Mercurial > hg > nginx-quic
annotate src/event/quic/ngx_event_quic_migration.c @ 9084:d565cf69ff5d quic
QUIC: reschedule path validation on path insertion/removal.
Two issues fixed:
- new path validation could be scheduled late
- a validated path could leave a spurious timer
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 09 May 2023 19:42:40 +0400 |
| parents | a9fef6ca45a8 |
| children | 9462c514a653 |
| rev | line source |
|---|---|
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #include <ngx_config.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_core.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_event.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
13 static void ngx_quic_set_connection_path(ngx_connection_t *c, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
14 ngx_quic_path_t *path); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
15 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c, |
|
8757
b7284807b4fa
QUIC: refactored ngx_quic_validate_path().
Vladimir Homutov <vl@nginx.com>
parents:
8756
diff
changeset
|
16 ngx_quic_path_t *path); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
17 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
18 ngx_quic_path_t *path); |
|
9084
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
19 static void ngx_quic_set_path_timer(ngx_connection_t *c); |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
20 static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
21 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
22 |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
23 ngx_int_t |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
24 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
25 ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f) |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
26 { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
27 ngx_quic_frame_t frame, *fp; |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
28 ngx_quic_connection_t *qc; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
29 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
30 qc = ngx_quic_get_connection(c); |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
31 |
|
8722
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8721
diff
changeset
|
32 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
|
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8721
diff
changeset
|
33 |
|
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8437
diff
changeset
|
34 frame.level = ssl_encryption_application; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
35 frame.type = NGX_QUIC_FT_PATH_RESPONSE; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
36 frame.u.path_response = *f; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
37 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
38 /* |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
39 * RFC 9000, 8.2.2. Path Validation Responses |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
40 * |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
41 * A PATH_RESPONSE frame MUST be sent on the network path where the |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
42 * PATH_CHALLENGE frame was received. |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
43 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
44 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
45 /* |
|
8690
a951e0809044
QUIC: fixed PATH_RESPONSE frame expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8547
diff
changeset
|
46 * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame |
|
a951e0809044
QUIC: fixed PATH_RESPONSE frame expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8547
diff
changeset
|
47 * to at least the smallest allowed maximum datagram size of 1200 bytes. |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
48 */ |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
49 if (ngx_quic_frame_sendto(c, &frame, 1200, pkt->path) != NGX_OK) { |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
50 return NGX_ERROR; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
51 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
52 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
53 if (pkt->path == qc->path) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
54 /* |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
55 * RFC 9000, 9.3.3. Off-Path Packet Forwarding |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
56 * |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
57 * An endpoint that receives a PATH_CHALLENGE on an active path SHOULD |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
58 * send a non-probing packet in response. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
59 */ |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
60 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
61 fp = ngx_quic_alloc_frame(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
62 if (fp == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
63 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
64 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
65 |
|
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8437
diff
changeset
|
66 fp->level = ssl_encryption_application; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
67 fp->type = NGX_QUIC_FT_PING; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
68 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
69 ngx_quic_queue_frame(qc, fp); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
70 } |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
71 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
72 return NGX_OK; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
73 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
74 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
75 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
76 ngx_int_t |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
77 ngx_quic_handle_path_response_frame(ngx_connection_t *c, |
|
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8437
diff
changeset
|
78 ngx_quic_path_challenge_frame_t *f) |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
79 { |
|
8756
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
80 ngx_uint_t rst; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
81 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
82 ngx_quic_path_t *path, *prev; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
83 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
84 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
85 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
86 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
87 /* |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
88 * RFC 9000, 8.2.3. Successful Path Validation |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
89 * |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
90 * A PATH_RESPONSE frame received on any network path validates the path |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
91 * on which the PATH_CHALLENGE was sent. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
92 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
93 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
94 for (q = ngx_queue_head(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
95 q != ngx_queue_sentinel(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
96 q = ngx_queue_next(q)) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
97 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
98 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
99 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
100 if (!path->validating) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
101 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
102 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
103 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
104 if (ngx_memcmp(path->challenge1, f->data, sizeof(f->data)) == 0 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
105 || ngx_memcmp(path->challenge2, f->data, sizeof(f->data)) == 0) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
106 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
107 goto valid; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
108 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
109 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
110 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
111 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8860
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8832
diff
changeset
|
112 "quic stale PATH_RESPONSE ignored"); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
113 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
114 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
115 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
116 valid: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
117 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
118 /* |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
119 * RFC 9000, 9.4. Loss Detection and Congestion Control |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
120 * |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
121 * On confirming a peer's ownership of its new address, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
122 * an endpoint MUST immediately reset the congestion controller |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
123 * and round-trip time estimator for the new path to initial values |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
124 * unless the only change in the peer's address is its port number. |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
125 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
126 |
|
8756
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
127 rst = 1; |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
128 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
129 prev = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
130 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
131 if (prev != NULL) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
132 |
|
8756
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
133 if (ngx_cmp_sockaddr(prev->sockaddr, prev->socklen, |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
134 path->sockaddr, path->socklen, 0) |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
135 == NGX_OK) |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
136 { |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
137 /* address did not change */ |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
138 rst = 0; |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
139 } |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
140 } |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
141 |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8729
diff
changeset
|
142 if (rst) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
143 ngx_memzero(&qc->congestion, sizeof(ngx_quic_congestion_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
144 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
145 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
146 ngx_max(2 * qc->tp.max_udp_payload_size, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
147 14720)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
148 qc->congestion.ssthresh = (size_t) -1; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
149 qc->congestion.recovery_start = ngx_current_msec; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
150 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
151 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
152 /* |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
153 * RFC 9000, 9.3. Responding to Connection Migration |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
154 * |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
155 * After verifying a new client address, the server SHOULD |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
156 * send new address validation tokens (Section 8) to the client. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
157 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
158 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
159 if (ngx_quic_send_new_token(c, path) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
160 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
161 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
162 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
163 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
164 "quic path seq:%uL addr:%V successfully validated", |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
165 path->seqnum, &path->addr_text); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
166 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
167 ngx_quic_path_dbg(c, "is validated", path); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
168 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
169 path->validated = 1; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
170 path->validating = 0; |
|
8729
fb41e37ddeb0
QUIC: decoupled path state and limitation status.
Vladimir Homutov <vl@nginx.com>
parents:
8728
diff
changeset
|
171 path->limited = 0; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
172 |
|
9084
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
173 ngx_quic_set_path_timer(c); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
174 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
175 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
176 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
177 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
178 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
179 ngx_quic_path_t * |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
180 ngx_quic_new_path(ngx_connection_t *c, |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
181 struct sockaddr *sockaddr, socklen_t socklen, ngx_quic_client_id_t *cid) |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
182 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
183 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
184 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
185 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
186 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
187 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
188 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
189 if (!ngx_queue_empty(&qc->free_paths)) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
190 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
191 q = ngx_queue_head(&qc->free_paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
192 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
193 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
194 ngx_queue_remove(&path->queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
195 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
196 ngx_memzero(path, sizeof(ngx_quic_path_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
197 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
198 } else { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
199 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
200 path = ngx_pcalloc(c->pool, sizeof(ngx_quic_path_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
201 if (path == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
202 return NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
203 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
204 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
205 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
206 ngx_queue_insert_tail(&qc->paths, &path->queue); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
207 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
208 path->cid = cid; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
209 cid->used = 1; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
210 |
|
8729
fb41e37ddeb0
QUIC: decoupled path state and limitation status.
Vladimir Homutov <vl@nginx.com>
parents:
8728
diff
changeset
|
211 path->limited = 1; |
|
fb41e37ddeb0
QUIC: decoupled path state and limitation status.
Vladimir Homutov <vl@nginx.com>
parents:
8728
diff
changeset
|
212 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
213 path->seqnum = qc->path_seqnum++; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
214 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
215 path->sockaddr = &path->sa.sockaddr; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
216 path->socklen = socklen; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
217 ngx_memcpy(path->sockaddr, sockaddr, socklen); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
218 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
219 path->addr_text.data = path->text; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
220 path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
221 NGX_SOCKADDR_STRLEN, 1); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
222 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
223 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
224 "quic path seq:%uL created addr:%V", |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
225 path->seqnum, &path->addr_text); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
226 return path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
227 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
228 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
229 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
230 static ngx_quic_path_t * |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
231 ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag) |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
232 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
233 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
234 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
235 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
236 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
237 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
238 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
239 for (q = ngx_queue_head(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
240 q != ngx_queue_sentinel(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
241 q = ngx_queue_next(q)) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
242 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
243 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
244 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
245 if (path->tag == tag) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
246 return path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
247 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
248 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
249 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
250 return NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
251 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
252 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
253 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
254 ngx_int_t |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
255 ngx_quic_set_path(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
256 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
257 off_t len; |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
258 ngx_queue_t *q; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
259 ngx_quic_path_t *path, *probe; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
260 ngx_quic_socket_t *qsock; |
|
8798
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
261 ngx_quic_send_ctx_t *ctx; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
262 ngx_quic_client_id_t *cid; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
263 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
264 |
|
8728
ddd5e5c0f87d
QUIC: improved path validation.
Vladimir Homutov <vl@nginx.com>
parents:
8722
diff
changeset
|
265 qc = ngx_quic_get_connection(c); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
266 qsock = ngx_quic_get_socket(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
267 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
268 len = pkt->raw->last - pkt->raw->start; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
269 |
|
8862
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
8860
diff
changeset
|
270 if (c->udp->buffer == NULL) { |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
271 /* first ever packet in connection, path already exists */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
272 path = qc->path; |
|
8702
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8701
diff
changeset
|
273 goto update; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
274 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
275 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
276 probe = NULL; |
|
8437
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
277 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
278 for (q = ngx_queue_head(&qc->paths); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
279 q != ngx_queue_sentinel(&qc->paths); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
280 q = ngx_queue_next(q)) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
281 { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
282 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
283 |
|
8862
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
8860
diff
changeset
|
284 if (ngx_cmp_sockaddr(&qsock->sockaddr.sockaddr, qsock->socklen, |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
285 path->sockaddr, path->socklen, 1) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
286 == NGX_OK) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
287 { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
288 goto update; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
289 } |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
290 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
291 if (path->tag == NGX_QUIC_PATH_PROBE) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
292 probe = path; |
|
8437
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
293 } |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
294 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
295 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
296 /* packet from new path, drop current probe, if any */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
297 |
|
8798
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
298 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
299 |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
300 /* |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
301 * only accept highest-numbered packets to prevent connection id |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
302 * exhaustion by excessive probing packets from unknown paths |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
303 */ |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
304 if (pkt->pn != ctx->largest_pn) { |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
305 return NGX_DONE; |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
306 } |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
307 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
308 if (probe && ngx_quic_free_path(c, probe) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
309 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
310 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
311 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
312 /* new path requires new client id */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
313 cid = ngx_quic_next_client_id(c); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
314 if (cid == NULL) { |
|
8930
28fc35b71d75
QUIC: "info" logging level on insufficient client connection ids.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8862
diff
changeset
|
315 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
316 "quic no available client ids for new path"); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
317 /* stop processing of this datagram */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
318 return NGX_DONE; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
319 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
320 |
|
8862
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
8860
diff
changeset
|
321 path = ngx_quic_new_path(c, &qsock->sockaddr.sockaddr, qsock->socklen, cid); |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
322 if (path == NULL) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
323 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
324 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
325 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
326 path->tag = NGX_QUIC_PATH_PROBE; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
327 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
328 /* |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
329 * client arrived using new path and previously seen DCID, |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
330 * this indicates NAT rebinding (or bad client) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
331 */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
332 if (qsock->used) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
333 pkt->rebound = 1; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
334 } |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
335 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
336 update: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
337 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
338 qsock->used = 1; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
339 pkt->path = path; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
340 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
341 /* TODO: this may be too late in some cases; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
342 * for example, if error happens during decrypt(), we cannot |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
343 * send CC, if error happens in 1st packet, due to amplification |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
344 * limit, because path->received = 0 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
345 * |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
346 * should we account garbage as received or only decrypting packets? |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
347 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
348 path->received += len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
349 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
350 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
351 "quic packet len:%O via sock seq:%L path seq:%uL", |
|
8820
da24a78720eb
QUIC: fixed handling of initial source connection id.
Vladimir Homutov <vl@nginx.com>
parents:
8798
diff
changeset
|
352 len, (int64_t) qsock->sid.seqnum, path->seqnum); |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
353 ngx_quic_path_dbg(c, "status", path); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
354 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
355 return NGX_OK; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
356 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
357 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
358 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
359 ngx_int_t |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
360 ngx_quic_free_path(ngx_connection_t *c, ngx_quic_path_t *path) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
361 { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
362 ngx_quic_connection_t *qc; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
363 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
364 qc = ngx_quic_get_connection(c); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
365 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
366 ngx_queue_remove(&path->queue); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
367 ngx_queue_insert_head(&qc->free_paths, &path->queue); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
368 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
369 /* |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
370 * invalidate CID that is no longer usable for any other path; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
371 * this also requests new CIDs from client |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
372 */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
373 if (path->cid) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
374 if (ngx_quic_free_client_id(c, path->cid) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
375 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
376 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
377 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
378 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
379 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
380 "quic path seq:%uL addr:%V retired", |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
381 path->seqnum, &path->addr_text); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
382 |
|
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
383 return NGX_OK; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
384 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
385 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
386 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
387 static void |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
388 ngx_quic_set_connection_path(ngx_connection_t *c, ngx_quic_path_t *path) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
389 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
390 size_t len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
391 |
|
8860
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8832
diff
changeset
|
392 ngx_memcpy(c->sockaddr, path->sockaddr, path->socklen); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
393 c->socklen = path->socklen; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
394 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
395 if (c->addr_text.data) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
396 len = ngx_min(c->addr_text.len, path->addr_text.len); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
397 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
398 ngx_memcpy(c->addr_text.data, path->addr_text.data, len); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
399 c->addr_text.len = len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
400 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
401 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
402 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
403 "quic send path set to seq:%uL addr:%V", |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
404 path->seqnum, &path->addr_text); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
405 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
406 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
407 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
408 ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
409 ngx_quic_handle_migration(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
410 { |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
411 ngx_quic_path_t *next, *bkp; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
412 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
413 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
414 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
415 /* got non-probing packet via non-active path */ |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
416 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
417 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
418 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
419 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
420 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
421 /* |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
422 * RFC 9000, 9.3. Responding to Connection Migration |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
423 * |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
424 * An endpoint only changes the address to which it sends packets in |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
425 * response to the highest-numbered non-probing packet. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
426 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
427 if (pkt->pn != ctx->largest_pn) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
428 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
429 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
430 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
431 next = pkt->path; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
432 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
433 /* |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
434 * RFC 9000, 9.3.3: |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
435 * |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
436 * In response to an apparent migration, endpoints MUST validate the |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
437 * previously active path using a PATH_CHALLENGE frame. |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
438 */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
439 if (pkt->rebound) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
440 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
441 /* NAT rebinding: client uses new path with old SID */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
442 if (ngx_quic_validate_path(c, qc->path) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
443 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
444 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
445 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
446 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
447 if (qc->path->validated) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
448 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
449 if (next->tag != NGX_QUIC_PATH_BACKUP) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
450 /* can delete backup path, if any */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
451 bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
452 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
453 if (bkp && ngx_quic_free_path(c, bkp) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
454 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
455 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
456 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
457 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
458 qc->path->tag = NGX_QUIC_PATH_BACKUP; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
459 ngx_quic_path_dbg(c, "is now backup", qc->path); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
460 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
461 } else { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
462 if (ngx_quic_free_path(c, qc->path) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
463 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
464 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
465 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
466 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
467 /* switch active path to migrated */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
468 qc->path = next; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
469 qc->path->tag = NGX_QUIC_PATH_ACTIVE; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
470 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
471 ngx_quic_set_connection_path(c, next); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
472 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
473 if (!next->validated && !next->validating) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
474 if (ngx_quic_validate_path(c, next) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
475 return NGX_ERROR; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
476 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
477 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
478 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
479 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
480 "quic migrated to path seq:%uL addr:%V", |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
481 qc->path->seqnum, &qc->path->addr_text); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
482 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
483 ngx_quic_path_dbg(c, "is now active", qc->path); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
484 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
485 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
486 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
487 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
488 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
489 static ngx_int_t |
|
8757
b7284807b4fa
QUIC: refactored ngx_quic_validate_path().
Vladimir Homutov <vl@nginx.com>
parents:
8756
diff
changeset
|
490 ngx_quic_validate_path(ngx_connection_t *c, ngx_quic_path_t *path) |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
491 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
492 ngx_msec_t pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
493 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
494 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
495 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
496 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
497 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
498 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
499 "quic initiated validation of path seq:%uL", path->seqnum); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
500 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
501 path->validating = 1; |
|
9082
c6db94ec3841
QUIC: separated path validation retransmit backoff.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8930
diff
changeset
|
502 path->tries = 0; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
503 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
504 if (RAND_bytes(path->challenge1, 8) != 1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
505 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
506 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
507 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
508 if (RAND_bytes(path->challenge2, 8) != 1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
509 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
510 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
511 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
512 if (ngx_quic_send_path_challenge(c, path) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
513 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
514 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
515 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
516 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
|
9083
a9fef6ca45a8
QUIC: lower bound path validation PTO.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9082
diff
changeset
|
517 pto = ngx_max(ngx_quic_pto(c, ctx), 1000); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
518 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
519 path->expires = ngx_current_msec + pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
520 |
|
9084
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
521 ngx_quic_set_path_timer(c); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
522 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
523 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
524 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
525 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
526 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
527 static ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
528 ngx_quic_send_path_challenge(ngx_connection_t *c, ngx_quic_path_t *path) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
529 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
530 ngx_quic_frame_t frame; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
531 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
532 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
533 "quic path seq:%uL send path_challenge tries:%ui", |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
534 path->seqnum, path->tries); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
535 |
|
8722
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8721
diff
changeset
|
536 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
|
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8721
diff
changeset
|
537 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
538 frame.level = ssl_encryption_application; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
539 frame.type = NGX_QUIC_FT_PATH_CHALLENGE; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
540 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
541 ngx_memcpy(frame.u.path_challenge.data, path->challenge1, 8); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
542 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
543 /* |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
544 * RFC 9000, 8.2.1. Initiating Path Validation |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
545 * |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
546 * An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
547 * to at least the smallest allowed maximum datagram size of 1200 bytes, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
548 * unless the anti-amplification limit for the path does not permit |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
549 * sending a datagram of this size. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
550 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
551 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
552 /* same applies to PATH_RESPONSE frames */ |
|
8721
501f28679d56
QUIC: refactored ngx_quic_frame_sendto() function.
Vladimir Homutov <vl@nginx.com>
parents:
8706
diff
changeset
|
553 if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
554 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
555 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
556 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
557 ngx_memcpy(frame.u.path_challenge.data, path->challenge2, 8); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
558 |
|
8721
501f28679d56
QUIC: refactored ngx_quic_frame_sendto() function.
Vladimir Homutov <vl@nginx.com>
parents:
8706
diff
changeset
|
559 if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
560 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
561 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
562 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
563 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
564 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
565 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
566 |
|
9084
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
567 static void |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
568 ngx_quic_set_path_timer(ngx_connection_t *c) |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
569 { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
570 ngx_msec_t now; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
571 ngx_queue_t *q; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
572 ngx_msec_int_t left, next; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
573 ngx_quic_path_t *path; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
574 ngx_quic_connection_t *qc; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
575 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
576 qc = ngx_quic_get_connection(c); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
577 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
578 now = ngx_current_msec; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
579 next = -1; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
580 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
581 for (q = ngx_queue_head(&qc->paths); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
582 q != ngx_queue_sentinel(&qc->paths); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
583 q = ngx_queue_next(q)) |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
584 { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
585 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
586 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
587 if (!path->validating) { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
588 continue; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
589 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
590 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
591 left = path->expires - now; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
592 left = ngx_max(left, 1); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
593 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
594 if (next == -1 || left < next) { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
595 next = left; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
596 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
597 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
598 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
599 if (next != -1) { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
600 ngx_add_timer(&qc->path_validation, next); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
601 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
602 } else if (qc->path_validation.timer_set) { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
603 ngx_del_timer(&qc->path_validation); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
604 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
605 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
606 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9083
diff
changeset
|
607 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
608 void |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
609 ngx_quic_path_validation_handler(ngx_event_t *ev) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
610 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
611 ngx_msec_t now; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
612 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
613 ngx_msec_int_t left, next, pto; |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
614 ngx_quic_path_t *path, *bkp; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
615 ngx_connection_t *c; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
616 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
617 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
618 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
619 c = ev->data; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
620 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
621 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
622 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
623 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
624 next = -1; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
625 now = ngx_current_msec; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
626 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
627 q = ngx_queue_head(&qc->paths); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
628 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
629 while (q != ngx_queue_sentinel(&qc->paths)) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
630 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
631 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
632 q = ngx_queue_next(q); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
633 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
634 if (!path->validating) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
635 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
636 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
637 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
638 left = path->expires - now; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
639 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
640 if (left > 0) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
641 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
642 if (next == -1 || left < next) { |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
643 next = left; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
644 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
645 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
646 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
647 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
648 |
|
9082
c6db94ec3841
QUIC: separated path validation retransmit backoff.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8930
diff
changeset
|
649 if (++path->tries < NGX_QUIC_PATH_RETRIES) { |
|
9083
a9fef6ca45a8
QUIC: lower bound path validation PTO.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9082
diff
changeset
|
650 pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries; |
|
9082
c6db94ec3841
QUIC: separated path validation retransmit backoff.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8930
diff
changeset
|
651 |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
652 path->expires = ngx_current_msec + pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
653 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
654 if (next == -1 || pto < next) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
655 next = pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
656 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
657 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
658 /* retransmit */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
659 (void) ngx_quic_send_path_challenge(c, path); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
660 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
661 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
662 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
663 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
664 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
665 "quic path seq:%uL validation failed", path->seqnum); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
666 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
667 /* found expired path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
668 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
669 path->validated = 0; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
670 path->validating = 0; |
|
8729
fb41e37ddeb0
QUIC: decoupled path state and limitation status.
Vladimir Homutov <vl@nginx.com>
parents:
8728
diff
changeset
|
671 path->limited = 1; |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
672 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
673 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
674 /* RFC 9000, 9.3.2. On-Path Address Spoofing |
|
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8438
diff
changeset
|
675 * |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
676 * To protect the connection from failing due to such a spurious |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
677 * migration, an endpoint MUST revert to using the last validated |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
678 * peer address when validation of a new peer address fails. |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
679 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
680 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
681 if (qc->path == path) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
682 /* active path validation failed */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
683 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
684 bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
685 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
686 if (bkp == NULL) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
687 qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
688 qc->error_reason = "no viable path"; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
689 ngx_quic_close_connection(c, NGX_ERROR); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
690 return; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
691 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
692 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
693 qc->path = bkp; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
694 qc->path->tag = NGX_QUIC_PATH_ACTIVE; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
695 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
696 ngx_quic_set_connection_path(c, qc->path); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
697 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
698 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8832
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
699 "quic path seq:%uL addr:%V is restored from backup", |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
700 qc->path->seqnum, &qc->path->addr_text); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
701 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
702 ngx_quic_path_dbg(c, "is active", qc->path); |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
703 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
704 |
|
8797
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8757
diff
changeset
|
705 if (ngx_quic_free_path(c, path) != NGX_OK) { |
|
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
706 ngx_quic_close_connection(c, NGX_ERROR); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
707 return; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
708 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
709 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
710 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
711 if (next != -1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
712 ngx_add_timer(&qc->path_validation, next); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
713 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8407
diff
changeset
|
714 } |