Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic.c @ 7754:ebd5c71b9f02 quic
Got rid of memory allocation in decryption.
Static buffers are used instead in functions where decryption takes place.
The pkt->plaintext points to the beginning of a static buffer.
The pkt->payload.data points to decrypted data actual start.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Thu, 26 Mar 2020 16:54:46 +0300 |
parents | c7185bc5b4d9 |
children | 949b95e4d504 |
comparison
equal
deleted
inserted
replaced
7753:ccb9cc95ad5e | 7754:ebd5c71b9f02 |
---|---|
375 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp, | 375 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp, |
376 ngx_quic_header_t *pkt) | 376 ngx_quic_header_t *pkt) |
377 { | 377 { |
378 ngx_quic_tp_t *ctp; | 378 ngx_quic_tp_t *ctp; |
379 ngx_quic_connection_t *qc; | 379 ngx_quic_connection_t *qc; |
380 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; | |
380 | 381 |
381 if (ngx_buf_size(pkt->raw) < 1200) { | 382 if (ngx_buf_size(pkt->raw) < 1200) { |
382 ngx_log_error(NGX_LOG_INFO, c->log, 0, "too small UDP datagram"); | 383 ngx_log_error(NGX_LOG_INFO, c->log, 0, "too small UDP datagram"); |
383 return NGX_ERROR; | 384 return NGX_ERROR; |
384 } | 385 } |
446 return NGX_ERROR; | 447 return NGX_ERROR; |
447 } | 448 } |
448 | 449 |
449 pkt->secret = &qc->secrets.client.in; | 450 pkt->secret = &qc->secrets.client.in; |
450 pkt->level = ssl_encryption_initial; | 451 pkt->level = ssl_encryption_initial; |
451 | 452 pkt->plaintext = buf; |
452 if (ngx_quic_decrypt(c->pool, NULL, pkt) != NGX_OK) { | 453 |
454 if (ngx_quic_decrypt(pkt, NULL) != NGX_OK) { | |
453 return NGX_ERROR; | 455 return NGX_ERROR; |
454 } | 456 } |
455 | 457 |
456 if (ngx_quic_init_connection(c) != NGX_OK) { | 458 if (ngx_quic_init_connection(c) != NGX_OK) { |
457 return NGX_ERROR; | 459 return NGX_ERROR; |
530 { | 532 { |
531 ssize_t n; | 533 ssize_t n; |
532 ngx_buf_t b; | 534 ngx_buf_t b; |
533 ngx_connection_t *c; | 535 ngx_connection_t *c; |
534 ngx_quic_connection_t *qc; | 536 ngx_quic_connection_t *qc; |
535 | 537 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
536 static u_char buf[65535]; | |
537 | 538 |
538 b.start = buf; | 539 b.start = buf; |
539 b.end = buf + sizeof(buf); | 540 b.end = buf + sizeof(buf); |
540 b.pos = b.last = b.start; | 541 b.pos = b.last = b.start; |
541 | 542 |
717 static ngx_int_t | 718 static ngx_int_t |
718 ngx_quic_initial_input(ngx_connection_t *c, ngx_quic_header_t *pkt) | 719 ngx_quic_initial_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
719 { | 720 { |
720 ngx_ssl_conn_t *ssl_conn; | 721 ngx_ssl_conn_t *ssl_conn; |
721 ngx_quic_connection_t *qc; | 722 ngx_quic_connection_t *qc; |
723 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; | |
722 | 724 |
723 c->log->action = "processing initial quic packet"; | 725 c->log->action = "processing initial quic packet"; |
724 | 726 |
725 qc = c->quic; | 727 qc = c->quic; |
726 ssl_conn = c->ssl->connection; | 728 ssl_conn = c->ssl->connection; |
733 return NGX_ERROR; | 735 return NGX_ERROR; |
734 } | 736 } |
735 | 737 |
736 pkt->secret = &qc->secrets.client.in; | 738 pkt->secret = &qc->secrets.client.in; |
737 pkt->level = ssl_encryption_initial; | 739 pkt->level = ssl_encryption_initial; |
738 | 740 pkt->plaintext = buf; |
739 if (ngx_quic_decrypt(c->pool, ssl_conn, pkt) != NGX_OK) { | 741 |
742 if (ngx_quic_decrypt(pkt, ssl_conn) != NGX_OK) { | |
740 return NGX_ERROR; | 743 return NGX_ERROR; |
741 } | 744 } |
742 | 745 |
743 return ngx_quic_payload_handler(c, pkt); | 746 return ngx_quic_payload_handler(c, pkt); |
744 } | 747 } |
746 | 749 |
747 static ngx_int_t | 750 static ngx_int_t |
748 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) | 751 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
749 { | 752 { |
750 ngx_quic_connection_t *qc; | 753 ngx_quic_connection_t *qc; |
754 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; | |
751 | 755 |
752 c->log->action = "processing handshake quic packet"; | 756 c->log->action = "processing handshake quic packet"; |
753 | 757 |
754 qc = c->quic; | 758 qc = c->quic; |
755 | 759 |
788 return NGX_ERROR; | 792 return NGX_ERROR; |
789 } | 793 } |
790 | 794 |
791 pkt->secret = &qc->secrets.client.hs; | 795 pkt->secret = &qc->secrets.client.hs; |
792 pkt->level = ssl_encryption_handshake; | 796 pkt->level = ssl_encryption_handshake; |
793 | 797 pkt->plaintext = buf; |
794 if (ngx_quic_decrypt(c->pool, c->ssl->connection, pkt) != NGX_OK) { | 798 |
799 if (ngx_quic_decrypt(pkt, c->ssl->connection) != NGX_OK) { | |
795 return NGX_ERROR; | 800 return NGX_ERROR; |
796 } | 801 } |
797 | 802 |
798 return ngx_quic_payload_handler(c, pkt); | 803 return ngx_quic_payload_handler(c, pkt); |
799 } | 804 } |
801 | 806 |
802 static ngx_int_t | 807 static ngx_int_t |
803 ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt) | 808 ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
804 { | 809 { |
805 ngx_quic_connection_t *qc; | 810 ngx_quic_connection_t *qc; |
811 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; | |
806 | 812 |
807 c->log->action = "processing application data quic packet"; | 813 c->log->action = "processing application data quic packet"; |
808 | 814 |
809 qc = c->quic; | 815 qc = c->quic; |
810 | 816 |
818 return NGX_ERROR; | 824 return NGX_ERROR; |
819 } | 825 } |
820 | 826 |
821 pkt->secret = &qc->secrets.client.ad; | 827 pkt->secret = &qc->secrets.client.ad; |
822 pkt->level = ssl_encryption_application; | 828 pkt->level = ssl_encryption_application; |
823 | 829 pkt->plaintext = buf; |
824 if (ngx_quic_decrypt(c->pool, c->ssl->connection, pkt) != NGX_OK) { | 830 |
831 if (ngx_quic_decrypt(pkt, c->ssl->connection) != NGX_OK) { | |
825 return NGX_ERROR; | 832 return NGX_ERROR; |
826 } | 833 } |
827 | 834 |
828 return ngx_quic_payload_handler(c, pkt); | 835 return ngx_quic_payload_handler(c, pkt); |
829 } | 836 } |
1372 ngx_quic_send_packet(ngx_connection_t *c, ngx_quic_connection_t *qc, | 1379 ngx_quic_send_packet(ngx_connection_t *c, ngx_quic_connection_t *qc, |
1373 enum ssl_encryption_level_t level, ngx_str_t *payload) | 1380 enum ssl_encryption_level_t level, ngx_str_t *payload) |
1374 { | 1381 { |
1375 ngx_str_t res; | 1382 ngx_str_t res; |
1376 ngx_quic_header_t pkt; | 1383 ngx_quic_header_t pkt; |
1377 static u_char buf[65535]; | 1384 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
1378 | 1385 |
1379 static ngx_str_t initial_token = ngx_null_string; | 1386 static ngx_str_t initial_token = ngx_null_string; |
1380 | 1387 |
1381 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | 1388 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
1382 ngx_quic_hexdump0(c->log, "payload", payload->data, payload->len); | 1389 ngx_quic_hexdump0(c->log, "payload", payload->data, payload->len); |