Mercurial > hg > nginx-quic
annotate src/event/quic/ngx_event_quic_connid.c @ 8437:d5f93733c17d quic
QUIC: relaxed client id requirements.
Client IDs cannot be reused on different paths. This change allows to reuse
client id previosly seen on the same path (but with different dcid) in case
when no unused client IDs are available.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 05 May 2021 18:11:55 +0300 |
parents | 4117aa7fa38e |
children | 5186ee5a94b9 |
rev | line source |
---|---|
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #include <ngx_config.h> |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_core.h> |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_event.h> |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 #define NGX_QUIC_MAX_SERVER_IDS 8 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
13 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
14 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
15 #if (NGX_QUIC_BPF) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
16 static ngx_int_t ngx_quic_bpf_attach_id(ngx_connection_t *c, u_char *id); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
17 #endif |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
18 static ngx_int_t ngx_quic_send_retire_connection_id(ngx_connection_t *c, |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
19 enum ssl_encryption_level_t level, uint64_t seqnum); |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
20 |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
21 static ngx_quic_client_id_t *ngx_quic_alloc_client_id(ngx_connection_t *c, |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
22 ngx_quic_connection_t *qc); |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
23 static ngx_int_t ngx_quic_replace_retired_client_id(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
24 ngx_quic_client_id_t *retired_cid); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
25 static ngx_int_t ngx_quic_send_server_id(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
26 ngx_quic_server_id_t *sid); |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
27 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
28 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
29 ngx_int_t |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
30 ngx_quic_create_server_id(ngx_connection_t *c, u_char *id) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
31 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
32 if (RAND_bytes(id, NGX_QUIC_SERVER_CID_LEN) != 1) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
33 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
34 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
35 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
36 #if (NGX_QUIC_BPF) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
37 if (ngx_quic_bpf_attach_id(c, id) != NGX_OK) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
38 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
39 "quic bpf failed to generate socket key"); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
40 /* ignore error, things still may work */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
41 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
42 #endif |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
43 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
44 return NGX_OK; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
45 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
46 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
47 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
48 #if (NGX_QUIC_BPF) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
49 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
50 static ngx_int_t |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
51 ngx_quic_bpf_attach_id(ngx_connection_t *c, u_char *id) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
52 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
53 int fd; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
54 uint64_t cookie; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
55 socklen_t optlen; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
56 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
57 fd = c->listening->fd; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
58 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
59 optlen = sizeof(cookie); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
60 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
61 if (getsockopt(fd, SOL_SOCKET, SO_COOKIE, &cookie, &optlen) == -1) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
62 ngx_log_error(NGX_LOG_ERR, c->log, ngx_socket_errno, |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
63 "quic getsockopt(SO_COOKIE) failed"); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
64 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
65 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
66 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
67 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
68 ngx_quic_dcid_encode_key(id, cookie); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
69 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
70 return NGX_OK; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
71 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
72 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
73 #endif |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
74 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
75 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
76 ngx_int_t |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
77 ngx_quic_handle_new_connection_id_frame(ngx_connection_t *c, |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
78 ngx_quic_header_t *pkt, ngx_quic_new_conn_id_frame_t *f) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
79 { |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
80 ngx_str_t id; |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
81 ngx_queue_t *q; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
82 ngx_quic_client_id_t *cid, *item; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
83 ngx_quic_connection_t *qc; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
84 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
85 qc = ngx_quic_get_connection(c); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
86 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
87 if (f->seqnum < qc->max_retired_seqnum) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
88 /* |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
89 * An endpoint that receives a NEW_CONNECTION_ID frame with |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
90 * a sequence number smaller than the Retire Prior To field |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
91 * of a previously received NEW_CONNECTION_ID frame MUST send |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
92 * a corresponding RETIRE_CONNECTION_ID frame that retires |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
93 * the newly received connection ID, unless it has already |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
94 * done so for that sequence number. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
95 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
96 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
97 if (ngx_quic_send_retire_connection_id(c, pkt->level, f->seqnum) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
98 != NGX_OK) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
99 { |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
100 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
101 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
102 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
103 goto retire; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
104 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
105 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
106 cid = NULL; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
107 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
108 for (q = ngx_queue_head(&qc->client_ids); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
109 q != ngx_queue_sentinel(&qc->client_ids); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
110 q = ngx_queue_next(q)) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
111 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
112 item = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
113 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
114 if (item->seqnum == f->seqnum) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
115 cid = item; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
116 break; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
117 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
118 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
119 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
120 if (cid) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
121 /* |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
122 * Transmission errors, timeouts and retransmissions might cause the |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
123 * same NEW_CONNECTION_ID frame to be received multiple times |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
124 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
125 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
126 if (cid->len != f->len |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
127 || ngx_strncmp(cid->id, f->cid, f->len) != 0 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
128 || ngx_strncmp(cid->sr_token, f->srt, NGX_QUIC_SR_TOKEN_LEN) != 0) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
129 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
130 /* |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
131 * ..a sequence number is used for different connection IDs, |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
132 * the endpoint MAY treat that receipt as a connection error |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
133 * of type PROTOCOL_VIOLATION. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
134 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
135 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
136 qc->error_reason = "seqnum refers to different connection id/token"; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
137 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
138 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
139 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
140 } else { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
141 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
142 id.data = f->cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
143 id.len = f->len; |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
144 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
145 if (ngx_quic_create_client_id(c, &id, f->seqnum, f->srt) == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
146 return NGX_ERROR; |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
147 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
148 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
149 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
150 retire: |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
151 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
152 if (qc->max_retired_seqnum && f->retire <= qc->max_retired_seqnum) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
153 /* |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
154 * Once a sender indicates a Retire Prior To value, smaller values sent |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
155 * in subsequent NEW_CONNECTION_ID frames have no effect. A receiver |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
156 * MUST ignore any Retire Prior To fields that do not increase the |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
157 * largest received Retire Prior To value. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
158 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
159 goto done; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
160 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
161 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
162 qc->max_retired_seqnum = f->retire; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
163 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
164 q = ngx_queue_head(&qc->client_ids); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
165 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
166 while (q != ngx_queue_sentinel(&qc->client_ids)) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
167 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
168 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
169 q = ngx_queue_next(q); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
170 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
171 if (cid->seqnum >= f->retire) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
172 continue; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
173 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
174 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
175 /* this connection id must be retired */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
176 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
177 if (ngx_quic_send_retire_connection_id(c, pkt->level, cid->seqnum) |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
178 != NGX_OK) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
179 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
180 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
181 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
182 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
183 if (cid->refcnt) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
184 /* we are going to retire client id which is in use */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
185 if (ngx_quic_replace_retired_client_id(c, cid) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
186 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
187 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
188 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
189 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
190 ngx_quic_unref_client_id(c, cid); |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
191 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
192 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
193 done: |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
194 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
195 if (qc->nclient_ids > qc->tp.active_connection_id_limit) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
196 /* |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
197 * After processing a NEW_CONNECTION_ID frame and |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
198 * adding and retiring active connection IDs, if the number of active |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
199 * connection IDs exceeds the value advertised in its |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
200 * active_connection_id_limit transport parameter, an endpoint MUST |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
201 * close the connection with an error of type CONNECTION_ID_LIMIT_ERROR. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
202 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
203 qc->error = NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
204 qc->error_reason = "too many connection ids received"; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
205 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
206 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
207 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
208 return NGX_OK; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
209 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
210 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
211 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
212 static ngx_int_t |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
213 ngx_quic_send_retire_connection_id(ngx_connection_t *c, |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
214 enum ssl_encryption_level_t level, uint64_t seqnum) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
215 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
216 ngx_quic_frame_t *frame; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
217 ngx_quic_connection_t *qc; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
218 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
219 qc = ngx_quic_get_connection(c); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
220 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
221 frame = ngx_quic_alloc_frame(c); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
222 if (frame == NULL) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
223 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
224 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
225 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
226 frame->level = level; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
227 frame->type = NGX_QUIC_FT_RETIRE_CONNECTION_ID; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
228 frame->u.retire_cid.sequence_number = seqnum; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
229 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
230 ngx_quic_queue_frame(qc, frame); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
231 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
232 /* we are no longer going to use this client id */ |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
233 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
234 return NGX_OK; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
235 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
236 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
237 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
238 static ngx_quic_client_id_t * |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
239 ngx_quic_alloc_client_id(ngx_connection_t *c, ngx_quic_connection_t *qc) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
240 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
241 ngx_queue_t *q; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
242 ngx_quic_client_id_t *cid; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
243 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
244 if (!ngx_queue_empty(&qc->free_client_ids)) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
245 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
246 q = ngx_queue_head(&qc->free_client_ids); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
247 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
248 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
249 ngx_queue_remove(&cid->queue); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
250 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
251 ngx_memzero(cid, sizeof(ngx_quic_client_id_t)); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
252 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
253 } else { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
254 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
255 cid = ngx_pcalloc(c->pool, sizeof(ngx_quic_client_id_t)); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
256 if (cid == NULL) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
257 return NULL; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
258 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
259 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
260 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
261 return cid; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
262 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
263 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
264 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
265 ngx_quic_client_id_t * |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
266 ngx_quic_create_client_id(ngx_connection_t *c, ngx_str_t *id, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
267 uint64_t seqnum, u_char *token) |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
268 { |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
269 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
270 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
271 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
272 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
273 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
274 cid = ngx_quic_alloc_client_id(c, qc); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
275 if (cid == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
276 return NULL; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
277 } |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
278 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
279 cid->seqnum = seqnum; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
280 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
281 cid->len = id->len; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
282 ngx_memcpy(cid->id, id->data, id->len); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
283 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
284 if (token) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
285 ngx_memcpy(cid->sr_token, token, NGX_QUIC_SR_TOKEN_LEN); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
286 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
287 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
288 ngx_queue_insert_tail(&qc->client_ids, &cid->queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
289 qc->nclient_ids++; |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
290 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
291 if (seqnum > qc->client_seqnum) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
292 qc->client_seqnum = seqnum; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
293 } |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
294 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
295 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
296 "quic cid #%uL received id:%uz:%xV:%*xs", |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
297 cid->seqnum, id->len, id, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
298 (size_t) NGX_QUIC_SR_TOKEN_LEN, cid->sr_token); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
299 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
300 return cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
301 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
302 |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
303 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
304 ngx_quic_client_id_t * |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
305 ngx_quic_next_client_id(ngx_connection_t *c) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
306 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
307 ngx_queue_t *q; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
308 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
309 ngx_quic_connection_t *qc; |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
310 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
311 qc = ngx_quic_get_connection(c); |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
312 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
313 for (q = ngx_queue_head(&qc->client_ids); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
314 q != ngx_queue_sentinel(&qc->client_ids); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
315 q = ngx_queue_next(q)) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
316 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
317 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
318 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
319 if (cid->refcnt == 0) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
320 return cid; |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
321 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
322 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
323 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
324 return NULL; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
325 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
326 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
327 |
8437
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
328 ngx_quic_client_id_t * |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
329 ngx_quic_used_client_id(ngx_connection_t *c, ngx_quic_path_t *path) |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
330 { |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
331 ngx_queue_t *q; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
332 ngx_quic_socket_t *qsock; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
333 ngx_quic_connection_t *qc; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
334 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
335 qc = ngx_quic_get_connection(c); |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
336 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
337 /* best guess: cid used by active path is good for us */ |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
338 if (qc->socket->path == path) { |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
339 return qc->socket->cid; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
340 } |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
341 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
342 for (q = ngx_queue_head(&qc->sockets); |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
343 q != ngx_queue_sentinel(&qc->sockets); |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
344 q = ngx_queue_next(q)) |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
345 { |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
346 qsock = ngx_queue_data(q, ngx_quic_socket_t, queue); |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
347 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
348 if (qsock->path && qsock->path == path) { |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
349 return qsock->cid; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
350 } |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
351 } |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
352 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
353 return NULL; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
354 } |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
355 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
356 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
357 ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
358 ngx_quic_handle_retire_connection_id_frame(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
359 ngx_quic_header_t *pkt, ngx_quic_retire_cid_frame_t *f) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
360 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
361 ngx_quic_path_t *path; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
362 ngx_quic_socket_t *qsock, **tmp; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
363 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
364 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
365 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
366 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
367 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
368 qsock = ngx_quic_find_socket(c, f->sequence_number); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
369 if (qsock == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
370 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
371 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
372 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
373 if (qsock->sid.seqnum == qc->socket->sid.seqnum) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
374 tmp = &qc->socket; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
375 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
376 } else if (qc->backup && qsock->sid.seqnum == qc->backup->sid.seqnum) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
377 tmp = &qc->backup; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
378 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
379 } else { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
380 tmp = NULL; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
381 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
382 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
383 if (ngx_quic_create_sockets(c) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
384 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
385 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
386 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
387 if (tmp) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
388 /* replace socket in use (active or backup) */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
389 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
390 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
391 "quic %s socket #%uL:%uL:%uL retired", |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
392 (*tmp) == qc->socket ? "active" : "backup", |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
393 (*tmp)->sid.seqnum, (*tmp)->cid->seqnum, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
394 (*tmp)->path->seqnum); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
395 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
396 qsock = ngx_quic_get_unconnected_socket(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
397 if (qsock == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
398 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
399 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
400 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
401 path = (*tmp)->path; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
402 cid = (*tmp)->cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
403 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
404 ngx_quic_connect(c, qsock, path, cid); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
405 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
406 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
407 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
408 "quic %s socket is now #%uL:%uL:%uL (%s)", |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
409 (*tmp) == qc->socket ? "active" : "backup", |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
410 qsock->sid.seqnum, qsock->cid->seqnum, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
411 qsock->path->seqnum, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
412 ngx_quic_path_state_str(qsock->path)); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
413 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
414 ngx_quic_close_socket(c, *tmp); /* no longer used */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
415 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
416 *tmp = qsock; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
417 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
418 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
419 return NGX_OK; |
8408
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
420 } |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
421 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
422 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
423 ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
424 ngx_quic_create_sockets(ngx_connection_t *c) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
425 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
426 ngx_uint_t n; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
427 ngx_quic_socket_t *qsock; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
428 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
429 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
430 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
431 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
432 n = ngx_min(NGX_QUIC_MAX_SERVER_IDS, qc->ctp.active_connection_id_limit); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
433 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
434 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
435 "quic create sockets has:%ui max:%ui", qc->nsockets, n); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
436 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
437 while (qc->nsockets < n) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
438 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
439 qsock = ngx_quic_alloc_socket(c, qc); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
440 if (qsock == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
441 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
442 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
443 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
444 if (ngx_quic_listen(c, qc, qsock) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
445 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
446 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
447 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
448 if (ngx_quic_send_server_id(c, &qsock->sid) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
449 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
450 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
451 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
452 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
453 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
454 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
455 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
456 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
457 static ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
458 ngx_quic_send_server_id(ngx_connection_t *c, ngx_quic_server_id_t *sid) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
459 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
460 ngx_str_t dcid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
461 ngx_quic_frame_t *frame; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
462 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
463 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
464 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
465 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
466 dcid.len = sid->len; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
467 dcid.data = sid->id; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
468 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
469 frame = ngx_quic_alloc_frame(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
470 if (frame == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
471 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
472 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
473 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
474 frame->level = ssl_encryption_application; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
475 frame->type = NGX_QUIC_FT_NEW_CONNECTION_ID; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
476 frame->u.ncid.seqnum = sid->seqnum; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
477 frame->u.ncid.retire = 0; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
478 frame->u.ncid.len = NGX_QUIC_SERVER_CID_LEN; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
479 ngx_memcpy(frame->u.ncid.cid, sid->id, NGX_QUIC_SERVER_CID_LEN); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
480 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
481 if (ngx_quic_new_sr_token(c, &dcid, qc->conf->sr_token_key, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
482 frame->u.ncid.srt) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
483 != NGX_OK) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
484 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
485 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
486 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
487 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
488 ngx_quic_queue_frame(qc, frame); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
489 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
490 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
491 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
492 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
493 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
494 static ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
495 ngx_quic_replace_retired_client_id(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
496 ngx_quic_client_id_t *retired_cid) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
497 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
498 ngx_queue_t *q; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
499 ngx_quic_socket_t *qsock; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
500 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
501 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
502 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
503 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
504 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
505 for (q = ngx_queue_head(&qc->sockets); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
506 q != ngx_queue_sentinel(&qc->sockets); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
507 q = ngx_queue_next(q)) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
508 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
509 qsock = ngx_queue_data(q, ngx_quic_socket_t, queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
510 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
511 if (qsock->cid == retired_cid) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
512 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
513 cid = ngx_quic_next_client_id(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
514 if (cid == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
515 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
516 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
517 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
518 qsock->cid = cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
519 cid->refcnt++; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
520 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
521 ngx_quic_unref_client_id(c, retired_cid); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
522 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
523 if (retired_cid->refcnt == 0) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
524 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
525 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
526 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
527 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
528 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
529 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
530 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
531 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
532 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
533 void |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
534 ngx_quic_unref_client_id(ngx_connection_t *c, ngx_quic_client_id_t *cid) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
535 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
536 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
537 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
538 cid->refcnt--; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
539 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
540 if (cid->refcnt) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
541 return; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
542 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
543 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
544 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
545 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
546 ngx_queue_remove(&cid->queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
547 ngx_queue_insert_head(&qc->free_client_ids, &cid->queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
548 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
549 qc->nclient_ids--; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8408
diff
changeset
|
550 } |