Mercurial > hg > nginx
annotate src/event/quic/ngx_event_quic_migration.c @ 8822:ad046179eb91 quic
QUIC: handle EAGAIN properly on UDP sockets.
Previously, the error was ignored leading to unnecessary retransmits.
Now, unsent frames are returned into output queue, state is reset, and
timer is started for the next send attempt.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Wed, 28 Jul 2021 17:23:18 +0300 |
| parents | 4715f3e669f1 |
| children | a951e0809044 |
| rev | line source |
|---|---|
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #include <ngx_config.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_core.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_event.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
13 static void ngx_quic_set_connection_path(ngx_connection_t *c, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
14 ngx_quic_path_t *path); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
15 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
16 ngx_quic_socket_t *qsock); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
17 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
18 ngx_quic_path_t *path); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
19 static ngx_int_t ngx_quic_path_restore(ngx_connection_t *c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
20 static ngx_quic_path_t *ngx_quic_alloc_path(ngx_connection_t *c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
21 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
22 |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
23 ngx_int_t |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
24 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, |
|
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
25 ngx_quic_path_challenge_frame_t *f) |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
26 { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
27 off_t max, pad; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
28 ssize_t sent; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
29 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
30 ngx_quic_frame_t frame, *fp; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
31 ngx_quic_socket_t *qsock; |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
32 ngx_quic_connection_t *qc; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
33 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
34 qc = ngx_quic_get_connection(c); |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
35 |
|
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
36 frame.level = ssl_encryption_application; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
37 frame.type = NGX_QUIC_FT_PATH_RESPONSE; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
38 frame.u.path_response = *f; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
39 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
40 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
41 * RFC 9000, 8.2.2. Path Validation Responses |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
42 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
43 * A PATH_RESPONSE frame MUST be sent on the network path where the |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
44 * PATH_CHALLENGE frame was received. |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
45 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
46 qsock = ngx_quic_get_socket(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
47 path = qsock->path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
48 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
49 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
50 * An endpoint MUST NOT expand the datagram containing the PATH_RESPONSE |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
51 * if the resulting data exceeds the anti-amplification limit. |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
52 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
53 max = path->received * 3; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
54 max = (path->sent >= max) ? 0 : max - path->sent; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
55 pad = ngx_min(1200, max); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
56 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
57 sent = ngx_quic_frame_sendto(c, &frame, pad, path->sockaddr, path->socklen); |
|
8822
ad046179eb91
QUIC: handle EAGAIN properly on UDP sockets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
58 if (sent < 0) { |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
59 return NGX_ERROR; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
60 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
61 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
62 path->sent += sent; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
63 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
64 if (qsock == qc->socket) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
65 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
66 * RFC 9000, 9.3.3. Off-Path Packet Forwarding |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
67 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
68 * An endpoint that receives a PATH_CHALLENGE on an active path SHOULD |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
69 * send a non-probing packet in response. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
70 */ |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
71 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
72 fp = ngx_quic_alloc_frame(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
73 if (fp == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
74 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
75 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
76 |
|
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
77 fp->level = ssl_encryption_application; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
78 fp->type = NGX_QUIC_FT_PING; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
79 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
80 ngx_quic_queue_frame(qc, fp); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
81 } |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
82 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
83 return NGX_OK; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
84 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
85 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
86 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
87 ngx_int_t |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
88 ngx_quic_handle_path_response_frame(ngx_connection_t *c, |
|
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
89 ngx_quic_path_challenge_frame_t *f) |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
90 { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
91 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
92 ngx_quic_path_t *path, *prev; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
93 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
94 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
95 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
96 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
97 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
98 * RFC 9000, 8.2.3. Successful Path Validation |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
99 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
100 * A PATH_RESPONSE frame received on any network path validates the path |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
101 * on which the PATH_CHALLENGE was sent. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
102 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
103 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
104 for (q = ngx_queue_head(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
105 q != ngx_queue_sentinel(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
106 q = ngx_queue_next(q)) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
107 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
108 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
109 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
110 if (path->state != NGX_QUIC_PATH_VALIDATING) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
111 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
112 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
113 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
114 if (ngx_memcmp(path->challenge1, f->data, sizeof(f->data)) == 0 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
115 || ngx_memcmp(path->challenge2, f->data, sizeof(f->data)) == 0) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
116 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
117 goto valid; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
118 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
119 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
120 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
121 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
122 "quic stale PATH_RESPONSE ignored"); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
123 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
124 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
125 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
126 valid: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
127 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
128 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
129 * RFC 9000, 9.4. Loss Detection and Congestion Control |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
130 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
131 * On confirming a peer's ownership of its new address, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
132 * an endpoint MUST immediately reset the congestion controller |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
133 * and round-trip time estimator for the new path to initial values |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
134 * unless the only change in the peer's address is its port number. |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
135 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
136 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
137 prev = qc->backup->path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
138 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
139 if (ngx_cmp_sockaddr(prev->sockaddr, prev->socklen, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
140 path->sockaddr, path->socklen, 0) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
141 != NGX_OK) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
142 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
143 /* address has changed */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
144 ngx_memzero(&qc->congestion, sizeof(ngx_quic_congestion_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
145 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
146 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
147 ngx_max(2 * qc->tp.max_udp_payload_size, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
148 14720)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
149 qc->congestion.ssthresh = (size_t) -1; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
150 qc->congestion.recovery_start = ngx_current_msec; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
151 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
152 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
153 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
154 * RFC 9000, 9.3. Responding to Connection Migration |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
155 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
156 * After verifying a new client address, the server SHOULD |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
157 * send new address validation tokens (Section 8) to the client. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
158 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
159 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
160 if (ngx_quic_send_new_token(c, path) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
161 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
162 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
163 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
164 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
165 "quic path #%uL successfully validated", path->seqnum); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
166 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
167 path->state = NGX_QUIC_PATH_VALIDATED; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
168 path->validated_at = ngx_time(); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
169 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
170 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
171 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
172 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
173 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
174 static ngx_quic_path_t * |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
175 ngx_quic_alloc_path(ngx_connection_t *c) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
176 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
177 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
178 struct sockaddr *sa; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
179 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
180 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
181 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
182 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
183 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
184 if (!ngx_queue_empty(&qc->free_paths)) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
185 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
186 q = ngx_queue_head(&qc->free_paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
187 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
188 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
189 ngx_queue_remove(&path->queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
190 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
191 sa = path->sockaddr; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
192 ngx_memzero(path, sizeof(ngx_quic_path_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
193 path->sockaddr = sa; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
194 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
195 } else { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
196 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
197 path = ngx_pcalloc(c->pool, sizeof(ngx_quic_path_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
198 if (path == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
199 return NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
200 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
201 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
202 path->sockaddr = ngx_palloc(c->pool, NGX_SOCKADDRLEN); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
203 if (path->sockaddr == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
204 return NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
205 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
206 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
207 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
208 return path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
209 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
210 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
211 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
212 ngx_quic_path_t * |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
213 ngx_quic_add_path(ngx_connection_t *c, struct sockaddr *sockaddr, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
214 socklen_t socklen) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
215 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
216 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
217 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
218 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
219 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
220 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
221 path = ngx_quic_alloc_path(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
222 if (path == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
223 return NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
224 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
225 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
226 path->seqnum = qc->path_seqnum++; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
227 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
228 path->socklen = socklen; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
229 ngx_memcpy(path->sockaddr, sockaddr, socklen); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
230 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
231 path->addr_text.data = path->text; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
232 path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
233 NGX_SOCKADDR_STRLEN, 1); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
234 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
235 ngx_queue_insert_tail(&qc->paths, &path->queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
236 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
237 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
238 "quic path #%uL created src:%V", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
239 path->seqnum, &path->addr_text); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
240 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
241 return path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
242 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
243 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
244 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
245 ngx_quic_path_t * |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
246 ngx_quic_find_path(ngx_connection_t *c, struct sockaddr *sockaddr, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
247 socklen_t socklen) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
248 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
249 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
250 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
251 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
252 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
253 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
254 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
255 for (q = ngx_queue_head(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
256 q != ngx_queue_sentinel(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
257 q = ngx_queue_next(q)) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
258 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
259 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
260 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
261 if (ngx_cmp_sockaddr(sockaddr, socklen, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
262 path->sockaddr, path->socklen, 1) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
263 == NGX_OK) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
264 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
265 return path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
266 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
267 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
268 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
269 return NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
270 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
271 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
272 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
273 ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
274 ngx_quic_check_migration(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
275 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
276 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
277 ngx_quic_socket_t *qsock; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
278 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
279 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
280 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
281 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
282 qsock = ngx_quic_get_socket(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
283 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
284 if (c->udp->dgram == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
285 /* 2nd QUIC packet in first UDP datagram */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
286 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
287 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
288 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
289 path = ngx_quic_find_path(c, c->udp->dgram->sockaddr, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
290 c->udp->dgram->socklen); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
291 if (path == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
292 /* packet comes from unknown path, possibly migration */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
293 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
294 if (qc->tp.disable_active_migration) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
295 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
296 "quic migration disabled, dropping packet " |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
297 "from unknown path"); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
298 return NGX_DECLINED; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
299 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
300 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
301 if (pkt->level != ssl_encryption_application) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
302 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
303 "quic too early migration attempt"); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
304 return NGX_DECLINED; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
305 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
306 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
307 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
308 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
309 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
310 /* packet from known path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
311 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
312 if (qsock->path == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
313 /* client switched to previously unused server id */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
314 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
315 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
316 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
317 if (path == qsock->path) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
318 /* regular packet to expected path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
319 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
320 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
321 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
322 /* client is trying to use server id already used on other path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
323 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
324 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
325 "quic attempt to use socket #%uL:%uL:%uL with path #%uL", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
326 qsock->sid.seqnum, qsock->cid->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
327 qsock->path->seqnum, path->seqnum); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
328 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
329 return NGX_DECLINED; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
330 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
331 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
332 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
333 ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
334 ngx_quic_update_paths(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
335 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
336 off_t len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
337 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
338 ngx_quic_socket_t *qsock; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
339 ngx_quic_client_id_t *cid; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
340 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
341 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
342 qsock = ngx_quic_get_socket(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
343 path = qsock->path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
344 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
345 if (path) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
346 goto update; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
347 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
348 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
349 path = ngx_quic_find_path(c, c->udp->dgram->sockaddr, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
350 c->udp->dgram->socklen); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
351 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
352 if (path == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
353 path = ngx_quic_add_path(c, c->udp->dgram->sockaddr, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
354 c->udp->dgram->socklen); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
355 if (path == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
356 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
357 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
358 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
359 |
|
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
360 /* prefer unused client IDs if available */ |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
361 cid = ngx_quic_next_client_id(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
362 if (cid == NULL) { |
|
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
363 |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
364 /* try to reuse connection ID used on the same path */ |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
365 cid = ngx_quic_used_client_id(c, path); |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
366 if (cid == NULL) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
367 |
|
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
368 qc = ngx_quic_get_connection(c); |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
369 qc->error = NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR; |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
370 qc->error_reason = "no available client ids for new path"; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
371 |
|
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
372 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
373 "no available client ids for new path"); |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
374 |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
375 return NGX_ERROR; |
|
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
376 } |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
377 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
378 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
379 ngx_quic_connect(c, qsock, path, cid); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
380 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
381 update: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
382 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
383 if (pkt->raw->start == pkt->data) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
384 len = pkt->raw->last - pkt->raw->start; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
385 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
386 } else { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
387 len = 0; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
388 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
389 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
390 /* TODO: this may be too late in some cases; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
391 * for example, if error happens during decrypt(), we cannot |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
392 * send CC, if error happens in 1st packet, due to amplification |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
393 * limit, because path->received = 0 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
394 * |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
395 * should we account garbage as received or only decrypting packets? |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
396 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
397 path->received += len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
398 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
399 ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
400 "quic packet via #%uL:%uL:%uL" |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
401 " size:%O path recvd:%O sent:%O", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
402 qsock->sid.seqnum, qsock->cid->seqnum, path->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
403 len, path->received, path->sent); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
404 |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
405 return NGX_OK; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
406 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
407 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
408 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
409 static void |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
410 ngx_quic_set_connection_path(ngx_connection_t *c, ngx_quic_path_t *path) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
411 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
412 size_t len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
413 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
414 ngx_memcpy(c->sockaddr, path->sockaddr, path->socklen); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
415 c->socklen = path->socklen; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
416 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
417 if (c->addr_text.data) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
418 len = ngx_min(c->addr_text.len, path->addr_text.len); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
419 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
420 ngx_memcpy(c->addr_text.data, path->addr_text.data, len); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
421 c->addr_text.len = len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
422 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
423 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
424 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
425 "quic send path set to #%uL addr:%V", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
426 path->seqnum, &path->addr_text); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
427 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
428 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
429 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
430 ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
431 ngx_quic_handle_migration(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
432 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
433 ngx_quic_path_t *next; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
434 ngx_quic_socket_t *qsock; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
435 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
436 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
437 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
438 /* got non-probing packet via non-active socket with different path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
439 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
440 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
441 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
442 /* current socket, different from active */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
443 qsock = ngx_quic_get_socket(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
444 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
445 next = qsock->path; /* going to migrate to this path... */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
446 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
447 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
448 "quic migration from #%uL:%uL:%uL (%s)" |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
449 " to #%uL:%uL:%uL (%s)", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
450 qc->socket->sid.seqnum, qc->socket->cid->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
451 qc->socket->path->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
452 ngx_quic_path_state_str(qc->socket->path), |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
453 qsock->sid.seqnum, qsock->cid->seqnum, next->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
454 ngx_quic_path_state_str(next)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
455 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
456 switch (next->state) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
457 case NGX_QUIC_PATH_NEW: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
458 if (ngx_quic_validate_path(c, qsock) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
459 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
460 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
461 break; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
462 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
463 /* migration to previously known path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
464 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
465 case NGX_QUIC_PATH_VALIDATING: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
466 /* alredy validating, nothing to do */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
467 break; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
468 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
469 case NGX_QUIC_PATH_VALIDATED: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
470 /* if path is old enough, revalidate */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
471 if (ngx_time() - next->validated_at > NGX_QUIC_PATH_VALID_TIME) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
472 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
473 next->state = NGX_QUIC_PATH_NEW; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
474 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
475 if (ngx_quic_validate_path(c, qsock) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
476 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
477 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
478 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
479 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
480 break; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
481 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
482 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
483 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
484 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
485 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
486 * RFC 9000, 9.3. Responding to Connection Migration |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
487 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
488 * An endpoint only changes the address to which it sends packets in |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
489 * response to the highest-numbered non-probing packet. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
490 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
491 if (pkt->pn != ctx->largest_pn) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
492 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
493 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
494 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
495 /* switching connection to new path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
496 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
497 ngx_quic_set_connection_path(c, next); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
498 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
499 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
500 * RFC 9000, 9.5. Privacy Implications of Connection Migration |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
501 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
502 * An endpoint MUST NOT reuse a connection ID when sending to |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
503 * more than one destination address. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
504 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
505 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
506 /* preserve valid path we are migrating from */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
507 if (qc->socket->path->state == NGX_QUIC_PATH_VALIDATED) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
508 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
509 if (qc->backup) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
510 ngx_quic_close_socket(c, qc->backup); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
511 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
512 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
513 qc->backup = qc->socket; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
514 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
515 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
516 "quic backup socket is now #%uL:%uL:%uL (%s)", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
517 qc->backup->sid.seqnum, qc->backup->cid->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
518 qc->backup->path->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
519 ngx_quic_path_state_str(qc->backup->path)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
520 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
521 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
522 qc->socket = qsock; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
523 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
524 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
525 "quic active socket is now #%uL:%uL:%uL (%s)", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
526 qsock->sid.seqnum, qsock->cid->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
527 qsock->path->seqnum, ngx_quic_path_state_str(qsock->path)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
528 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
529 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
530 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
531 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
532 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
533 static ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
534 ngx_quic_validate_path(ngx_connection_t *c, ngx_quic_socket_t *qsock) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
535 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
536 ngx_msec_t pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
537 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
538 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
539 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
540 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
541 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
542 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
543 path = qsock->path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
544 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
545 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
546 "quic initiated validation of new path #%uL", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
547 path->seqnum); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
548 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
549 path->state = NGX_QUIC_PATH_VALIDATING; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
550 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
551 if (RAND_bytes(path->challenge1, 8) != 1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
552 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
553 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
554 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
555 if (RAND_bytes(path->challenge2, 8) != 1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
556 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
557 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
558 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
559 if (ngx_quic_send_path_challenge(c, path) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
560 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
561 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
562 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
563 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
564 pto = ngx_quic_pto(c, ctx); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
565 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
566 path->expires = ngx_current_msec + pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
567 path->tries = NGX_QUIC_PATH_RETRIES; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
568 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
569 if (!qc->path_validation.timer_set) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
570 ngx_add_timer(&qc->path_validation, pto); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
571 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
572 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
573 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
574 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
575 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
576 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
577 static ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
578 ngx_quic_send_path_challenge(ngx_connection_t *c, ngx_quic_path_t *path) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
579 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
580 off_t max, pad; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
581 ssize_t sent; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
582 ngx_quic_frame_t frame; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
583 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
584 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
585 "quic path #%uL send path challenge tries:%ui", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
586 path->seqnum, path->tries); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
587 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
588 frame.level = ssl_encryption_application; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
589 frame.type = NGX_QUIC_FT_PATH_CHALLENGE; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
590 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
591 ngx_memcpy(frame.u.path_challenge.data, path->challenge1, 8); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
592 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
593 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
594 * RFC 9000, 8.2.1. Initiating Path Validation |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
595 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
596 * An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
597 * to at least the smallest allowed maximum datagram size of 1200 bytes, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
598 * unless the anti-amplification limit for the path does not permit |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
599 * sending a datagram of this size. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
600 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
601 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
602 /* same applies to PATH_RESPONSE frames */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
603 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
604 max = path->received * 3; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
605 max = (path->sent >= max) ? 0 : max - path->sent; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
606 pad = ngx_min(1200, max); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
607 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
608 sent = ngx_quic_frame_sendto(c, &frame, pad, path->sockaddr, path->socklen); |
|
8822
ad046179eb91
QUIC: handle EAGAIN properly on UDP sockets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
609 if (sent < 0) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
610 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
611 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
612 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
613 path->sent += sent; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
614 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
615 ngx_memcpy(frame.u.path_challenge.data, path->challenge2, 8); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
616 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
617 max = (path->sent >= max) ? 0 : max - path->sent; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
618 pad = ngx_min(1200, max); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
619 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
620 sent = ngx_quic_frame_sendto(c, &frame, pad, path->sockaddr, path->socklen); |
|
8822
ad046179eb91
QUIC: handle EAGAIN properly on UDP sockets.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
621 if (sent < 0) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
622 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
623 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
624 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
625 path->sent += sent; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
626 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
627 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
628 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
629 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
630 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
631 void |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
632 ngx_quic_path_validation_handler(ngx_event_t *ev) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
633 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
634 ngx_msec_t now; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
635 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
636 ngx_msec_int_t left, next, pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
637 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
638 ngx_connection_t *c; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
639 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
640 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
641 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
642 c = ev->data; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
643 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
644 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
645 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
646 pto = ngx_quic_pto(c, ctx); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
647 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
648 next = -1; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
649 now = ngx_current_msec; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
650 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
651 for (q = ngx_queue_head(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
652 q != ngx_queue_sentinel(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
653 q = ngx_queue_next(q)) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
654 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
655 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
656 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
657 if (path->state != NGX_QUIC_PATH_VALIDATING) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
658 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
659 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
660 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
661 left = path->expires - now; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
662 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
663 if (left > 0) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
664 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
665 if (next == -1 || left < next) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
666 next = path->expires; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
667 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
668 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
669 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
670 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
671 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
672 if (--path->tries) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
673 path->expires = ngx_current_msec + pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
674 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
675 if (next == -1 || pto < next) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
676 next = pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
677 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
678 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
679 /* retransmit */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
680 (void) ngx_quic_send_path_challenge(c, path); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
681 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
682 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
683 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
684 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
685 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
686 "quic path #%uL validation failed", path->seqnum); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
687 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
688 /* found expired path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
689 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
690 path->state = NGX_QUIC_PATH_NEW; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
691 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
692 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
693 * RFC 9000, 9.4. Loss Detection and Congestion Control |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
694 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
695 * If the timer fires before the PATH_RESPONSE is received, the |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
696 * endpoint might send a new PATH_CHALLENGE and restart the timer for |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
697 * a longer period of time. This timer SHOULD be set as described in |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
698 * Section 6.2.1 of [QUIC-RECOVERY] and MUST NOT be more aggressive. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
699 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
700 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
701 if (qc->socket->path != path) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
702 /* the path was not actually used */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
703 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
704 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
705 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
706 if (ngx_quic_path_restore(c) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
707 qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
708 qc->error_reason = "no viable path"; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
709 ngx_quic_close_connection(c, NGX_ERROR); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
710 return; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
711 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
712 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
713 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
714 if (next != -1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
715 ngx_add_timer(&qc->path_validation, next); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
716 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
717 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
718 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
719 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
720 static ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
721 ngx_quic_path_restore(ngx_connection_t *c) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
722 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
723 ngx_quic_socket_t *qsock; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
724 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
725 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
726 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
727 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
728 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
729 * RFC 9000, 9.1. Probing a New Path |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
730 * |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
731 * Failure to validate a path does not cause the connection to end |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
732 * |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
733 * RFC 9000, 9.3.2. On-Path Address Spoofing |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
734 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
735 * To protect the connection from failing due to such a spurious |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
736 * migration, an endpoint MUST revert to using the last validated |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
737 * peer address when validation of a new peer address fails. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
738 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
739 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
740 if (qc->backup == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
741 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
742 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
743 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
744 qc->socket = qc->backup; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
745 qc->backup = NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
746 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
747 qsock = qc->socket; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
748 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
749 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
750 "quic active socket is restored to #%uL:%uL:%uL" |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
751 " (%s), no backup", |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
752 qsock->sid.seqnum, qsock->cid->seqnum, qsock->path->seqnum, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
753 ngx_quic_path_state_str(qsock->path)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
754 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
755 ngx_quic_set_connection_path(c, qsock->path); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
756 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
757 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
758 } |