Mercurial > hg > nginx
annotate src/event/quic/ngx_event_quic_migration.c @ 9139:d7dec2970161
QUIC: always add ACK frame to the queue head.
Previously it was added to the tail as all other frames. However, if the
amount of queued data is large, it could delay the delivery of ACK, which
could trigger frames retransmissions and slow down the connection.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Thu, 10 Aug 2023 20:11:29 +0400 |
| parents | 9462c514a653 |
| children | bba136612fe4 |
| rev | line source |
|---|---|
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #include <ngx_config.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_core.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_event.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
13 static void ngx_quic_set_connection_path(ngx_connection_t *c, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
14 ngx_quic_path_t *path); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
15 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c, |
|
8944
b7284807b4fa
QUIC: refactored ngx_quic_validate_path().
Vladimir Homutov <vl@nginx.com>
parents:
8943
diff
changeset
|
16 ngx_quic_path_t *path); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
17 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
18 ngx_quic_path_t *path); |
|
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
19 static void ngx_quic_set_path_timer(ngx_connection_t *c); |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
20 static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
21 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
22 |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
23 ngx_int_t |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
24 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
25 ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f) |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
26 { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
27 ngx_quic_frame_t frame, *fp; |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
28 ngx_quic_connection_t *qc; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
29 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
30 qc = ngx_quic_get_connection(c); |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
31 |
|
8933
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8932
diff
changeset
|
32 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
|
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8932
diff
changeset
|
33 |
|
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
34 frame.level = ssl_encryption_application; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
35 frame.type = NGX_QUIC_FT_PATH_RESPONSE; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
36 frame.u.path_response = *f; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
37 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
38 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
39 * RFC 9000, 8.2.2. Path Validation Responses |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
40 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
41 * A PATH_RESPONSE frame MUST be sent on the network path where the |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
42 * PATH_CHALLENGE frame was received. |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
43 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
44 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
45 /* |
|
8901
a951e0809044
QUIC: fixed PATH_RESPONSE frame expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8822
diff
changeset
|
46 * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame |
|
a951e0809044
QUIC: fixed PATH_RESPONSE frame expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8822
diff
changeset
|
47 * to at least the smallest allowed maximum datagram size of 1200 bytes. |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
48 */ |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
49 if (ngx_quic_frame_sendto(c, &frame, 1200, pkt->path) != NGX_OK) { |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
50 return NGX_ERROR; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
51 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
52 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
53 if (pkt->path == qc->path) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
54 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
55 * RFC 9000, 9.3.3. Off-Path Packet Forwarding |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
56 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
57 * An endpoint that receives a PATH_CHALLENGE on an active path SHOULD |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
58 * send a non-probing packet in response. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
59 */ |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
60 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
61 fp = ngx_quic_alloc_frame(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
62 if (fp == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
63 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
64 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
65 |
|
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
66 fp->level = ssl_encryption_application; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
67 fp->type = NGX_QUIC_FT_PING; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
68 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
69 ngx_quic_queue_frame(qc, fp); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
70 } |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
71 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
72 return NGX_OK; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
73 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
74 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
75 |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
76 ngx_int_t |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
77 ngx_quic_handle_path_response_frame(ngx_connection_t *c, |
|
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
78 ngx_quic_path_challenge_frame_t *f) |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
79 { |
|
8943
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
80 ngx_uint_t rst; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
81 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
82 ngx_quic_path_t *path, *prev; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
83 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
84 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
85 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
86 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
87 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
88 * RFC 9000, 8.2.3. Successful Path Validation |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
89 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
90 * A PATH_RESPONSE frame received on any network path validates the path |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
91 * on which the PATH_CHALLENGE was sent. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
92 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
93 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
94 for (q = ngx_queue_head(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
95 q != ngx_queue_sentinel(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
96 q = ngx_queue_next(q)) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
97 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
98 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
99 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
100 if (!path->validating) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
101 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
102 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
103 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
104 if (ngx_memcmp(path->challenge1, f->data, sizeof(f->data)) == 0 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
105 || ngx_memcmp(path->challenge2, f->data, sizeof(f->data)) == 0) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
106 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
107 goto valid; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
108 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
109 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
110 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
111 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
9015
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8997
diff
changeset
|
112 "quic stale PATH_RESPONSE ignored"); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
113 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
114 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
115 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
116 valid: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
117 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
118 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
119 * RFC 9000, 9.4. Loss Detection and Congestion Control |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
120 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
121 * On confirming a peer's ownership of its new address, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
122 * an endpoint MUST immediately reset the congestion controller |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
123 * and round-trip time estimator for the new path to initial values |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
124 * unless the only change in the peer's address is its port number. |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
125 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
126 |
|
8943
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
127 rst = 1; |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
128 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
129 prev = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
130 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
131 if (prev != NULL) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
132 |
|
8943
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
133 if (ngx_cmp_sockaddr(prev->sockaddr, prev->socklen, |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
134 path->sockaddr, path->socklen, 0) |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
135 == NGX_OK) |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
136 { |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
137 /* address did not change */ |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
138 rst = 0; |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
139 } |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
140 } |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
141 |
|
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
142 if (rst) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
143 ngx_memzero(&qc->congestion, sizeof(ngx_quic_congestion_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
144 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
145 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
146 ngx_max(2 * qc->tp.max_udp_payload_size, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
147 14720)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
148 qc->congestion.ssthresh = (size_t) -1; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
149 qc->congestion.recovery_start = ngx_current_msec; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
150 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
151 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
152 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
153 * RFC 9000, 9.3. Responding to Connection Migration |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
154 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
155 * After verifying a new client address, the server SHOULD |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
156 * send new address validation tokens (Section 8) to the client. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
157 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
158 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
159 if (ngx_quic_send_new_token(c, path) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
160 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
161 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
162 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
163 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
164 "quic path seq:%uL addr:%V successfully validated", |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
165 path->seqnum, &path->addr_text); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
166 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
167 ngx_quic_path_dbg(c, "is validated", path); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
168 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
169 path->validated = 1; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
170 path->validating = 0; |
|
8940
fb41e37ddeb0
QUIC: decoupled path state and limitation status.
Vladimir Homutov <vl@nginx.com>
parents:
8939
diff
changeset
|
171 path->limited = 0; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
172 |
|
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
173 ngx_quic_set_path_timer(c); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
174 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
175 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
176 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
177 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
178 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
179 ngx_quic_path_t * |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
180 ngx_quic_new_path(ngx_connection_t *c, |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
181 struct sockaddr *sockaddr, socklen_t socklen, ngx_quic_client_id_t *cid) |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
182 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
183 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
184 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
185 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
186 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
187 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
188 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
189 if (!ngx_queue_empty(&qc->free_paths)) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
190 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
191 q = ngx_queue_head(&qc->free_paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
192 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
193 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
194 ngx_queue_remove(&path->queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
195 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
196 ngx_memzero(path, sizeof(ngx_quic_path_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
197 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
198 } else { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
199 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
200 path = ngx_pcalloc(c->pool, sizeof(ngx_quic_path_t)); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
201 if (path == NULL) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
202 return NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
203 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
204 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
205 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
206 ngx_queue_insert_tail(&qc->paths, &path->queue); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
207 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
208 path->cid = cid; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
209 cid->used = 1; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
210 |
|
8940
fb41e37ddeb0
QUIC: decoupled path state and limitation status.
Vladimir Homutov <vl@nginx.com>
parents:
8939
diff
changeset
|
211 path->limited = 1; |
|
fb41e37ddeb0
QUIC: decoupled path state and limitation status.
Vladimir Homutov <vl@nginx.com>
parents:
8939
diff
changeset
|
212 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
213 path->seqnum = qc->path_seqnum++; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
214 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
215 path->sockaddr = &path->sa.sockaddr; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
216 path->socklen = socklen; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
217 ngx_memcpy(path->sockaddr, sockaddr, socklen); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
218 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
219 path->addr_text.data = path->text; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
220 path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
221 NGX_SOCKADDR_STRLEN, 1); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
222 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
223 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
224 "quic path seq:%uL created addr:%V", |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
225 path->seqnum, &path->addr_text); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
226 return path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
227 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
228 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
229 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
230 static ngx_quic_path_t * |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
231 ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag) |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
232 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
233 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
234 ngx_quic_path_t *path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
235 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
236 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
237 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
238 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
239 for (q = ngx_queue_head(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
240 q != ngx_queue_sentinel(&qc->paths); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
241 q = ngx_queue_next(q)) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
242 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
243 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
244 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
245 if (path->tag == tag) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
246 return path; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
247 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
248 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
249 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
250 return NULL; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
251 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
252 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
253 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
254 ngx_int_t |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
255 ngx_quic_set_path(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
256 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
257 off_t len; |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
258 ngx_queue_t *q; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
259 ngx_quic_path_t *path, *probe; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
260 ngx_quic_socket_t *qsock; |
|
8972
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
261 ngx_quic_send_ctx_t *ctx; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
262 ngx_quic_client_id_t *cid; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
263 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
264 |
|
8939
ddd5e5c0f87d
QUIC: improved path validation.
Vladimir Homutov <vl@nginx.com>
parents:
8933
diff
changeset
|
265 qc = ngx_quic_get_connection(c); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
266 qsock = ngx_quic_get_socket(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
267 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
268 len = pkt->raw->last - pkt->raw->start; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
269 |
|
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
270 if (c->udp->buffer == NULL) { |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
271 /* first ever packet in connection, path already exists */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
272 path = qc->path; |
|
8913
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
273 goto update; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
274 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
275 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
276 probe = NULL; |
|
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
277 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
278 for (q = ngx_queue_head(&qc->paths); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
279 q != ngx_queue_sentinel(&qc->paths); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
280 q = ngx_queue_next(q)) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
281 { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
282 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
283 |
|
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
284 if (ngx_cmp_sockaddr(&qsock->sockaddr.sockaddr, qsock->socklen, |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
285 path->sockaddr, path->socklen, 1) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
286 == NGX_OK) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
287 { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
288 goto update; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
289 } |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
290 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
291 if (path->tag == NGX_QUIC_PATH_PROBE) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
292 probe = path; |
|
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
293 } |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
294 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
295 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
296 /* packet from new path, drop current probe, if any */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
297 |
|
8972
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
298 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
299 |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
300 /* |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
301 * only accept highest-numbered packets to prevent connection id |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
302 * exhaustion by excessive probing packets from unknown paths |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
303 */ |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
304 if (pkt->pn != ctx->largest_pn) { |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
305 return NGX_DONE; |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
306 } |
|
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
307 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
308 if (probe && ngx_quic_free_path(c, probe) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
309 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
310 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
311 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
312 /* new path requires new client id */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
313 cid = ngx_quic_next_client_id(c); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
314 if (cid == NULL) { |
|
9029
28fc35b71d75
QUIC: "info" logging level on insufficient client connection ids.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9017
diff
changeset
|
315 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
316 "quic no available client ids for new path"); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
317 /* stop processing of this datagram */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
318 return NGX_DONE; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
319 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
320 |
|
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
321 path = ngx_quic_new_path(c, &qsock->sockaddr.sockaddr, qsock->socklen, cid); |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
322 if (path == NULL) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
323 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
324 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
325 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
326 path->tag = NGX_QUIC_PATH_PROBE; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
327 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
328 /* |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
329 * client arrived using new path and previously seen DCID, |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
330 * this indicates NAT rebinding (or bad client) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
331 */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
332 if (qsock->used) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
333 pkt->rebound = 1; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
334 } |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
335 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
336 update: |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
337 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
338 qsock->used = 1; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
339 pkt->path = path; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
340 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
341 /* TODO: this may be too late in some cases; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
342 * for example, if error happens during decrypt(), we cannot |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
343 * send CC, if error happens in 1st packet, due to amplification |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
344 * limit, because path->received = 0 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
345 * |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
346 * should we account garbage as received or only decrypting packets? |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
347 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
348 path->received += len; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
349 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
350 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
351 "quic packet len:%O via sock seq:%L path seq:%uL", |
|
8985
da24a78720eb
QUIC: fixed handling of initial source connection id.
Vladimir Homutov <vl@nginx.com>
parents:
8972
diff
changeset
|
352 len, (int64_t) qsock->sid.seqnum, path->seqnum); |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
353 ngx_quic_path_dbg(c, "status", path); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
354 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
355 return NGX_OK; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
356 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
357 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
358 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
359 ngx_int_t |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
360 ngx_quic_free_path(ngx_connection_t *c, ngx_quic_path_t *path) |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
361 { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
362 ngx_quic_connection_t *qc; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
363 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
364 qc = ngx_quic_get_connection(c); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
365 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
366 ngx_queue_remove(&path->queue); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
367 ngx_queue_insert_head(&qc->free_paths, &path->queue); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
368 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
369 /* |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
370 * invalidate CID that is no longer usable for any other path; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
371 * this also requests new CIDs from client |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
372 */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
373 if (path->cid) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
374 if (ngx_quic_free_client_id(c, path->cid) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
375 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
376 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
377 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
378 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
379 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
380 "quic path seq:%uL addr:%V retired", |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
381 path->seqnum, &path->addr_text); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
382 |
|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
383 return NGX_OK; |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
384 } |
|
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
385 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
386 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
387 static void |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
388 ngx_quic_set_connection_path(ngx_connection_t *c, ngx_quic_path_t *path) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
389 { |
|
9015
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8997
diff
changeset
|
390 ngx_memcpy(c->sockaddr, path->sockaddr, path->socklen); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
391 c->socklen = path->socklen; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
392 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
393 if (c->addr_text.data) { |
|
9099
9462c514a653
QUIC: fixed addr_text after migration (ticket #2488).
Roman Arutyunyan <arut@nginx.com>
parents:
9098
diff
changeset
|
394 c->addr_text.len = ngx_sock_ntop(c->sockaddr, c->socklen, |
|
9462c514a653
QUIC: fixed addr_text after migration (ticket #2488).
Roman Arutyunyan <arut@nginx.com>
parents:
9098
diff
changeset
|
395 c->addr_text.data, |
|
9462c514a653
QUIC: fixed addr_text after migration (ticket #2488).
Roman Arutyunyan <arut@nginx.com>
parents:
9098
diff
changeset
|
396 c->listening->addr_text_max_len, 0); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
397 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
398 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
399 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
400 "quic send path set to seq:%uL addr:%V", |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
401 path->seqnum, &path->addr_text); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
402 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
403 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
404 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
405 ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
406 ngx_quic_handle_migration(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
407 { |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
408 ngx_quic_path_t *next, *bkp; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
409 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
410 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
411 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
412 /* got non-probing packet via non-active path */ |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
413 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
414 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
415 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
416 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
417 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
418 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
419 * RFC 9000, 9.3. Responding to Connection Migration |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
420 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
421 * An endpoint only changes the address to which it sends packets in |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
422 * response to the highest-numbered non-probing packet. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
423 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
424 if (pkt->pn != ctx->largest_pn) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
425 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
426 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
427 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
428 next = pkt->path; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
429 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
430 /* |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
431 * RFC 9000, 9.3.3: |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
432 * |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
433 * In response to an apparent migration, endpoints MUST validate the |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
434 * previously active path using a PATH_CHALLENGE frame. |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
435 */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
436 if (pkt->rebound) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
437 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
438 /* NAT rebinding: client uses new path with old SID */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
439 if (ngx_quic_validate_path(c, qc->path) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
440 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
441 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
442 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
443 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
444 if (qc->path->validated) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
445 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
446 if (next->tag != NGX_QUIC_PATH_BACKUP) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
447 /* can delete backup path, if any */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
448 bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
449 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
450 if (bkp && ngx_quic_free_path(c, bkp) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
451 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
452 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
453 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
454 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
455 qc->path->tag = NGX_QUIC_PATH_BACKUP; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
456 ngx_quic_path_dbg(c, "is now backup", qc->path); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
457 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
458 } else { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
459 if (ngx_quic_free_path(c, qc->path) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
460 return NGX_ERROR; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
461 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
462 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
463 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
464 /* switch active path to migrated */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
465 qc->path = next; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
466 qc->path->tag = NGX_QUIC_PATH_ACTIVE; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
467 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
468 ngx_quic_set_connection_path(c, next); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
469 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
470 if (!next->validated && !next->validating) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
471 if (ngx_quic_validate_path(c, next) != NGX_OK) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
472 return NGX_ERROR; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
473 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
474 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
475 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
476 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
477 "quic migrated to path seq:%uL addr:%V", |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
478 qc->path->seqnum, &qc->path->addr_text); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
479 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
480 ngx_quic_path_dbg(c, "is now active", qc->path); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
481 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
482 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
483 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
484 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
485 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
486 static ngx_int_t |
|
8944
b7284807b4fa
QUIC: refactored ngx_quic_validate_path().
Vladimir Homutov <vl@nginx.com>
parents:
8943
diff
changeset
|
487 ngx_quic_validate_path(ngx_connection_t *c, ngx_quic_path_t *path) |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
488 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
489 ngx_msec_t pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
490 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
491 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
492 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
493 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
494 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
495 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
496 "quic initiated validation of path seq:%uL", path->seqnum); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
497 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
498 path->validating = 1; |
|
9096
c6db94ec3841
QUIC: separated path validation retransmit backoff.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9029
diff
changeset
|
499 path->tries = 0; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
500 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
501 if (RAND_bytes(path->challenge1, 8) != 1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
502 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
503 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
504 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
505 if (RAND_bytes(path->challenge2, 8) != 1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
506 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
507 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
508 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
509 if (ngx_quic_send_path_challenge(c, path) != NGX_OK) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
510 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
511 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
512 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
513 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
|
9097
a9fef6ca45a8
QUIC: lower bound path validation PTO.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9096
diff
changeset
|
514 pto = ngx_max(ngx_quic_pto(c, ctx), 1000); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
515 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
516 path->expires = ngx_current_msec + pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
517 |
|
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
518 ngx_quic_set_path_timer(c); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
519 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
520 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
521 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
522 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
523 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
524 static ngx_int_t |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
525 ngx_quic_send_path_challenge(ngx_connection_t *c, ngx_quic_path_t *path) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
526 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
527 ngx_quic_frame_t frame; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
528 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
529 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
530 "quic path seq:%uL send path_challenge tries:%ui", |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
531 path->seqnum, path->tries); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
532 |
|
8933
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8932
diff
changeset
|
533 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
|
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8932
diff
changeset
|
534 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
535 frame.level = ssl_encryption_application; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
536 frame.type = NGX_QUIC_FT_PATH_CHALLENGE; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
537 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
538 ngx_memcpy(frame.u.path_challenge.data, path->challenge1, 8); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
539 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
540 /* |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
541 * RFC 9000, 8.2.1. Initiating Path Validation |
|
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
542 * |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
543 * An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
544 * to at least the smallest allowed maximum datagram size of 1200 bytes, |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
545 * unless the anti-amplification limit for the path does not permit |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
546 * sending a datagram of this size. |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
547 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
548 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
549 /* same applies to PATH_RESPONSE frames */ |
|
8932
501f28679d56
QUIC: refactored ngx_quic_frame_sendto() function.
Vladimir Homutov <vl@nginx.com>
parents:
8917
diff
changeset
|
550 if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
551 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
552 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
553 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
554 ngx_memcpy(frame.u.path_challenge.data, path->challenge2, 8); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
555 |
|
8932
501f28679d56
QUIC: refactored ngx_quic_frame_sendto() function.
Vladimir Homutov <vl@nginx.com>
parents:
8917
diff
changeset
|
556 if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
557 return NGX_ERROR; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
558 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
559 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
560 return NGX_OK; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
561 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
562 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
563 |
|
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
564 static void |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
565 ngx_quic_set_path_timer(ngx_connection_t *c) |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
566 { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
567 ngx_msec_t now; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
568 ngx_queue_t *q; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
569 ngx_msec_int_t left, next; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
570 ngx_quic_path_t *path; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
571 ngx_quic_connection_t *qc; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
572 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
573 qc = ngx_quic_get_connection(c); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
574 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
575 now = ngx_current_msec; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
576 next = -1; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
577 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
578 for (q = ngx_queue_head(&qc->paths); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
579 q != ngx_queue_sentinel(&qc->paths); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
580 q = ngx_queue_next(q)) |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
581 { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
582 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
583 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
584 if (!path->validating) { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
585 continue; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
586 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
587 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
588 left = path->expires - now; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
589 left = ngx_max(left, 1); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
590 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
591 if (next == -1 || left < next) { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
592 next = left; |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
593 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
594 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
595 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
596 if (next != -1) { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
597 ngx_add_timer(&qc->path_validation, next); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
598 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
599 } else if (qc->path_validation.timer_set) { |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
600 ngx_del_timer(&qc->path_validation); |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
601 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
602 } |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
603 |
|
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
604 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
605 void |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
606 ngx_quic_path_validation_handler(ngx_event_t *ev) |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
607 { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
608 ngx_msec_t now; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
609 ngx_queue_t *q; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
610 ngx_msec_int_t left, next, pto; |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
611 ngx_quic_path_t *path, *bkp; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
612 ngx_connection_t *c; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
613 ngx_quic_send_ctx_t *ctx; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
614 ngx_quic_connection_t *qc; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
615 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
616 c = ev->data; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
617 qc = ngx_quic_get_connection(c); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
618 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
619 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
620 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
621 next = -1; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
622 now = ngx_current_msec; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
623 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
624 q = ngx_queue_head(&qc->paths); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
625 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
626 while (q != ngx_queue_sentinel(&qc->paths)) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
627 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
628 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
629 q = ngx_queue_next(q); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
630 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
631 if (!path->validating) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
632 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
633 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
634 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
635 left = path->expires - now; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
636 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
637 if (left > 0) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
638 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
639 if (next == -1 || left < next) { |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
640 next = left; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
641 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
642 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
643 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
644 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
645 |
|
9096
c6db94ec3841
QUIC: separated path validation retransmit backoff.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9029
diff
changeset
|
646 if (++path->tries < NGX_QUIC_PATH_RETRIES) { |
|
9097
a9fef6ca45a8
QUIC: lower bound path validation PTO.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9096
diff
changeset
|
647 pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries; |
|
9096
c6db94ec3841
QUIC: separated path validation retransmit backoff.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9029
diff
changeset
|
648 |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
649 path->expires = ngx_current_msec + pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
650 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
651 if (next == -1 || pto < next) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
652 next = pto; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
653 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
654 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
655 /* retransmit */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
656 (void) ngx_quic_send_path_challenge(c, path); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
657 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
658 continue; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
659 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
660 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
661 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
662 "quic path seq:%uL validation failed", path->seqnum); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
663 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
664 /* found expired path */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
665 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
666 path->validated = 0; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
667 path->validating = 0; |
|
8940
fb41e37ddeb0
QUIC: decoupled path state and limitation status.
Vladimir Homutov <vl@nginx.com>
parents:
8939
diff
changeset
|
668 path->limited = 1; |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
669 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
670 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
671 /* RFC 9000, 9.3.2. On-Path Address Spoofing |
|
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
672 * |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
673 * To protect the connection from failing due to such a spurious |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
674 * migration, an endpoint MUST revert to using the last validated |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
675 * peer address when validation of a new peer address fails. |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
676 */ |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
677 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
678 if (qc->path == path) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
679 /* active path validation failed */ |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
680 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
681 bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
682 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
683 if (bkp == NULL) { |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
684 qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
685 qc->error_reason = "no viable path"; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
686 ngx_quic_close_connection(c, NGX_ERROR); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
687 return; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
688 } |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
689 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
690 qc->path = bkp; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
691 qc->path->tag = NGX_QUIC_PATH_ACTIVE; |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
692 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
693 ngx_quic_set_connection_path(c, qc->path); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
694 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
695 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
696 "quic path seq:%uL addr:%V is restored from backup", |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
697 qc->path->seqnum, &qc->path->addr_text); |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
698 |
|
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
699 ngx_quic_path_dbg(c, "is active", qc->path); |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
700 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
701 |
|
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
702 if (ngx_quic_free_path(c, path) != NGX_OK) { |
|
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
703 ngx_quic_close_connection(c, NGX_ERROR); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
704 return; |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
705 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
706 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
707 |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
708 if (next != -1) { |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
709 ngx_add_timer(&qc->path_validation, next); |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
710 } |
|
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
711 } |