nginx: src/event/quic/ngx_event_quic

annotate src/event/quic/ngx_event_quic_migration.c @ 9284:5c6649b4308f

QUIC: ngx_quic_buffer_t use-after-free protection. Previously the last chain field of ngx_quic_buffer_t could still reference freed chains and buffers after calling ngx_quic_free_buffer(). While normally an ngx_quic_buffer_t object should not be used after freeing, resetting last_chain field would prevent a potential use-after-free.

author	Roman Arutyunyan <arut@nginx.com>
date	Tue, 28 May 2024 17:19:21 +0400
parents	2ed3f57dca0a
children

rev	line source
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	1
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	2 /*
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	3 * Copyright (C) Nginx, Inc.
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	4 */
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	5
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	6
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	7 #include <ngx_config.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	8 #include <ngx_core.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	9 #include <ngx_event.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	10 #include <ngx_event_quic_connection.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	11
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	12
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	13 #define NGX_QUIC_PATH_MTU_DELAY 100
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	14 #define NGX_QUIC_PATH_MTU_PRECISION 16
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	15
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	16
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	17 static void ngx_quic_set_connection_path(ngx_connection_t *c,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	18 ngx_quic_path_t *path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	19 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
8944 b7284807b4fa QUIC: refactored ngx_quic_validate_path(). Vladimir Homutov <vl@nginx.com> parents: 8943 diff changeset	20 ngx_quic_path_t *path);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	21 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	22 ngx_quic_path_t *path);
9098 d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	23 static void ngx_quic_set_path_timer(ngx_connection_t *c);
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	24 static ngx_int_t ngx_quic_expire_path_validation(ngx_connection_t *c,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	25 ngx_quic_path_t *path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	26 static ngx_int_t ngx_quic_expire_path_mtu_delay(ngx_connection_t *c,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	27 ngx_quic_path_t *path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	28 static ngx_int_t ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	29 ngx_quic_path_t *path);
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	30 static ngx_quic_path_t ngx_quic_get_path(ngx_connection_t c, ngx_uint_t tag);
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	31 static ngx_int_t ngx_quic_send_path_mtu_probe(ngx_connection_t *c,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	32 ngx_quic_path_t *path);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	33
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	34
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	35 ngx_int_t
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	36 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	37 ngx_quic_header_t pkt, ngx_quic_path_challenge_frame_t f)
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	38 {
9189 fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	39 size_t min;
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	40 ngx_quic_frame_t *fp;
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	41 ngx_quic_connection_t *qc;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	42
9191 618132842e7c QUIC: ignore duplicate PATH_CHALLENGE frames. Roman Arutyunyan <arut@nginx.com> parents: 9190 diff changeset	43 if (pkt->level != ssl_encryption_application \|\| pkt->path_challenged) {
618132842e7c QUIC: ignore duplicate PATH_CHALLENGE frames. Roman Arutyunyan <arut@nginx.com> parents: 9190 diff changeset	44 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
618132842e7c QUIC: ignore duplicate PATH_CHALLENGE frames. Roman Arutyunyan <arut@nginx.com> parents: 9190 diff changeset	45 "quic ignoring PATH_CHALLENGE");
618132842e7c QUIC: ignore duplicate PATH_CHALLENGE frames. Roman Arutyunyan <arut@nginx.com> parents: 9190 diff changeset	46 return NGX_OK;
618132842e7c QUIC: ignore duplicate PATH_CHALLENGE frames. Roman Arutyunyan <arut@nginx.com> parents: 9190 diff changeset	47 }
618132842e7c QUIC: ignore duplicate PATH_CHALLENGE frames. Roman Arutyunyan <arut@nginx.com> parents: 9190 diff changeset	48
618132842e7c QUIC: ignore duplicate PATH_CHALLENGE frames. Roman Arutyunyan <arut@nginx.com> parents: 9190 diff changeset	49 pkt->path_challenged = 1;
618132842e7c QUIC: ignore duplicate PATH_CHALLENGE frames. Roman Arutyunyan <arut@nginx.com> parents: 9190 diff changeset	50
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	51 qc = ngx_quic_get_connection(c);
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	52
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	53 fp = ngx_quic_alloc_frame(c);
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	54 if (fp == NULL) {
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	55 return NGX_ERROR;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	56 }
8933 02a9ad88e2df QUIC: added missing frame initialization. Vladimir Homutov <vl@nginx.com> parents: 8932 diff changeset	57
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	58 fp->level = ssl_encryption_application;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	59 fp->type = NGX_QUIC_FT_PATH_RESPONSE;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	60 fp->u.path_response = *f;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	61
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	62 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	63 * RFC 9000, 8.2.2. Path Validation Responses
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	64 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	65 * A PATH_RESPONSE frame MUST be sent on the network path where the
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	66 * PATH_CHALLENGE frame was received.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	67 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	68
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	69 /*
8901 a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	70 * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	71 * to at least the smallest allowed maximum datagram size of 1200 bytes.
9189 fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	72 * ...
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	73 * However, an endpoint MUST NOT expand the datagram containing the
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	74 * PATH_RESPONSE if the resulting data exceeds the anti-amplification limit.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	75 */
9189 fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	76
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	77 min = (ngx_quic_path_limit(c, pkt->path, 1200) < 1200) ? 0 : 1200;
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	78
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	79 if (ngx_quic_frame_sendto(c, fp, min, pkt->path) == NGX_ERROR) {
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	80 return NGX_ERROR;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	81 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	82
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	83 if (pkt->path == qc->path) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	84 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	85 * RFC 9000, 9.3.3. Off-Path Packet Forwarding
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	86 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	87 * An endpoint that receives a PATH_CHALLENGE on an active path SHOULD
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	88 * send a non-probing packet in response.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	89 */
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	90
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	91 fp = ngx_quic_alloc_frame(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	92 if (fp == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	93 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	94 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	95
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	96 fp->level = ssl_encryption_application;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	97 fp->type = NGX_QUIC_FT_PING;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	98
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	99 ngx_quic_queue_frame(qc, fp);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	100 }
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	101
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	102 return NGX_OK;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	103 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	104
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	105
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	106 ngx_int_t
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	107 ngx_quic_handle_path_response_frame(ngx_connection_t *c,
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	108 ngx_quic_path_challenge_frame_t *f)
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	109 {
8943 118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	110 ngx_uint_t rst;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	111 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	112 ngx_quic_path_t path, prev;
9196 6c8595b77e66 QUIC: path aware in-flight bytes accounting. Sergey Kandaurov <pluknet@nginx.com> parents: 9195 diff changeset	113 ngx_quic_send_ctx_t *ctx;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	114 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	115
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	116 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	117
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	118 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	119 * RFC 9000, 8.2.3. Successful Path Validation
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	120 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	121 * A PATH_RESPONSE frame received on any network path validates the path
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	122 * on which the PATH_CHALLENGE was sent.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	123 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	124
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	125 for (q = ngx_queue_head(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	126 q != ngx_queue_sentinel(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	127 q = ngx_queue_next(q))
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	128 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	129 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	130
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	131 if (path->state != NGX_QUIC_PATH_VALIDATING) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	132 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	133 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	134
9189 fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	135 if (ngx_memcmp(path->challenge[0], f->data, sizeof(f->data)) == 0
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	136 \|\| ngx_memcmp(path->challenge[1], f->data, sizeof(f->data)) == 0)
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	137 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	138 goto valid;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	139 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	140 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	141
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	142 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
9015 a2fbae359828 QUIC: fixed indentation. Sergey Kandaurov <pluknet@nginx.com> parents: 8997 diff changeset	143 "quic stale PATH_RESPONSE ignored");
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	144
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	145 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	146
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	147 valid:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	148
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	149 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	150 * RFC 9000, 9.4. Loss Detection and Congestion Control
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	151 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	152 * On confirming a peer's ownership of its new address,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	153 * an endpoint MUST immediately reset the congestion controller
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	154 * and round-trip time estimator for the new path to initial values
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	155 * unless the only change in the peer's address is its port number.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	156 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	157
8943 118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	158 rst = 1;
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	159
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	160 prev = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	161
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	162 if (prev != NULL) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	163
8943 118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	164 if (ngx_cmp_sockaddr(prev->sockaddr, prev->socklen,
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	165 path->sockaddr, path->socklen, 0)
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	166 == NGX_OK)
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	167 {
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	168 /* address did not change */
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	169 rst = 0;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	170
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	171 path->mtu = prev->mtu;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	172 path->max_mtu = prev->max_mtu;
9194 a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	173 path->mtu_unvalidated = 0;
8943 118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	174 }
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	175 }
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	176
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	177 if (rst) {
9196 6c8595b77e66 QUIC: path aware in-flight bytes accounting. Sergey Kandaurov <pluknet@nginx.com> parents: 9195 diff changeset	178 /* prevent old path packets contribution to congestion control */
6c8595b77e66 QUIC: path aware in-flight bytes accounting. Sergey Kandaurov <pluknet@nginx.com> parents: 9195 diff changeset	179
6c8595b77e66 QUIC: path aware in-flight bytes accounting. Sergey Kandaurov <pluknet@nginx.com> parents: 9195 diff changeset	180 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
6c8595b77e66 QUIC: path aware in-flight bytes accounting. Sergey Kandaurov <pluknet@nginx.com> parents: 9195 diff changeset	181 qc->rst_pnum = ctx->pnum;
6c8595b77e66 QUIC: path aware in-flight bytes accounting. Sergey Kandaurov <pluknet@nginx.com> parents: 9195 diff changeset	182
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	183 ngx_memzero(&qc->congestion, sizeof(ngx_quic_congestion_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	184
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	185 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	186 ngx_max(2 * qc->tp.max_udp_payload_size,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	187 14720));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	188 qc->congestion.ssthresh = (size_t) -1;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	189 qc->congestion.recovery_start = ngx_current_msec;
9195 ff452f283aa9 QUIC: reset RTT estimator for the new path. Sergey Kandaurov <pluknet@nginx.com> parents: 9194 diff changeset	190
ff452f283aa9 QUIC: reset RTT estimator for the new path. Sergey Kandaurov <pluknet@nginx.com> parents: 9194 diff changeset	191 ngx_quic_init_rtt(qc);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	192 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	193
9194 a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	194 path->validated = 1;
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	195
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	196 if (path->mtu_unvalidated) {
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	197 path->mtu_unvalidated = 0;
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	198 return ngx_quic_validate_path(c, path);
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	199 }
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	200
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	201 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	202 * RFC 9000, 9.3. Responding to Connection Migration
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	203 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	204 * After verifying a new client address, the server SHOULD
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	205 * send new address validation tokens (Section 8) to the client.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	206 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	207
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	208 if (ngx_quic_send_new_token(c, path) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	209 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	210 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	211
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	212 ngx_log_error(NGX_LOG_INFO, c->log, 0,
8997 fab36e4abf83 QUIC: got rid of hash symbol in backup and logging. Vladimir Homutov <vl@nginx.com> parents: 8985 diff changeset	213 "quic path seq:%uL addr:%V successfully validated",
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	214 path->seqnum, &path->addr_text);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	215
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	216 ngx_quic_path_dbg(c, "is validated", path);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	217
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	218 ngx_quic_discover_path_mtu(c, path);
9098 d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	219
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	220 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	221 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	222
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	223
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	224 ngx_quic_path_t *
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	225 ngx_quic_new_path(ngx_connection_t *c,
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	226 struct sockaddr sockaddr, socklen_t socklen, ngx_quic_client_id_t cid)
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	227 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	228 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	229 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	230 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	231
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	232 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	233
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	234 if (!ngx_queue_empty(&qc->free_paths)) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	235
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	236 q = ngx_queue_head(&qc->free_paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	237 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	238
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	239 ngx_queue_remove(&path->queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	240
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	241 ngx_memzero(path, sizeof(ngx_quic_path_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	242
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	243 } else {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	244
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	245 path = ngx_pcalloc(c->pool, sizeof(ngx_quic_path_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	246 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	247 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	248 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	249 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	250
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	251 ngx_queue_insert_tail(&qc->paths, &path->queue);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	252
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	253 path->cid = cid;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	254 cid->used = 1;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	255
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	256 path->seqnum = qc->path_seqnum++;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	257
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	258 path->sockaddr = &path->sa.sockaddr;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	259 path->socklen = socklen;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	260 ngx_memcpy(path->sockaddr, sockaddr, socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	261
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	262 path->addr_text.data = path->text;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	263 path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	264 NGX_SOCKADDR_STRLEN, 1);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	265
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	266 path->mtu = NGX_QUIC_MIN_INITIAL_SIZE;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	267
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	268 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
8997 fab36e4abf83 QUIC: got rid of hash symbol in backup and logging. Vladimir Homutov <vl@nginx.com> parents: 8985 diff changeset	269 "quic path seq:%uL created addr:%V",
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	270 path->seqnum, &path->addr_text);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	271 return path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	272 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	273
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	274
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	275 static ngx_quic_path_t *
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	276 ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag)
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	277 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	278 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	279 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	280 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	281
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	282 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	283
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	284 for (q = ngx_queue_head(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	285 q != ngx_queue_sentinel(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	286 q = ngx_queue_next(q))
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	287 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	288 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	289
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	290 if (path->tag == tag) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	291 return path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	292 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	293 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	294
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	295 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	296 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	297
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	298
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	299 ngx_int_t
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	300 ngx_quic_set_path(ngx_connection_t c, ngx_quic_header_t pkt)
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	301 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	302 off_t len;
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	303 ngx_queue_t *q;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	304 ngx_quic_path_t path, probe;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	305 ngx_quic_socket_t *qsock;
8972 077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	306 ngx_quic_send_ctx_t *ctx;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	307 ngx_quic_client_id_t *cid;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	308 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	309
8939 ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	310 qc = ngx_quic_get_connection(c);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	311 qsock = ngx_quic_get_socket(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	312
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	313 len = pkt->raw->last - pkt->raw->start;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	314
9017 c2f5d79cde64 QUIC: separate UDP framework for QUIC. Roman Arutyunyan <arut@nginx.com> parents: 9015 diff changeset	315 if (c->udp->buffer == NULL) {
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	316 /* first ever packet in connection, path already exists */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	317 path = qc->path;
8913 40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	318 goto update;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	319 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	320
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	321 probe = NULL;
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	322
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	323 for (q = ngx_queue_head(&qc->paths);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	324 q != ngx_queue_sentinel(&qc->paths);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	325 q = ngx_queue_next(q))
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	326 {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	327 path = ngx_queue_data(q, ngx_quic_path_t, queue);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	328
9017 c2f5d79cde64 QUIC: separate UDP framework for QUIC. Roman Arutyunyan <arut@nginx.com> parents: 9015 diff changeset	329 if (ngx_cmp_sockaddr(&qsock->sockaddr.sockaddr, qsock->socklen,
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	330 path->sockaddr, path->socklen, 1)
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	331 == NGX_OK)
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	332 {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	333 goto update;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	334 }
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	335
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	336 if (path->tag == NGX_QUIC_PATH_PROBE) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	337 probe = path;
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	338 }
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	339 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	340
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	341 /* packet from new path, drop current probe, if any */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	342
8972 077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	343 ctx = ngx_quic_get_send_ctx(qc, pkt->level);
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	344
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	345 /*
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	346 * only accept highest-numbered packets to prevent connection id
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	347 * exhaustion by excessive probing packets from unknown paths
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	348 */
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	349 if (pkt->pn != ctx->largest_pn) {
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	350 return NGX_DONE;
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	351 }
077a1e403446 QUIC: additional limit for probing packets. Vladimir Homutov <vl@nginx.com> parents: 8971 diff changeset	352
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	353 if (probe && ngx_quic_free_path(c, probe) != NGX_OK) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	354 return NGX_ERROR;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	355 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	356
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	357 /* new path requires new client id */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	358 cid = ngx_quic_next_client_id(c);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	359 if (cid == NULL) {
9029 28fc35b71d75 QUIC: "info" logging level on insufficient client connection ids. Sergey Kandaurov <pluknet@nginx.com> parents: 9017 diff changeset	360 ngx_log_error(NGX_LOG_INFO, c->log, 0,
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	361 "quic no available client ids for new path");
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	362 /* stop processing of this datagram */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	363 return NGX_DONE;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	364 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	365
9017 c2f5d79cde64 QUIC: separate UDP framework for QUIC. Roman Arutyunyan <arut@nginx.com> parents: 9015 diff changeset	366 path = ngx_quic_new_path(c, &qsock->sockaddr.sockaddr, qsock->socklen, cid);
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	367 if (path == NULL) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	368 return NGX_ERROR;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	369 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	370
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	371 path->tag = NGX_QUIC_PATH_PROBE;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	372
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	373 /*
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	374 * client arrived using new path and previously seen DCID,
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	375 * this indicates NAT rebinding (or bad client)
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	376 */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	377 if (qsock->used) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	378 pkt->rebound = 1;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	379 }
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	380
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	381 update:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	382
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	383 qsock->used = 1;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	384 pkt->path = path;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	385
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	386 /* TODO: this may be too late in some cases;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	387 * for example, if error happens during decrypt(), we cannot
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	388 * send CC, if error happens in 1st packet, due to amplification
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	389 * limit, because path->received = 0
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	390 *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	391 * should we account garbage as received or only decrypting packets?
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	392 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	393 path->received += len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	394
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	395 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
8997 fab36e4abf83 QUIC: got rid of hash symbol in backup and logging. Vladimir Homutov <vl@nginx.com> parents: 8985 diff changeset	396 "quic packet len:%O via sock seq:%L path seq:%uL",
8985 da24a78720eb QUIC: fixed handling of initial source connection id. Vladimir Homutov <vl@nginx.com> parents: 8972 diff changeset	397 len, (int64_t) qsock->sid.seqnum, path->seqnum);
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	398 ngx_quic_path_dbg(c, "status", path);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	399
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	400 return NGX_OK;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	401 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	402
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	403
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	404 ngx_int_t
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	405 ngx_quic_free_path(ngx_connection_t c, ngx_quic_path_t path)
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	406 {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	407 ngx_quic_connection_t *qc;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	408
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	409 qc = ngx_quic_get_connection(c);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	410
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	411 ngx_queue_remove(&path->queue);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	412 ngx_queue_insert_head(&qc->free_paths, &path->queue);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	413
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	414 /*
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	415 * invalidate CID that is no longer usable for any other path;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	416 * this also requests new CIDs from client
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	417 */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	418 if (path->cid) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	419 if (ngx_quic_free_client_id(c, path->cid) != NGX_OK) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	420 return NGX_ERROR;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	421 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	422 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	423
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	424 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
8997 fab36e4abf83 QUIC: got rid of hash symbol in backup and logging. Vladimir Homutov <vl@nginx.com> parents: 8985 diff changeset	425 "quic path seq:%uL addr:%V retired",
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	426 path->seqnum, &path->addr_text);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	427
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	428 return NGX_OK;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	429 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	430
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	431
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	432 static void
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	433 ngx_quic_set_connection_path(ngx_connection_t c, ngx_quic_path_t path)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	434 {
9015 a2fbae359828 QUIC: fixed indentation. Sergey Kandaurov <pluknet@nginx.com> parents: 8997 diff changeset	435 ngx_memcpy(c->sockaddr, path->sockaddr, path->socklen);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	436 c->socklen = path->socklen;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	437
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	438 if (c->addr_text.data) {
9099 9462c514a653 QUIC: fixed addr_text after migration (ticket #2488). Roman Arutyunyan <arut@nginx.com> parents: 9098 diff changeset	439 c->addr_text.len = ngx_sock_ntop(c->sockaddr, c->socklen,
9462c514a653 QUIC: fixed addr_text after migration (ticket #2488). Roman Arutyunyan <arut@nginx.com> parents: 9098 diff changeset	440 c->addr_text.data,
9462c514a653 QUIC: fixed addr_text after migration (ticket #2488). Roman Arutyunyan <arut@nginx.com> parents: 9098 diff changeset	441 c->listening->addr_text_max_len, 0);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	442 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	443
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	444 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
8997 fab36e4abf83 QUIC: got rid of hash symbol in backup and logging. Vladimir Homutov <vl@nginx.com> parents: 8985 diff changeset	445 "quic send path set to seq:%uL addr:%V",
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	446 path->seqnum, &path->addr_text);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	447 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	448
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	449
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	450 ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	451 ngx_quic_handle_migration(ngx_connection_t c, ngx_quic_header_t pkt)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	452 {
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	453 ngx_quic_path_t next, bkp;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	454 ngx_quic_send_ctx_t *ctx;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	455 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	456
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	457 /* got non-probing packet via non-active path */
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	458
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	459 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	460
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	461 ctx = ngx_quic_get_send_ctx(qc, pkt->level);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	462
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	463 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	464 * RFC 9000, 9.3. Responding to Connection Migration
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	465 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	466 * An endpoint only changes the address to which it sends packets in
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	467 * response to the highest-numbered non-probing packet.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	468 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	469 if (pkt->pn != ctx->largest_pn) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	470 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	471 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	472
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	473 next = pkt->path;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	474
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	475 /*
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	476 * RFC 9000, 9.3.3:
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	477 *
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	478 * In response to an apparent migration, endpoints MUST validate the
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	479 * previously active path using a PATH_CHALLENGE frame.
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	480 */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	481 if (pkt->rebound) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	482
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	483 /* NAT rebinding: client uses new path with old SID */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	484 if (ngx_quic_validate_path(c, qc->path) != NGX_OK) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	485 return NGX_ERROR;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	486 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	487 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	488
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	489 if (qc->path->validated) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	490
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	491 if (next->tag != NGX_QUIC_PATH_BACKUP) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	492 /* can delete backup path, if any */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	493 bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	494
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	495 if (bkp && ngx_quic_free_path(c, bkp) != NGX_OK) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	496 return NGX_ERROR;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	497 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	498 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	499
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	500 qc->path->tag = NGX_QUIC_PATH_BACKUP;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	501 ngx_quic_path_dbg(c, "is now backup", qc->path);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	502
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	503 } else {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	504 if (ngx_quic_free_path(c, qc->path) != NGX_OK) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	505 return NGX_ERROR;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	506 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	507 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	508
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	509 /* switch active path to migrated */
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	510 qc->path = next;
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	511 qc->path->tag = NGX_QUIC_PATH_ACTIVE;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	512
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	513 ngx_quic_set_connection_path(c, next);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	514
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	515 if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) {
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	516 if (ngx_quic_validate_path(c, next) != NGX_OK) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	517 return NGX_ERROR;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	518 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	519 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	520
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	521 ngx_log_error(NGX_LOG_INFO, c->log, 0,
8997 fab36e4abf83 QUIC: got rid of hash symbol in backup and logging. Vladimir Homutov <vl@nginx.com> parents: 8985 diff changeset	522 "quic migrated to path seq:%uL addr:%V",
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	523 qc->path->seqnum, &qc->path->addr_text);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	524
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	525 ngx_quic_path_dbg(c, "is now active", qc->path);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	526
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	527 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	528 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	529
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	530
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	531 static ngx_int_t
8944 b7284807b4fa QUIC: refactored ngx_quic_validate_path(). Vladimir Homutov <vl@nginx.com> parents: 8943 diff changeset	532 ngx_quic_validate_path(ngx_connection_t c, ngx_quic_path_t path)
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	533 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	534 ngx_msec_t pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	535 ngx_quic_send_ctx_t *ctx;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	536 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	537
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	538 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	539
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	540 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
8997 fab36e4abf83 QUIC: got rid of hash symbol in backup and logging. Vladimir Homutov <vl@nginx.com> parents: 8985 diff changeset	541 "quic initiated validation of path seq:%uL", path->seqnum);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	542
9096 c6db94ec3841 QUIC: separated path validation retransmit backoff. Sergey Kandaurov <pluknet@nginx.com> parents: 9029 diff changeset	543 path->tries = 0;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	544
9189 fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	545 if (RAND_bytes((u_char *) path->challenge, sizeof(path->challenge)) != 1) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	546 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	547 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	548
9154 f6b6f3dd7ca0 QUIC: ignore path validation socket error (ticket #2532). Roman Arutyunyan <arut@nginx.com> parents: 9147 diff changeset	549 (void) ngx_quic_send_path_challenge(c, path);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	550
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	551 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
9097 a9fef6ca45a8 QUIC: lower bound path validation PTO. Sergey Kandaurov <pluknet@nginx.com> parents: 9096 diff changeset	552 pto = ngx_max(ngx_quic_pto(c, ctx), 1000);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	553
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	554 path->expires = ngx_current_msec + pto;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	555 path->state = NGX_QUIC_PATH_VALIDATING;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	556
9098 d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	557 ngx_quic_set_path_timer(c);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	558
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	559 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	560 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	561
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	562
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	563 static ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	564 ngx_quic_send_path_challenge(ngx_connection_t c, ngx_quic_path_t path)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	565 {
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	566 size_t min;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	567 ngx_uint_t n;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	568 ngx_quic_frame_t *frame;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	569
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	570 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
8997 fab36e4abf83 QUIC: got rid of hash symbol in backup and logging. Vladimir Homutov <vl@nginx.com> parents: 8985 diff changeset	571 "quic path seq:%uL send path_challenge tries:%ui",
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	572 path->seqnum, path->tries);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	573
9189 fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	574 for (n = 0; n < 2; n++) {
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	575
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	576 frame = ngx_quic_alloc_frame(c);
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	577 if (frame == NULL) {
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	578 return NGX_ERROR;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	579 }
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	580
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	581 frame->level = ssl_encryption_application;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	582 frame->type = NGX_QUIC_FT_PATH_CHALLENGE;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	583
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	584 ngx_memcpy(frame->u.path_challenge.data, path->challenge[n], 8);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	585
9189 fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	586 /*
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	587 * RFC 9000, 8.2.1. Initiating Path Validation
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	588 *
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	589 * An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	590 * to at least the smallest allowed maximum datagram size of 1200 bytes,
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	591 * unless the anti-amplification limit for the path does not permit
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	592 * sending a datagram of this size.
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	593 */
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	594
9194 a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	595 if (path->mtu_unvalidated
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	596 \|\| ngx_quic_path_limit(c, path, 1200) < 1200)
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	597 {
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	598 min = 0;
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	599 path->mtu_unvalidated = 1;
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	600
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	601 } else {
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	602 min = 1200;
a6f79f044de5 QUIC: path revalidation after expansion failure. Roman Arutyunyan <arut@nginx.com> parents: 9192 diff changeset	603 }
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	604
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	605 if (ngx_quic_frame_sendto(c, frame, min, path) == NGX_ERROR) {
9189 fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	606 return NGX_ERROR;
fcec773dd249 QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE. Roman Arutyunyan <arut@nginx.com> parents: 9154 diff changeset	607 }
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	608 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	609
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	610 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	611 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	612
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	613
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	614 void
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	615 ngx_quic_discover_path_mtu(ngx_connection_t c, ngx_quic_path_t path)
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	616 {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	617 ngx_quic_connection_t *qc;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	618
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	619 qc = ngx_quic_get_connection(c);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	620
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	621 if (path->max_mtu) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	622 if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	623 path->state = NGX_QUIC_PATH_IDLE;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	624 ngx_quic_set_path_timer(c);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	625 return;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	626 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	627
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	628 path->mtud = (path->mtu + path->max_mtu) / 2;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	629
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	630 } else {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	631 path->mtud = path->mtu * 2;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	632
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	633 if (path->mtud >= qc->ctp.max_udp_payload_size) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	634 path->mtud = qc->ctp.max_udp_payload_size;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	635 path->max_mtu = qc->ctp.max_udp_payload_size;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	636 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	637 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	638
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	639 path->state = NGX_QUIC_PATH_WAITING;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	640 path->expires = ngx_current_msec + NGX_QUIC_PATH_MTU_DELAY;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	641
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	642 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	643 "quic path seq:%uL schedule mtu:%uz",
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	644 path->seqnum, path->mtud);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	645
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	646 ngx_quic_set_path_timer(c);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	647 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	648
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	649
9098 d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	650 static void
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	651 ngx_quic_set_path_timer(ngx_connection_t *c)
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	652 {
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	653 ngx_msec_t now;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	654 ngx_queue_t *q;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	655 ngx_msec_int_t left, next;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	656 ngx_quic_path_t *path;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	657 ngx_quic_connection_t *qc;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	658
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	659 qc = ngx_quic_get_connection(c);
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	660
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	661 now = ngx_current_msec;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	662 next = -1;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	663
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	664 for (q = ngx_queue_head(&qc->paths);
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	665 q != ngx_queue_sentinel(&qc->paths);
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	666 q = ngx_queue_next(q))
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	667 {
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	668 path = ngx_queue_data(q, ngx_quic_path_t, queue);
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	669
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	670 if (path->state == NGX_QUIC_PATH_IDLE) {
9098 d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	671 continue;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	672 }
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	673
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	674 left = path->expires - now;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	675 left = ngx_max(left, 1);
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	676
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	677 if (next == -1 \|\| left < next) {
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	678 next = left;
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	679 }
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	680 }
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	681
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	682 if (next != -1) {
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	683 ngx_add_timer(&qc->path_validation, next);
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	684
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	685 } else if (qc->path_validation.timer_set) {
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	686 ngx_del_timer(&qc->path_validation);
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	687 }
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	688 }
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	689
d565cf69ff5d QUIC: reschedule path validation on path insertion/removal. Sergey Kandaurov <pluknet@nginx.com> parents: 9097 diff changeset	690
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	691 void
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	692 ngx_quic_path_handler(ngx_event_t *ev)
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	693 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	694 ngx_msec_t now;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	695 ngx_queue_t *q;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	696 ngx_msec_int_t left;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	697 ngx_quic_path_t *path;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	698 ngx_connection_t *c;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	699 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	700
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	701 c = ev->data;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	702 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	703
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	704 now = ngx_current_msec;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	705
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	706 q = ngx_queue_head(&qc->paths);
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	707
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	708 while (q != ngx_queue_sentinel(&qc->paths)) {
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	709
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	710 path = ngx_queue_data(q, ngx_quic_path_t, queue);
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	711 q = ngx_queue_next(q);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	712
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	713 if (path->state == NGX_QUIC_PATH_IDLE) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	714 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	715 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	716
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	717 left = path->expires - now;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	718
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	719 if (left > 0) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	720 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	721 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	722
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	723 switch (path->state) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	724 case NGX_QUIC_PATH_VALIDATING:
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	725 if (ngx_quic_expire_path_validation(c, path) != NGX_OK) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	726 goto failed;
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	727 }
1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	728
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	729 break;
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	730
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	731 case NGX_QUIC_PATH_WAITING:
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	732 if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	733 goto failed;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	734 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	735
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	736 break;
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	737
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	738 case NGX_QUIC_PATH_MTUD:
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	739 if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	740 goto failed;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	741 }
8971 1e2f4e9c8195 QUIC: reworked migration handling. Vladimir Homutov <vl@nginx.com> parents: 8944 diff changeset	742
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	743 break;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	744
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	745 default:
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	746 break;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	747 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	748 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	749
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	750 ngx_quic_set_path_timer(c);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	751
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	752 return;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	753
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	754 failed:
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	755
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	756 ngx_quic_close_connection(c, NGX_ERROR);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	757 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	758
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	759
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	760 static ngx_int_t
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	761 ngx_quic_expire_path_validation(ngx_connection_t c, ngx_quic_path_t path)
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	762 {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	763 ngx_msec_int_t pto;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	764 ngx_quic_path_t *bkp;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	765 ngx_quic_send_ctx_t *ctx;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	766 ngx_quic_connection_t *qc;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	767
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	768 qc = ngx_quic_get_connection(c);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	769 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	770
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	771 if (++path->tries < NGX_QUIC_PATH_RETRIES) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	772 pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	773 path->expires = ngx_current_msec + pto;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	774
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	775 (void) ngx_quic_send_path_challenge(c, path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	776
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	777 return NGX_OK;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	778 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	779
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	780 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	781 "quic path seq:%uL validation failed", path->seqnum);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	782
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	783 /* found expired path */
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	784
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	785 path->validated = 0;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	786
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	787
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	788 /* RFC 9000, 9.3.2. On-Path Address Spoofing
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	789 *
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	790 * To protect the connection from failing due to such a spurious
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	791 * migration, an endpoint MUST revert to using the last validated
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	792 * peer address when validation of a new peer address fails.
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	793 */
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	794
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	795 if (qc->path == path) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	796 /* active path validation failed */
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	797
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	798 bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	799
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	800 if (bkp == NULL) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	801 qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	802 qc->error_reason = "no viable path";
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	803 return NGX_ERROR;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	804 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	805
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	806 qc->path = bkp;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	807 qc->path->tag = NGX_QUIC_PATH_ACTIVE;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	808
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	809 ngx_quic_set_connection_path(c, qc->path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	810
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	811 ngx_log_error(NGX_LOG_INFO, c->log, 0,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	812 "quic path seq:%uL addr:%V is restored from backup",
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	813 qc->path->seqnum, &qc->path->addr_text);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	814
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	815 ngx_quic_path_dbg(c, "is active", qc->path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	816 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	817
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	818 return ngx_quic_free_path(c, path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	819 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	820
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	821
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	822 static ngx_int_t
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	823 ngx_quic_expire_path_mtu_delay(ngx_connection_t c, ngx_quic_path_t path)
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	824 {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	825 ngx_int_t rc;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	826 ngx_uint_t i;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	827 ngx_msec_t pto;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	828 ngx_quic_send_ctx_t *ctx;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	829 ngx_quic_connection_t *qc;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	830
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	831 qc = ngx_quic_get_connection(c);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	832 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	833
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	834 path->tries = 0;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	835
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	836 for ( ;; ) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	837
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	838 for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	839 path->mtu_pnum[i] = NGX_QUIC_UNSET_PN;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	840 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	841
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	842 rc = ngx_quic_send_path_mtu_probe(c, path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	843
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	844 if (rc == NGX_ERROR) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	845 return NGX_ERROR;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	846 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	847
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	848 if (rc == NGX_OK) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	849 pto = ngx_quic_pto(c, ctx);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	850 path->expires = ngx_current_msec + pto;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	851 path->state = NGX_QUIC_PATH_MTUD;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	852 return NGX_OK;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	853 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	854
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	855 /* rc == NGX_DECLINED */
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	856
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	857 path->max_mtu = path->mtud;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	858
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	859 if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	860 path->state = NGX_QUIC_PATH_IDLE;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	861 return NGX_OK;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	862 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	863
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	864 path->mtud = (path->mtu + path->max_mtu) / 2;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	865 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	866 }
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	867
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	868
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	869 static ngx_int_t
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	870 ngx_quic_expire_path_mtu_discovery(ngx_connection_t c, ngx_quic_path_t path)
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	871 {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	872 ngx_int_t rc;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	873 ngx_msec_int_t pto;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	874 ngx_quic_send_ctx_t *ctx;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	875 ngx_quic_connection_t *qc;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	876
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	877 qc = ngx_quic_get_connection(c);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	878 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	879
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	880 if (++path->tries < NGX_QUIC_PATH_RETRIES) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	881 rc = ngx_quic_send_path_mtu_probe(c, path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	882
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	883 if (rc == NGX_ERROR) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	884 return NGX_ERROR;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	885 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	886
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	887 if (rc == NGX_OK) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	888 pto = ngx_quic_pto(c, ctx) << path->tries;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	889 path->expires = ngx_current_msec + pto;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	890 return NGX_OK;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	891 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	892
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	893 /* rc == NGX_DECLINED */
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	894 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	895
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	896 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	897 "quic path seq:%uL expired mtu:%uz",
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	898 path->seqnum, path->mtud);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	899
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	900 path->max_mtu = path->mtud;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	901
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	902 ngx_quic_discover_path_mtu(c, path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	903
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	904 return NGX_OK;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	905 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	906
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	907
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	908 static ngx_int_t
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	909 ngx_quic_send_path_mtu_probe(ngx_connection_t c, ngx_quic_path_t path)
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	910 {
9190 3a67dd34b6cc QUIC: fixed anti-amplification with explicit send. Roman Arutyunyan <arut@nginx.com> parents: 9189 diff changeset	911 size_t mtu;
9208 2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	912 uint64_t pnum;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	913 ngx_int_t rc;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	914 ngx_uint_t log_error;
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	915 ngx_quic_frame_t *frame;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	916 ngx_quic_send_ctx_t *ctx;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	917 ngx_quic_connection_t *qc;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	918
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	919 frame = ngx_quic_alloc_frame(c);
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	920 if (frame == NULL) {
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	921 return NGX_ERROR;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	922 }
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	923
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	924 frame->level = ssl_encryption_application;
efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	925 frame->type = NGX_QUIC_FT_PING;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	926
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	927 qc = ngx_quic_get_connection(c);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	928 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
9208 2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	929 pnum = ctx->pnum;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	930
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	931 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	932 "quic path seq:%uL send probe "
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	933 "mtu:%uz pnum:%uL tries:%ui",
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	934 path->seqnum, path->mtud, ctx->pnum, path->tries);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	935
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	936 log_error = c->log_error;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	937 c->log_error = NGX_ERROR_IGNORE_EMSGSIZE;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	938
9190 3a67dd34b6cc QUIC: fixed anti-amplification with explicit send. Roman Arutyunyan <arut@nginx.com> parents: 9189 diff changeset	939 mtu = path->mtu;
3a67dd34b6cc QUIC: fixed anti-amplification with explicit send. Roman Arutyunyan <arut@nginx.com> parents: 9189 diff changeset	940 path->mtu = path->mtud;
3a67dd34b6cc QUIC: fixed anti-amplification with explicit send. Roman Arutyunyan <arut@nginx.com> parents: 9189 diff changeset	941
9192 efcdaa66df2e QUIC: congestion control in ngx_quic_frame_sendto(). Roman Arutyunyan <arut@nginx.com> parents: 9191 diff changeset	942 rc = ngx_quic_frame_sendto(c, frame, path->mtud, path);
9190 3a67dd34b6cc QUIC: fixed anti-amplification with explicit send. Roman Arutyunyan <arut@nginx.com> parents: 9189 diff changeset	943
3a67dd34b6cc QUIC: fixed anti-amplification with explicit send. Roman Arutyunyan <arut@nginx.com> parents: 9189 diff changeset	944 path->mtu = mtu;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	945 c->log_error = log_error;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	946
9208 2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	947 if (rc == NGX_OK) {
2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	948 path->mtu_pnum[path->tries] = pnum;
2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	949 return NGX_OK;
2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	950 }
2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	951
2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	952 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	953 "quic path seq:%uL rejected mtu:%uz",
2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	954 path->seqnum, path->mtud);
2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	955
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	956 if (rc == NGX_ERROR) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	957 if (c->write->error) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	958 c->write->error = 0;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	959 return NGX_DECLINED;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	960 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	961
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	962 return NGX_ERROR;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	963 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	964
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	965 return NGX_OK;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	966 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	967
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	968
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	969 ngx_int_t
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	970 ngx_quic_handle_path_mtu(ngx_connection_t c, ngx_quic_path_t path,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	971 uint64_t min, uint64_t max)
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	972 {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	973 uint64_t pnum;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	974 ngx_uint_t i;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	975
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	976 if (path->state != NGX_QUIC_PATH_MTUD) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	977 return NGX_OK;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	978 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	979
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	980 for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	981 pnum = path->mtu_pnum[i];
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	982
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	983 if (pnum == NGX_QUIC_UNSET_PN) {
9208 2ed3f57dca0a QUIC: fixed unsent MTU probe acknowledgement. Roman Arutyunyan <arut@nginx.com> parents: 9196 diff changeset	984 continue;
9147 58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	985 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	986
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	987 if (pnum < min \|\| pnum > max) {
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	988 continue;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	989 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	990
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	991 path->mtu = path->mtud;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	992
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	993 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	994 "quic path seq:%uL ack mtu:%uz",
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	995 path->seqnum, path->mtu);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	996
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	997 ngx_quic_discover_path_mtu(c, path);
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	998
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	999 break;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	1000 }
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	1001
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	1002 return NGX_OK;
58afcd72446f QUIC: path MTU discovery. Roman Arutyunyan <arut@nginx.com> parents: 9146 diff changeset	1003 }

Mercurial > hg > nginx

annotate src/event/quic/ngx_event_quic_migration.c @ 9284:5c6649b4308f