGX_OK */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
869 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
870 } else if (conf->retry) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
871 return ngx_quic_send_retry(c, conf, pkt); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
872 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
873 } else { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
874 pkt->odcid = pkt->dcid; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
875 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
876 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
877 if (ngx_terminate || ngx_exiting) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
878 if (conf->retry) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
879 return ngx_quic_send_retry(c, conf, pkt); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
880 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
881 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
882 return NGX_ERROR; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
883 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
884 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
885 c->log->action = "creating quic connection"; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
886 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
887 qc = ngx_quic_new_connection(c, conf, pkt); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
888 if (qc == NULL) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
889 return NGX_ERROR; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
890 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
891 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
892 return ngx_quic_process_payload(c, pkt); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
893 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
894 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
895 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
896 static ngx_int_t |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
897 ngx_quic_process_payload(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
898 { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
899 ngx_int_t rc; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
900 ngx_quic_send_ctx_t *ctx; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
901 ngx_quic_connection_t *qc; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
902 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
903 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
904 qc = ngx_quic_get_connection(c); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
905 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
906 qc->error = 0; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
907 qc->error_reason = 0; |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
908 |
|
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
909 c->log->action = "decrypting packet"; |
|
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
910 |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
911 if (!ngx_quic_keys_available(qc->keys, pkt->level)) { |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
912 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
913 "quic no level %d keys yet, ignoring packet", pkt->level); |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
914 return NGX_DECLINED; |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
915 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
916 |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
917 pkt->keys = qc->keys; |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
918 pkt->key_phase = qc->key_phase; |
|
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
919 pkt->plaintext = buf; |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
920 |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
921 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
922 |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
923 rc = ngx_quic_decrypt(pkt, &ctx->largest_pn); |
|
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
924 if (rc != NGX_OK) { |
|
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
925 qc->error = pkt->error; |
|
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
926 qc->error_reason = "failed to decrypt packet"; |
|
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
927 return rc; |
| 7689 | 928 } |
| 929 | |
|
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
930 pkt->decrypted = 1; |
|
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
931 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
932 if (ngx_quic_update_paths(c, pkt) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
933 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
934 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
935 |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
936 if (c->ssl == NULL) { |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
937 if (ngx_quic_init_connection(c) != NGX_OK) { |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
938 return NGX_ERROR; |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
939 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
940 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
941 |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
942 if (pkt->level == ssl_encryption_handshake) { |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
943 /* |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
944 * 4.10.1. The successful use of Handshake packets indicates |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
945 * that no more Initial packets need to be exchanged |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
946 */ |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
947 ngx_quic_discard_ctx(c, ssl_encryption_initial); |
|
8170
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8169
diff
changeset
|
948 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
949 if (qc->socket->path->state != NGX_QUIC_PATH_VALIDATED) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
950 qc->socket->path->state = NGX_QUIC_PATH_VALIDATED; |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
951 ngx_post_event(&qc->push, &ngx_posted_events); |
|
8170
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8169
diff
changeset
|
952 } |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
953 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
954 |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
955 if (qc->closing) { |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
956 /* |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
957 * 10.1 Closing and Draining Connection States |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
958 * ... delayed or reordered packets are properly discarded. |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
959 * |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
960 * An endpoint retains only enough information to generate |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
961 * a packet containing a CONNECTION_CLOSE frame and to identify |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
962 * packets as belonging to the connection. |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
963 */ |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
964 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
965 qc->error_level = pkt->level; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
966 qc->error = NGX_QUIC_ERR_NO_ERROR; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
967 qc->error_reason = "connection is closing, packet discarded"; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
968 qc->error_ftype = 0; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
969 qc->error_app = 0; |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
970 |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
971 return ngx_quic_send_cc(c); |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
972 } |
|
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
973 |
|
8162
c5ea341f705a
QUIC: optimized acknowledgement generation.
Vladimir Homutov <vl@nginx.com>
parents:
8161
diff
changeset
|
974 pkt->received = ngx_current_msec; |
|
8133
1d4417e4f2d0
QUIC: fixed measuring ACK Delay against 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8132
diff
changeset
|
975 |
|
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
976 c->log->action = "handling payload"; |
|
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
977 |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
978 if (pkt->level != ssl_encryption_application) { |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
979 return ngx_quic_handle_frames(c, pkt); |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
980 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
981 |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
982 if (!pkt->key_update) { |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
983 return ngx_quic_handle_frames(c, pkt); |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
984 } |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
985 |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
986 /* switch keys and generate next on Key Phase change */ |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
987 |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
988 qc->key_phase ^= 1; |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
989 ngx_quic_keys_switch(c, qc->keys); |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
990 |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
991 rc = ngx_quic_handle_frames(c, pkt); |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
992 if (rc != NGX_OK) { |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
993 return rc; |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
994 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
995 |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
996 return ngx_quic_keys_update(c, qc->keys); |
| 7689 | 997 } |
| 998 | |
| 999 | |
|
8413
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8412
diff
changeset
|
1000 void |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1001 ngx_quic_discard_ctx(ngx_connection_t *c, enum ssl_encryption_level_t level) |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1002 { |
|
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1003 ngx_queue_t *q; |
|
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1004 ngx_quic_frame_t *f; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1005 ngx_quic_socket_t *qsock; |
|
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1006 ngx_quic_send_ctx_t *ctx; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1007 ngx_quic_connection_t *qc; |
|
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1008 |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1009 qc = ngx_quic_get_connection(c); |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1010 |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1011 if (!ngx_quic_keys_available(qc->keys, level)) { |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1012 return; |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1013 } |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1014 |
|
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1015 ngx_quic_keys_discard(qc->keys, level); |
|
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1016 |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1017 qc->pto_count = 0; |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1018 |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1019 ctx = ngx_quic_get_send_ctx(qc, level); |
|
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1020 |
|
8442
b3f6ad181df4
QUIC: refactored CRYPTO and STREAM buffer ordering.
Roman Arutyunyan <arut@nginx.com>
parents:
8438
diff
changeset
|
1021 ngx_quic_free_bufs(c, ctx->crypto); |
|
b3f6ad181df4
QUIC: refactored CRYPTO and STREAM buffer ordering.
Roman Arutyunyan <arut@nginx.com>
parents:
8438
diff
changeset
|
1022 |
|
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1023 while (!ngx_queue_empty(&ctx->sent)) { |
|
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1024 q = ngx_queue_head(&ctx->sent); |
|
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1025 ngx_queue_remove(q); |
|
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1026 |
|
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1027 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1028 ngx_quic_congestion_ack(c, f); |
|
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1029 ngx_quic_free_frame(c, f); |
|
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1030 } |
|
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1031 |
|
8171
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1032 while (!ngx_queue_empty(&ctx->frames)) { |
|
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1033 q = ngx_queue_head(&ctx->frames); |
|
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1034 ngx_queue_remove(q); |
|
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1035 |
|
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1036 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
|
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1037 ngx_quic_congestion_ack(c, f); |
|
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1038 ngx_quic_free_frame(c, f); |
|
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1039 } |
|
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1040 |
|
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1041 if (level == ssl_encryption_initial) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1042 /* close temporary listener with odcid */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1043 qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1044 if (qsock) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1045 ngx_quic_close_socket(c, qsock); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1046 } |
|
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1047 } |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1048 |
|
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1049 ctx->send_ack = 0; |
|
8290
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8289
diff
changeset
|
1050 |
|
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8289
diff
changeset
|
1051 ngx_quic_set_lost_timer(c); |
|
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1052 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1053 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1054 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1055 static ngx_int_t |
|
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1056 ngx_quic_check_csid(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) |
| 7838 | 1057 { |
|
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1058 ngx_queue_t *q; |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1059 ngx_quic_client_id_t *cid; |
|
7858
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1060 |
|
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1061 for (q = ngx_queue_head(&qc->client_ids); |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1062 q != ngx_queue_sentinel(&qc->client_ids); |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1063 q = ngx_queue_next(q)) |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1064 { |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1065 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1066 |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1067 if (pkt->scid.len == cid->len |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1068 && ngx_memcmp(pkt->scid.data, cid->id, cid->len) == 0) |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1069 { |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1070 return NGX_OK; |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1071 } |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1072 } |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1073 |
|
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1074 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); |
|
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1075 return NGX_ERROR; |
|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1076 } |
| 7637 | 1077 |
| 1078 | |
| 7691 | 1079 static ngx_int_t |
|
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1080 ngx_quic_handle_frames(ngx_connection_t *c, ngx_quic_header_t *pkt) |
| 7691 | 1081 { |
| 1082 u_char *end, *p; | |
| 1083 ssize_t len; | |
|
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1084 ngx_buf_t buf; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1085 ngx_uint_t do_close, nonprobing; |
|
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1086 ngx_chain_t chain; |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1087 ngx_quic_frame_t frame; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1088 ngx_quic_socket_t *qsock; |
| 7691 | 1089 ngx_quic_connection_t *qc; |
| 1090 | |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1091 qc = ngx_quic_get_connection(c); |
| 7691 | 1092 |
| 1093 p = pkt->payload.data; | |
| 1094 end = p + pkt->payload.len; | |
| 1095 | |
| 1096 do_close = 0; | |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1097 nonprobing = 0; |
| 7691 | 1098 |
| 1099 while (p < end) { | |
| 1100 | |
| 7741 | 1101 c->log->action = "parsing frames"; |
| 1102 | |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1103 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
|
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1104 ngx_memzero(&buf, sizeof(ngx_buf_t)); |
|
8243
d9f673d18e9b
QUIC: set the temporary flag for input frame buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8242
diff
changeset
|
1105 buf.temporary = 1; |
|
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1106 |
|
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1107 chain.buf = &buf; |
|
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1108 chain.next = NULL; |
|
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1109 frame.data = &chain; |
|
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1110 |
|
7706
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
7705
diff
changeset
|
1111 len = ngx_quic_parse_frame(pkt, p, end, &frame); |
|
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
1112 |
| 7691 | 1113 if (len < 0) { |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1114 qc->error = pkt->error; |
| 7691 | 1115 return NGX_ERROR; |
| 1116 } | |
| 1117 | |
|
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
1118 ngx_quic_log_frame(c->log, &frame, 0); |
|
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
1119 |
| 7741 | 1120 c->log->action = "handling frames"; |
| 1121 | |
| 7691 | 1122 p += len; |
| 1123 | |
| 1124 switch (frame.type) { | |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1125 /* probing frames */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1126 case NGX_QUIC_FT_PADDING: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1127 case NGX_QUIC_FT_PATH_CHALLENGE: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1128 case NGX_QUIC_FT_PATH_RESPONSE: |
|
8436
901126931bd5
QUIC: consider NEW_CONNECTION_ID a probing frame.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
1129 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1130 break; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1131 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1132 /* non-probing frames */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1133 default: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1134 nonprobing = 1; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1135 break; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1136 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1137 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1138 switch (frame.type) { |
| 7691 | 1139 |
| 1140 case NGX_QUIC_FT_ACK: | |
|
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1141 if (ngx_quic_handle_ack_frame(c, pkt, &frame) != NGX_OK) { |
| 7691 | 1142 return NGX_ERROR; |
| 1143 } | |
| 1144 | |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1145 continue; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1146 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1147 case NGX_QUIC_FT_PADDING: |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1148 /* no action required */ |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1149 continue; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1150 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1151 case NGX_QUIC_FT_CONNECTION_CLOSE: |
|
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
1152 case NGX_QUIC_FT_CONNECTION_CLOSE_APP: |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1153 do_close = 1; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1154 continue; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1155 } |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1156 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1157 /* got there with ack-eliciting packet */ |
|
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1158 pkt->need_ack = 1; |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1159 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1160 switch (frame.type) { |
| 7691 | 1161 |
| 1162 case NGX_QUIC_FT_CRYPTO: | |
| 1163 | |
|
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1164 if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { |
| 7691 | 1165 return NGX_ERROR; |
| 1166 } | |
| 1167 | |
| 1168 break; | |
| 1169 | |
| 1170 case NGX_QUIC_FT_PING: | |
| 1171 break; | |
| 1172 | |
| 1173 case NGX_QUIC_FT_STREAM0: | |
| 1174 case NGX_QUIC_FT_STREAM1: | |
| 1175 case NGX_QUIC_FT_STREAM2: | |
| 1176 case NGX_QUIC_FT_STREAM3: | |
| 1177 case NGX_QUIC_FT_STREAM4: | |
| 1178 case NGX_QUIC_FT_STREAM5: | |
| 1179 case NGX_QUIC_FT_STREAM6: | |
| 1180 case NGX_QUIC_FT_STREAM7: | |
| 1181 | |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
1182 if (ngx_quic_handle_stream_frame(c, pkt, &frame) != NGX_OK) { |
| 7691 | 1183 return NGX_ERROR; |
| 1184 } | |
| 1185 | |
| 1186 break; | |
| 1187 | |
|
7703
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1188 case NGX_QUIC_FT_MAX_DATA: |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1189 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1190 if (ngx_quic_handle_max_data_frame(c, &frame.u.max_data) != NGX_OK) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1191 { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1192 return NGX_ERROR; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1193 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1194 |
|
7703
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1195 break; |
|
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1196 |
|
7702
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1197 case NGX_QUIC_FT_STREAMS_BLOCKED: |
|
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1198 case NGX_QUIC_FT_STREAMS_BLOCKED2: |
|
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1199 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1200 if (ngx_quic_handle_streams_blocked_frame(c, pkt, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1201 &frame.u.streams_blocked) |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1202 != NGX_OK) |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1203 { |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1204 return NGX_ERROR; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1205 } |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1206 |
|
7702
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1207 break; |
|
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1208 |
|
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1209 case NGX_QUIC_FT_STREAM_DATA_BLOCKED: |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1210 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1211 if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1212 &frame.u.stream_data_blocked) |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1213 != NGX_OK) |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1214 { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1215 return NGX_ERROR; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1216 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1217 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1218 break; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1219 |
|
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1220 case NGX_QUIC_FT_MAX_STREAM_DATA: |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1221 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1222 if (ngx_quic_handle_max_stream_data_frame(c, pkt, |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1223 &frame.u.max_stream_data) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1224 != NGX_OK) |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1225 { |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1226 return NGX_ERROR; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1227 } |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1228 |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1229 break; |
|
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1230 |
|
7923
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1231 case NGX_QUIC_FT_RESET_STREAM: |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1232 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1233 if (ngx_quic_handle_reset_stream_frame(c, pkt, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1234 &frame.u.reset_stream) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1235 != NGX_OK) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1236 { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1237 return NGX_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1238 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1239 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1240 break; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1241 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1242 case NGX_QUIC_FT_STOP_SENDING: |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1243 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1244 if (ngx_quic_handle_stop_sending_frame(c, pkt, |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1245 &frame.u.stop_sending) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1246 != NGX_OK) |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1247 { |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1248 return NGX_ERROR; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1249 } |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1250 |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1251 break; |
|
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1252 |
|
8013
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1253 case NGX_QUIC_FT_MAX_STREAMS: |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1254 case NGX_QUIC_FT_MAX_STREAMS2: |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1255 |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1256 if (ngx_quic_handle_max_streams_frame(c, pkt, &frame.u.max_streams) |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1257 != NGX_OK) |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1258 { |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1259 return NGX_ERROR; |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1260 } |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1261 |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1262 break; |
|
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1263 |
|
8069
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1264 case NGX_QUIC_FT_PATH_CHALLENGE: |
|
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1265 |
|
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1266 if (ngx_quic_handle_path_challenge_frame(c, &frame.u.path_challenge) |
|
8069
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1267 != NGX_OK) |
|
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1268 { |
|
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1269 return NGX_ERROR; |
|
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1270 } |
|
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1271 |
|
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1272 break; |
|
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1273 |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1274 case NGX_QUIC_FT_PATH_RESPONSE: |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1275 |
|
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1276 if (ngx_quic_handle_path_response_frame(c, &frame.u.path_response) |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1277 != NGX_OK) |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1278 { |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1279 return NGX_ERROR; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1280 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1281 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1282 break; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1283 |
|
7791
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
1284 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
|
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1285 |
|
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1286 if (ngx_quic_handle_new_connection_id_frame(c, &frame.u.ncid) |
|
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1287 != NGX_OK) |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1288 { |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1289 return NGX_ERROR; |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1290 } |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1291 |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1292 break; |
|
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1293 |
|
7791
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
1294 case NGX_QUIC_FT_RETIRE_CONNECTION_ID: |
|
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1295 |
|
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1296 if (ngx_quic_handle_retire_connection_id_frame(c, |
|
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1297 &frame.u.retire_cid) |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1298 != NGX_OK) |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1299 { |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1300 return NGX_ERROR; |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1301 } |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1302 |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1303 break; |
|
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1304 |
| 7691 | 1305 default: |
|
7823
4e4485793418
Added MAX_STREAM_DATA stub handler.
Vladimir Homutov <vl@nginx.com>
parents:
7822
diff
changeset
|
1306 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 7836 | 1307 "quic missing frame handler"); |
| 7691 | 1308 return NGX_ERROR; |
| 1309 } | |
| 1310 } | |
| 1311 | |
| 1312 if (p != end) { | |
| 1313 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
|
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
1314 "quic trailing garbage in payload:%ui bytes", end - p); |
|
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1315 |
|
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1316 qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
| 7691 | 1317 return NGX_ERROR; |
| 1318 } | |
| 1319 | |
| 1320 if (do_close) { | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1321 qc->draining = 1; |
|
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1322 ngx_quic_close_connection(c, NGX_OK); |
| 7691 | 1323 } |
| 1324 | |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1325 qsock = ngx_quic_get_socket(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1326 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1327 if (qsock != qc->socket) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1328 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1329 if (qsock->path != qc->socket->path && nonprobing) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1330 /* |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1331 * An endpoint can migrate a connection to a new local |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1332 * address by sending packets containing non-probing frames |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1333 * from that address. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1334 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1335 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1336 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1337 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1338 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1339 /* |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1340 * else: packet arrived via non-default socket; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1341 * no reason to change active path |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1342 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1343 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1344 |
|
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1345 if (ngx_quic_ack_packet(c, pkt) != NGX_OK) { |
|
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1346 return NGX_ERROR; |
|
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1347 } |
|
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1348 |
|
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1349 return NGX_OK; |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1350 } |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1351 |
|
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1352 |
| 7775 | 1353 static void |
| 1354 ngx_quic_push_handler(ngx_event_t *ev) | |
| 1355 { | |
|
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
1356 ngx_connection_t *c; |
| 7775 | 1357 |
| 7836 | 1358 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic push timer"); |
| 7775 | 1359 |
| 1360 c = ev->data; | |
| 1361 | |
| 1362 if (ngx_quic_output(c) != NGX_OK) { | |
|
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1363 ngx_quic_close_connection(c, NGX_ERROR); |
| 7775 | 1364 return; |
| 1365 } | |
|
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
1366 |
|
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
1367 ngx_quic_connstate_dbg(c); |
| 7775 | 1368 } |
| 1369 | |
| 1370 | |
|
8410
41807e581de9
QUIC: separate files for stream related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8409
diff
changeset
|
1371 void |
|
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1372 ngx_quic_shutdown_quic(ngx_connection_t *c) |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1373 { |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1374 ngx_rbtree_t *tree; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1375 ngx_rbtree_node_t *node; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1376 ngx_quic_stream_t *qs; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1377 ngx_quic_connection_t *qc; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1378 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1379 qc = ngx_quic_get_connection(c); |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1380 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1381 if (qc->closing) { |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1382 return; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1383 } |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1384 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1385 tree = &qc->streams.tree; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1386 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1387 if (tree->root != tree->sentinel) { |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1388 for (node = ngx_rbtree_min(tree->root, tree->sentinel); |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1389 node; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1390 node = ngx_rbtree_next(tree, node)) |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1391 { |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1392 qs = (ngx_quic_stream_t *) node; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1393 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1394 if (!qs->cancelable) { |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1395 return; |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1396 } |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1397 } |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1398 } |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1399 |
|
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1400 ngx_quic_finalize_connection(c, qc->shutdown_code, qc->shutdown_reason); |
|
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1401 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1402 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1403 |
|
8196
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1404 uint32_t |
|
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1405 ngx_quic_version(ngx_connection_t *c) |
|
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1406 { |
|
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1407 uint32_t version; |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1408 ngx_quic_connection_t *qc; |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1409 |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1410 qc = ngx_quic_get_connection(c); |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1411 |
|
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1412 version = qc->version; |
|
8196
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1413 |
|
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1414 return (version & 0xff000000) == 0xff000000 ? version & 0xff : version; |
|
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1415 } |