Mercurial > hg > nginx-quic

comparison src/event/quic/ngx_event_quic.c @ 8269:7df607cb2d11 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: ngx_quic_bpf module. The quic kernel bpf helper inspects packet payload for DCID, extracts key and routes the packet into socket matching the key. Due to reuseport feature, each worker owns a personal socket, which is identified by the same key, used to create DCID. BPF objects are locked in RAM and are subject to RLIMIT_MEMLOCK. The "ulimit -l" command may be used to setup proper limits, if maps cannot be created with EPERM or updated with ETOOLONG.
author Vladimir Homutov <vl@nginx.com>
date Fri, 25 Dec 2020 15:01:15 +0300
parents 2c7f927f7999
children dffb66fb783b
comparison
equal deleted inserted replaced
8268:d3747ba486e7 8269:7df607cb2d11
230 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, 230 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c,
231 ngx_quic_header_t *pkt); 231 ngx_quic_header_t *pkt);
232 static ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c, 232 static ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c,
233 ngx_quic_header_t *inpkt); 233 ngx_quic_header_t *inpkt);
234 static ngx_int_t ngx_quic_create_server_id(ngx_connection_t *c, u_char *id); 234 static ngx_int_t ngx_quic_create_server_id(ngx_connection_t *c, u_char *id);
235 #if (NGX_QUIC_BPF)
236 static ngx_int_t ngx_quic_bpf_attach_id(ngx_connection_t *c, u_char *id);
237 #endif
235 static ngx_int_t ngx_quic_send_retry(ngx_connection_t *c); 238 static ngx_int_t ngx_quic_send_retry(ngx_connection_t *c);
236 static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token); 239 static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token);
237 static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, 240 static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c,
238 ngx_quic_header_t *pkt); 241 ngx_quic_header_t *pkt);
239 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); 242 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c);
1295 { 1298 {
1296 if (RAND_bytes(id, NGX_QUIC_SERVER_CID_LEN) != 1) { 1299 if (RAND_bytes(id, NGX_QUIC_SERVER_CID_LEN) != 1) {
1297 return NGX_ERROR; 1300 return NGX_ERROR;
1298 } 1301 }
1299 1302
1303 #if (NGX_QUIC_BPF)
1304 if (ngx_quic_bpf_attach_id(c, id) != NGX_OK) {
1305 ngx_log_error(NGX_LOG_ERR, c->log, 0,
1306 "quic bpf failed to generate socket key");
1307 /* ignore error, things still may work */
1308 }
1309 #endif
1310
1300 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, 1311 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
1301 "quic create server id %*xs", 1312 "quic create server id %*xs",
1302 (size_t) NGX_QUIC_SERVER_CID_LEN, id); 1313 (size_t) NGX_QUIC_SERVER_CID_LEN, id);
1303 return NGX_OK; 1314 return NGX_OK;
1304 } 1315 }
1316
1317
1318 #if (NGX_QUIC_BPF)
1319
1320 static ngx_int_t
1321 ngx_quic_bpf_attach_id(ngx_connection_t *c, u_char *id)
1322 {
1323 int fd;
1324 uint64_t cookie;
1325 socklen_t optlen;
1326
1327 fd = c->listening->fd;
1328
1329 optlen = sizeof(cookie);
1330
1331 if (getsockopt(fd, SOL_SOCKET, SO_COOKIE, &cookie, &optlen) == -1) {
1332 ngx_log_error(NGX_LOG_ERR, c->log, ngx_socket_errno,
1333 "quic getsockopt(SO_COOKIE) failed");
1334
1335 return NGX_ERROR;
1336 }
1337
1338 ngx_quic_dcid_encode_key(id, cookie);
1339
1340 return NGX_OK;
1341 }
1342
1343 #endif
1305 1344
1306 1345
1307 static ngx_int_t 1346 static ngx_int_t
1308 ngx_quic_send_retry(ngx_connection_t *c) 1347 ngx_quic_send_retry(ngx_connection_t *c)
1309 { 1348 {