Mercurial > hg > nginx
annotate src/event/quic/ngx_event_quic.c @ 9280:da400acf3756
QUIC: fixed close timer processing with early data.
The ngx_quic_run() function uses qc->close timer to limit the handshake
duration. Normally it is removed by ngx_quic_do_init_streams() which is
called once when we are done with initial SSL processing.
The problem happens when the client sends early data and streams are
initialized in the ngx_quic_run() -> ngx_quic_handle_datagram() call.
The order of set/remove timer calls is now reversed; the close timer is
set up and the timer fires when assigned, starting the unexpected connection
close process.
The fix is to skip setting the timer if streams were initialized during
handling of the initial datagram. The idle timer for quic is set anyway,
and stream-related timeouts are managed by application layer.
author | Vladimir Khomutov <vl@wbsrv.ru> |
---|---|
date | Wed, 10 Apr 2024 09:38:10 +0300 |
parents | ff452f283aa9 |
children |
rev | line source |
---|---|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2 /* |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
4 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
5 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
6 |
8171 | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
9 #include <ngx_event.h> |
8736
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8735
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
11 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
12 |
8561
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8560
diff
changeset
|
13 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
14 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
15 static ngx_int_t ngx_quic_handle_stateless_reset(ngx_connection_t *c, |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
16 ngx_quic_header_t *pkt); |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
17 static void ngx_quic_input_handler(ngx_event_t *rev); |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
18 static void ngx_quic_close_handler(ngx_event_t *ev); |
8225 | 19 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
20 static ngx_int_t ngx_quic_handle_datagram(ngx_connection_t *c, ngx_buf_t *b, |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
21 ngx_quic_conf_t *conf); |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
22 static ngx_int_t ngx_quic_handle_packet(ngx_connection_t *c, |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
23 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
24 static ngx_int_t ngx_quic_handle_payload(ngx_connection_t *c, |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
25 ngx_quic_header_t *pkt); |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
26 static ngx_int_t ngx_quic_check_csid(ngx_quic_connection_t *qc, |
8361 | 27 ngx_quic_header_t *pkt); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
28 static ngx_int_t ngx_quic_handle_frames(ngx_connection_t *c, |
8225 | 29 ngx_quic_header_t *pkt); |
8751
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8750
diff
changeset
|
30 |
8309 | 31 static void ngx_quic_push_handler(ngx_event_t *ev); |
8225 | 32 |
33 | |
8674 | 34 static ngx_core_module_t ngx_quic_module_ctx = { |
35 ngx_string("quic"), | |
36 NULL, | |
37 NULL | |
38 }; | |
39 | |
40 | |
41 ngx_module_t ngx_quic_module = { | |
42 NGX_MODULE_V1, | |
43 &ngx_quic_module_ctx, /* module context */ | |
44 NULL, /* module directives */ | |
45 NGX_CORE_MODULE, /* module type */ | |
46 NULL, /* init master */ | |
47 NULL, /* init module */ | |
48 NULL, /* init process */ | |
49 NULL, /* init thread */ | |
50 NULL, /* exit thread */ | |
51 NULL, /* exit process */ | |
52 NULL, /* exit master */ | |
53 NGX_MODULE_V1_PADDING | |
54 }; | |
55 | |
56 | |
8604
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
57 #if (NGX_DEBUG) |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
58 |
8751
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8750
diff
changeset
|
59 void |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
60 ngx_quic_connstate_dbg(ngx_connection_t *c) |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
61 { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
62 u_char *p, *last; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
63 ngx_quic_connection_t *qc; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
64 u_char buf[NGX_MAX_ERROR_STR]; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
65 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
66 p = buf; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
67 last = p + sizeof(buf); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
68 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
69 qc = ngx_quic_get_connection(c); |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
70 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
71 p = ngx_slprintf(p, last, "state:"); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
72 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
73 if (qc) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
74 |
9048
9c427e98d8c1
QUIC: treat qc->error == -1 as a missing error.
Roman Arutyunyan <arut@nginx.com>
parents:
9025
diff
changeset
|
75 if (qc->error != (ngx_uint_t) -1) { |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
76 p = ngx_slprintf(p, last, "%s", qc->error_app ? " app" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
77 p = ngx_slprintf(p, last, " error:%ui", qc->error); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
78 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
79 if (qc->error_reason) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
80 p = ngx_slprintf(p, last, " \"%s\"", qc->error_reason); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
81 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
82 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
83 |
8724
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
84 p = ngx_slprintf(p, last, "%s", qc->shutdown ? " shutdown" : ""); |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
85 p = ngx_slprintf(p, last, "%s", qc->closing ? " closing" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
86 p = ngx_slprintf(p, last, "%s", qc->draining ? " draining" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
87 p = ngx_slprintf(p, last, "%s", qc->key_phase ? " kp" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
88 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
89 } else { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
90 p = ngx_slprintf(p, last, " early"); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
91 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
92 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
93 if (c->read->timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
94 p = ngx_slprintf(p, last, |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
95 qc && qc->send_timer_set ? " send:%M" : " read:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
96 c->read->timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
97 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
98 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
99 if (qc) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
100 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
101 if (qc->push.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
102 p = ngx_slprintf(p, last, " push:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
103 qc->push.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
104 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
105 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
106 if (qc->pto.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
107 p = ngx_slprintf(p, last, " pto:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
108 qc->pto.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
109 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
110 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
111 if (qc->close.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
112 p = ngx_slprintf(p, last, " close:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
113 qc->close.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
114 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
115 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
116 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
117 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
118 "quic %*s", p - buf, buf); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
119 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
120 |
8604
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
121 #endif |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
122 |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
123 |
8753
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8752
diff
changeset
|
124 ngx_int_t |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
125 ngx_quic_apply_transport_params(ngx_connection_t *c, ngx_quic_tp_t *ctp) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
126 { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
127 ngx_str_t scid; |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
128 ngx_quic_connection_t *qc; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
129 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
130 qc = ngx_quic_get_connection(c); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
131 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
132 scid.data = qc->path->cid->id; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
133 scid.len = qc->path->cid->len; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
134 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
135 if (scid.len != ctp->initial_scid.len |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
136 || ngx_memcmp(scid.data, ctp->initial_scid.data, scid.len) != 0) |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
137 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
138 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
139 "quic client initial_source_connection_id mismatch"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
140 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
141 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
142 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
143 if (ctp->max_udp_payload_size < NGX_QUIC_MIN_INITIAL_SIZE |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
144 || ctp->max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
145 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
146 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
147 qc->error_reason = "invalid maximum packet size"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
148 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
149 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
150 "quic maximum packet size is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
151 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
152 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
153 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
154 if (ctp->active_connection_id_limit < 2) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
155 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
156 qc->error_reason = "invalid active_connection_id_limit"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
157 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
158 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
159 "quic active_connection_id_limit is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
160 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
161 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
162 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
163 if (ctp->ack_delay_exponent > 20) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
164 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
165 qc->error_reason = "invalid ack_delay_exponent"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
166 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
167 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
168 "quic ack_delay_exponent is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
169 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
170 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
171 |
8806
f8ad3dd142ad
QUIC: consider max_ack_delay=16384 invalid.
Roman Arutyunyan <arut@nginx.com>
parents:
8797
diff
changeset
|
172 if (ctp->max_ack_delay >= 16384) { |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
173 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
174 qc->error_reason = "invalid max_ack_delay"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
175 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
176 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
177 "quic max_ack_delay is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
178 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
179 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
180 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
181 if (ctp->max_idle_timeout > 0 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
182 && ctp->max_idle_timeout < qc->tp.max_idle_timeout) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
183 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
184 qc->tp.max_idle_timeout = ctp->max_idle_timeout; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
185 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
186 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
187 qc->streams.server_max_streams_bidi = ctp->initial_max_streams_bidi; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
188 qc->streams.server_max_streams_uni = ctp->initial_max_streams_uni; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
189 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
190 ngx_memcpy(&qc->ctp, ctp, sizeof(ngx_quic_tp_t)); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
191 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
192 return NGX_OK; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
193 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
194 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
195 |
8225 | 196 void |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
197 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) |
8225 | 198 { |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
199 ngx_int_t rc; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
200 ngx_quic_connection_t *qc; |
8225 | 201 |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
202 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
8225 | 203 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
204 rc = ngx_quic_handle_datagram(c, c->buffer, conf); |
8536
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
205 if (rc != NGX_OK) { |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
206 ngx_quic_close_connection(c, rc); |
8225 | 207 return; |
208 } | |
209 | |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
210 /* quic connection is now created */ |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
211 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
212 |
8686 | 213 ngx_add_timer(c->read, qc->tp.max_idle_timeout); |
9280
da400acf3756
QUIC: fixed close timer processing with early data.
Vladimir Khomutov <vl@wbsrv.ru>
parents:
9195
diff
changeset
|
214 |
da400acf3756
QUIC: fixed close timer processing with early data.
Vladimir Khomutov <vl@wbsrv.ru>
parents:
9195
diff
changeset
|
215 if (!qc->streams.initialized) { |
da400acf3756
QUIC: fixed close timer processing with early data.
Vladimir Khomutov <vl@wbsrv.ru>
parents:
9195
diff
changeset
|
216 ngx_add_timer(&qc->close, qc->conf->handshake_timeout); |
da400acf3756
QUIC: fixed close timer processing with early data.
Vladimir Khomutov <vl@wbsrv.ru>
parents:
9195
diff
changeset
|
217 } |
9158
ad3d34ddfdcc
QUIC: "handshake_timeout" configuration parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
9157
diff
changeset
|
218 |
8686 | 219 ngx_quic_connstate_dbg(c); |
8225 | 220 |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
221 c->read->handler = ngx_quic_input_handler; |
8225 | 222 |
223 return; | |
224 } | |
225 | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
226 |
8561
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8560
diff
changeset
|
227 static ngx_quic_connection_t * |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
228 ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, |
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
229 ngx_quic_header_t *pkt) |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
230 { |
8308
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
8307
diff
changeset
|
231 ngx_uint_t i; |
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
232 ngx_quic_tp_t *ctp; |
8225 | 233 ngx_quic_connection_t *qc; |
8387
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
234 |
8225 | 235 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
236 if (qc == NULL) { | |
8561
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8560
diff
changeset
|
237 return NULL; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
238 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
239 |
9025
e50f77a2d0b0
QUIC: removed ngx_quic_keys_new().
Vladimir Homutov <vl@nginx.com>
parents:
9024
diff
changeset
|
240 qc->keys = ngx_pcalloc(c->pool, sizeof(ngx_quic_keys_t)); |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
241 if (qc->keys == NULL) { |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
242 return NULL; |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
243 } |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
244 |
8624
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
245 qc->version = pkt->version; |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
246 |
8225 | 247 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
248 ngx_quic_rbtree_insert_stream); | |
249 | |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
250 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
8331
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
8328
diff
changeset
|
251 ngx_queue_init(&qc->send_ctx[i].frames); |
8822
ad046179eb91
QUIC: handle EAGAIN properly on UDP sockets.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
252 ngx_queue_init(&qc->send_ctx[i].sending); |
8331
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
8328
diff
changeset
|
253 ngx_queue_init(&qc->send_ctx[i].sent); |
8598
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8597
diff
changeset
|
254 qc->send_ctx[i].largest_pn = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8597
diff
changeset
|
255 qc->send_ctx[i].largest_ack = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8597
diff
changeset
|
256 qc->send_ctx[i].largest_range = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8597
diff
changeset
|
257 qc->send_ctx[i].pending_ack = NGX_QUIC_UNSET_PN; |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
258 } |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
259 |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
260 qc->send_ctx[0].level = ssl_encryption_initial; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
261 qc->send_ctx[1].level = ssl_encryption_handshake; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
262 qc->send_ctx[2].level = ssl_encryption_application; |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
263 |
8308
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
8307
diff
changeset
|
264 ngx_queue_init(&qc->free_frames); |
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
8307
diff
changeset
|
265 |
9195
ff452f283aa9
QUIC: reset RTT estimator for the new path.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9172
diff
changeset
|
266 ngx_quic_init_rtt(qc); |
8469
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
267 |
8472 | 268 qc->pto.log = c->log; |
269 qc->pto.data = c; | |
270 qc->pto.handler = ngx_quic_pto_handler; | |
8308
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
8307
diff
changeset
|
271 |
8309 | 272 qc->push.log = c->log; |
273 qc->push.data = c; | |
274 qc->push.handler = ngx_quic_push_handler; | |
275 | |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
276 qc->close.log = c->log; |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
277 qc->close.data = c; |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
278 qc->close.handler = ngx_quic_close_handler; |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
279 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
280 qc->path_validation.log = c->log; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
281 qc->path_validation.data = c; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9144
diff
changeset
|
282 qc->path_validation.handler = ngx_quic_path_handler; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
283 |
9152
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
284 qc->key_update.log = c->log; |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
285 qc->key_update.data = c; |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
286 qc->key_update.handler = ngx_quic_keys_update; |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
287 |
8481
0d2b2664b41c
QUIC: added "quic" listen parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
8480
diff
changeset
|
288 qc->conf = conf; |
8924
d6ef13c5fd8e
QUIC: simplified configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8913
diff
changeset
|
289 |
d6ef13c5fd8e
QUIC: simplified configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8913
diff
changeset
|
290 if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) { |
d6ef13c5fd8e
QUIC: simplified configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8913
diff
changeset
|
291 return NULL; |
d6ef13c5fd8e
QUIC: simplified configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8913
diff
changeset
|
292 } |
8225 | 293 |
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
294 ctp = &qc->ctp; |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
295 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
296 /* defaults to be used before actual client parameters are received */ |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9144
diff
changeset
|
297 ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE; |
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
298 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
299 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
300 ctp->active_connection_id_limit = 2; |
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
301 |
8827
fe919fd63b0b
QUIC: client certificate validation with OCSP.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8822
diff
changeset
|
302 ngx_queue_init(&qc->streams.uninitialized); |
9010 | 303 ngx_queue_init(&qc->streams.free); |
8827
fe919fd63b0b
QUIC: client certificate validation with OCSP.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8822
diff
changeset
|
304 |
8365
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
305 qc->streams.recv_max_data = qc->tp.initial_max_data; |
8791
af33d1ef1c3c
QUIC: stream flow control refactored.
Roman Arutyunyan <arut@nginx.com>
parents:
8782
diff
changeset
|
306 qc->streams.recv_window = qc->streams.recv_max_data; |
8338
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
8337
diff
changeset
|
307 |
8496
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8495
diff
changeset
|
308 qc->streams.client_max_streams_uni = qc->tp.initial_max_streams_uni; |
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8495
diff
changeset
|
309 qc->streams.client_max_streams_bidi = qc->tp.initial_max_streams_bidi; |
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8495
diff
changeset
|
310 |
8415
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8413
diff
changeset
|
311 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8413
diff
changeset
|
312 ngx_max(2 * qc->tp.max_udp_payload_size, |
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8413
diff
changeset
|
313 14720)); |
8623
8550b91e8e35
QUIC: added proper logging of special values.
Vladimir Homutov <vl@nginx.com>
parents:
8622
diff
changeset
|
314 qc->congestion.ssthresh = (size_t) -1; |
8364
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
8363
diff
changeset
|
315 qc->congestion.recovery_start = ngx_current_msec; |
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
8363
diff
changeset
|
316 |
8746
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
317 if (pkt->validated && pkt->retried) { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
318 qc->tp.retry_scid.len = pkt->dcid.len; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
319 qc->tp.retry_scid.data = ngx_pstrdup(c->pool, &pkt->dcid); |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
320 if (qc->tp.retry_scid.data == NULL) { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
321 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
322 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
323 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
324 |
9024
f2925c80401c
QUIC: avoided pool usage in ngx_quic_protection.c.
Vladimir Homutov <vl@nginx.com>
parents:
9017
diff
changeset
|
325 if (ngx_quic_keys_set_initial_secret(qc->keys, &pkt->dcid, c->log) |
8746
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
326 != NGX_OK) |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
327 { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
328 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
329 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
330 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
331 qc->validated = pkt->validated; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
332 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
333 if (ngx_quic_open_sockets(c, qc, pkt) != NGX_OK) { |
9172
4ccb0d973206
QUIC: reusing crypto contexts for packet protection.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9168
diff
changeset
|
334 ngx_quic_keys_cleanup(qc->keys); |
8746
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
335 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
336 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
337 |
9055
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
338 c->idle = 1; |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
339 ngx_reusable_connection(c, 1); |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
340 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
341 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
342 "quic connection created"); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
343 |
8746
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
344 return qc; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
345 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
346 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
347 |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
348 static ngx_int_t |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
349 ngx_quic_handle_stateless_reset(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
350 { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
351 u_char *tail, ch; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
352 ngx_uint_t i; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
353 ngx_queue_t *q; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
354 ngx_quic_client_id_t *cid; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
355 ngx_quic_connection_t *qc; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
356 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
357 qc = ngx_quic_get_connection(c); |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
358 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
359 /* A stateless reset uses an entire UDP datagram */ |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
360 if (!pkt->first) { |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
361 return NGX_DECLINED; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
362 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
363 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
364 tail = pkt->raw->last - NGX_QUIC_SR_TOKEN_LEN; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
365 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
366 for (q = ngx_queue_head(&qc->client_ids); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
367 q != ngx_queue_sentinel(&qc->client_ids); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
368 q = ngx_queue_next(q)) |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
369 { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
370 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
371 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
372 if (cid->seqnum == 0 || !cid->used) { |
8877
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8846
diff
changeset
|
373 /* |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8846
diff
changeset
|
374 * No stateless reset token in initial connection id. |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8846
diff
changeset
|
375 * Don't accept a token from an unused connection id. |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8846
diff
changeset
|
376 */ |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
377 continue; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
378 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
379 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
380 /* constant time comparison */ |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
381 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
382 for (ch = 0, i = 0; i < NGX_QUIC_SR_TOKEN_LEN; i++) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
383 ch |= tail[i] ^ cid->sr_token[i]; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
384 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
385 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
386 if (ch == 0) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
387 return NGX_OK; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
388 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
389 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
390 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
391 return NGX_DECLINED; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
392 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
393 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
394 |
8225 | 395 static void |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
396 ngx_quic_input_handler(ngx_event_t *rev) |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
397 { |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
398 ngx_int_t rc; |
8730
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8724
diff
changeset
|
399 ngx_buf_t *b; |
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
400 ngx_connection_t *c; |
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
401 ngx_quic_connection_t *qc; |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
402 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
403 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
404 |
8225 | 405 c = rev->data; |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
406 qc = ngx_quic_get_connection(c); |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
407 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
408 c->log->action = "handling quic input"; |
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
409 |
8225 | 410 if (rev->timedout) { |
8361 | 411 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, |
412 "quic client timed out"); | |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
413 ngx_quic_close_connection(c, NGX_DONE); |
8225 | 414 return; |
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
415 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
416 |
8225 | 417 if (c->close) { |
9055
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
418 c->close = 0; |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
419 |
9160
dd5fd5719027
QUIC: do not call shutdown() when handshake is in progress.
Roman Arutyunyan <arut@nginx.com>
parents:
9158
diff
changeset
|
420 if (!ngx_exiting || !qc->streams.initialized) { |
9055
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
421 qc->error = NGX_QUIC_ERR_NO_ERROR; |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
422 qc->error_reason = "graceful shutdown"; |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
423 ngx_quic_close_connection(c, NGX_ERROR); |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
424 return; |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
425 } |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
426 |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
427 if (!qc->closing && qc->conf->shutdown) { |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
428 qc->conf->shutdown(c); |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
429 } |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
430 |
8225 | 431 return; |
432 } | |
8220
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8218
diff
changeset
|
433 |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
434 b = c->udp->buffer; |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
435 if (b == NULL) { |
8225 | 436 return; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
437 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
438 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
439 rc = ngx_quic_handle_datagram(c, b, NULL); |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
440 |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
441 if (rc == NGX_ERROR) { |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
442 ngx_quic_close_connection(c, NGX_ERROR); |
8225 | 443 return; |
444 } | |
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
445 |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
446 if (rc == NGX_DONE) { |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
447 return; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
448 } |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
449 |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
450 /* rc == NGX_OK */ |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
451 |
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
452 qc->send_timer_set = 0; |
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
453 ngx_add_timer(rev, qc->tp.max_idle_timeout); |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
454 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
455 ngx_quic_connstate_dbg(c); |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
456 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
457 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
458 |
8736
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8735
diff
changeset
|
459 void |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
460 ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
461 { |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
462 ngx_uint_t i; |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
463 ngx_pool_t *pool; |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
464 ngx_quic_send_ctx_t *ctx; |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
465 ngx_quic_connection_t *qc; |
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
466 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
467 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
468 |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
469 if (qc == NULL) { |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
470 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
471 "quic packet rejected rc:%i, cleanup connection", rc); |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
472 goto quic_done; |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
473 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
474 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
475 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
476 "quic close %s rc:%i", |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
477 qc->closing ? "resumed": "initiated", rc); |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
478 |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
479 if (!qc->closing) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
480 |
8398
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
8397
diff
changeset
|
481 /* drop packets from retransmit queues, no ack is expected */ |
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
8397
diff
changeset
|
482 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
9092
9553eea74f2a
QUIC: optimized immediate close.
Roman Arutyunyan <arut@nginx.com>
parents:
9056
diff
changeset
|
483 ngx_quic_free_frames(c, &qc->send_ctx[i].frames); |
8652
e9bd4305e68b
QUIC: fixed send contexts cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8651
diff
changeset
|
484 ngx_quic_free_frames(c, &qc->send_ctx[i].sent); |
8398
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
8397
diff
changeset
|
485 } |
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
8397
diff
changeset
|
486 |
9158
ad3d34ddfdcc
QUIC: "handshake_timeout" configuration parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
9157
diff
changeset
|
487 if (qc->close.timer_set) { |
ad3d34ddfdcc
QUIC: "handshake_timeout" configuration parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
9157
diff
changeset
|
488 ngx_del_timer(&qc->close); |
ad3d34ddfdcc
QUIC: "handshake_timeout" configuration parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
9157
diff
changeset
|
489 } |
ad3d34ddfdcc
QUIC: "handshake_timeout" configuration parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
9157
diff
changeset
|
490 |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
491 if (rc == NGX_DONE) { |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
492 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
493 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
494 * RFC 9000, 10.1. Idle Timeout |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
495 * |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
496 * If a max_idle_timeout is specified by either endpoint in its |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
497 * transport parameters (Section 18.2), the connection is silently |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
498 * closed and its state is discarded when it remains idle |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
499 */ |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
500 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
501 /* this case also handles some errors from ngx_quic_run() */ |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
502 |
9015
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9011
diff
changeset
|
503 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9011
diff
changeset
|
504 "quic close silent drain:%d timedout:%d", |
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9011
diff
changeset
|
505 qc->draining, c->read->timedout); |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
506 } else { |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
507 |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
508 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
509 * RFC 9000, 10.2. Immediate Close |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
510 * |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
511 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
512 * to terminate the connection immediately. |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
513 */ |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
514 |
9049
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
515 if (qc->error == (ngx_uint_t) -1) { |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
516 qc->error = NGX_QUIC_ERR_INTERNAL_ERROR; |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
517 qc->error_app = 0; |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
518 } |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
519 |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
520 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
521 "quic close immediate term:%d drain:%d " |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
522 "%serror:%ui \"%s\"", |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
523 rc == NGX_ERROR ? 1 : 0, qc->draining, |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
524 qc->error_app ? "app " : "", qc->error, |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
525 qc->error_reason ? qc->error_reason : ""); |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
526 |
9156
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
527 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
528 ctx = &qc->send_ctx[i]; |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
529 |
9168
ff98ae7d261e
QUIC: split keys availability checks to read and write sides.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9162
diff
changeset
|
530 if (!ngx_quic_keys_available(qc->keys, ctx->level, 1)) { |
9156
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
531 continue; |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
532 } |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
533 |
9156
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
534 qc->error_level = ctx->level; |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
535 (void) ngx_quic_send_cc(c); |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
536 |
9162
f9845e4b5c14
QUIC: simplified setting close timer when closing connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9160
diff
changeset
|
537 if (rc == NGX_OK) { |
9156
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
538 ngx_add_timer(&qc->close, 3 * ngx_quic_pto(c, ctx)); |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
539 } |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
540 } |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
541 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
542 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
543 qc->closing = 1; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
544 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
545 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
546 if (rc == NGX_ERROR && qc->close.timer_set) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
547 /* do not wait for timer in case of fatal error */ |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
548 ngx_del_timer(&qc->close); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
549 } |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
550 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
551 if (ngx_quic_close_streams(c, qc) == NGX_AGAIN) { |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
552 return; |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
553 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
554 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
555 if (qc->push.timer_set) { |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
556 ngx_del_timer(&qc->push); |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
557 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
558 |
8472 | 559 if (qc->pto.timer_set) { |
560 ngx_del_timer(&qc->pto); | |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
561 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
562 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
563 if (qc->path_validation.timer_set) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
564 ngx_del_timer(&qc->path_validation); |
8434
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8433
diff
changeset
|
565 } |
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8433
diff
changeset
|
566 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
567 if (qc->push.posted) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
568 ngx_delete_posted_event(&qc->push); |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
569 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
570 |
9152
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
571 if (qc->key_update.posted) { |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
572 ngx_delete_posted_event(&qc->key_update); |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
573 } |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
574 |
8553
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8546
diff
changeset
|
575 if (qc->close.timer_set) { |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
576 return; |
8553
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8546
diff
changeset
|
577 } |
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8546
diff
changeset
|
578 |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
579 if (qc->close.posted) { |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
580 ngx_delete_posted_event(&qc->close); |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
581 } |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
582 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
583 ngx_quic_close_sockets(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
584 |
9172
4ccb0d973206
QUIC: reusing crypto contexts for packet protection.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9168
diff
changeset
|
585 ngx_quic_keys_cleanup(qc->keys); |
4ccb0d973206
QUIC: reusing crypto contexts for packet protection.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9168
diff
changeset
|
586 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
587 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic close completed"); |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
588 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
589 /* may be tested from SSL callback during SSL shutdown */ |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
590 c->udp = NULL; |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
591 |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
592 quic_done: |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
593 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
594 if (c->ssl) { |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
595 (void) ngx_ssl_shutdown(c); |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
596 } |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
597 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
598 if (c->read->timer_set) { |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
599 ngx_del_timer(c->read); |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
600 } |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
601 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
602 #if (NGX_STAT_STUB) |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
603 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
604 #endif |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
605 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
606 c->destroyed = 1; |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
607 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
608 pool = c->pool; |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
609 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
610 ngx_close_connection(c); |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
611 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
612 ngx_destroy_pool(pool); |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
613 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
614 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
615 |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
616 void |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
617 ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
618 const char *reason) |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
619 { |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
620 ngx_quic_connection_t *qc; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
621 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
622 qc = ngx_quic_get_connection(c); |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
623 |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
624 if (qc->closing) { |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
625 return; |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
626 } |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
627 |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
628 qc->error = err; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
629 qc->error_reason = reason; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
630 qc->error_app = 1; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
631 qc->error_ftype = 0; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
632 |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
633 ngx_post_event(&qc->close, &ngx_posted_events); |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
634 } |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
635 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
636 |
8724
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
637 void |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
638 ngx_quic_shutdown_connection(ngx_connection_t *c, ngx_uint_t err, |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
639 const char *reason) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
640 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
641 ngx_quic_connection_t *qc; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
642 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
643 qc = ngx_quic_get_connection(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
644 qc->shutdown = 1; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
645 qc->shutdown_code = err; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
646 qc->shutdown_reason = reason; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
647 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
648 ngx_quic_shutdown_quic(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
649 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
650 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
651 |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
652 static void |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
653 ngx_quic_close_handler(ngx_event_t *ev) |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
654 { |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
655 ngx_connection_t *c; |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
656 |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
657 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic close handler"); |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
658 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
659 c = ev->data; |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
660 |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
661 ngx_quic_close_connection(c, NGX_OK); |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
662 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
663 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
664 |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
665 static ngx_int_t |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
666 ngx_quic_handle_datagram(ngx_connection_t *c, ngx_buf_t *b, |
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
667 ngx_quic_conf_t *conf) |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
668 { |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
669 size_t size; |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
670 u_char *p, *start; |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
671 ngx_int_t rc; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
672 ngx_uint_t good; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
673 ngx_quic_path_t *path; |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
674 ngx_quic_header_t pkt; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
675 ngx_quic_connection_t *qc; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
676 |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
677 good = 0; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
678 path = NULL; |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
679 |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
680 size = b->last - b->pos; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
681 |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
682 p = start = b->pos; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
683 |
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
684 while (p < b->last) { |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
685 |
8225 | 686 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
687 pkt.raw = b; | |
688 pkt.data = p; | |
689 pkt.len = b->last - p; | |
690 pkt.log = c->log; | |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
691 pkt.first = (p == start) ? 1 : 0; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
692 pkt.path = path; |
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
693 pkt.flags = p[0]; |
8559
a89a58c642ef
QUIC: simplified packet header parsing.
Vladimir Homutov <vl@nginx.com>
parents:
8558
diff
changeset
|
694 pkt.raw->pos++; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
695 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
696 rc = ngx_quic_handle_packet(c, conf, &pkt); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
697 |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
698 #if (NGX_DEBUG) |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
699 if (pkt.parsed) { |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
700 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
701 "quic packet done rc:%i level:%s" |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
702 " decr:%d pn:%L perr:%ui", |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
703 rc, ngx_quic_level_name(pkt.level), |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
704 pkt.decrypted, pkt.pn, pkt.error); |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
705 } else { |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
706 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
707 "quic packet done rc:%i parse failed", rc); |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
708 } |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
709 #endif |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
710 |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
711 if (rc == NGX_ERROR || rc == NGX_DONE) { |
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
712 return rc; |
8686 | 713 } |
714 | |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
715 if (rc == NGX_OK) { |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
716 good = 1; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
717 } |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
718 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
719 path = pkt.path; /* preserve packet path from 1st packet */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
720 |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
721 /* NGX_OK || NGX_DECLINED */ |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
722 |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
723 /* |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
724 * we get NGX_DECLINED when there are no keys [yet] available |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
725 * to decrypt packet. |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
726 * Instead of queueing it, we ignore it and rely on the sender's |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
727 * retransmission: |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
728 * |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
729 * RFC 9000, 12.2. Coalescing Packets |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
730 * |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
731 * For example, if decryption fails (because the keys are |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
732 * not available or for any other reason), the receiver MAY either |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
733 * discard or buffer the packet for later processing and MUST |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
734 * attempt to process the remaining packets. |
8535
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8533
diff
changeset
|
735 * |
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8533
diff
changeset
|
736 * We also skip packets that don't match connection state |
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8533
diff
changeset
|
737 * or cannot be parsed properly. |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
738 */ |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
739 |
8225 | 740 /* b->pos is at header end, adjust by actual packet length */ |
8558
0f37b4ef3cd9
QUIC: keep the entire packet size in pkt->len.
Roman Arutyunyan <arut@nginx.com>
parents:
8557
diff
changeset
|
741 b->pos = pkt.data + pkt.len; |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
742 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
743 p = b->pos; |
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
744 } |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
745 |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
746 if (!good) { |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
747 return NGX_DONE; |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
748 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
749 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
750 qc = ngx_quic_get_connection(c); |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
751 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
752 if (qc) { |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
753 qc->received += size; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
754 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
755 if ((uint64_t) (c->sent + qc->received) / 8 > |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
756 (qc->streams.sent + qc->streams.recv_last) + 1048576) |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
757 { |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
758 ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic flood detected"); |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
759 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
760 qc->error = NGX_QUIC_ERR_NO_ERROR; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
761 qc->error_reason = "QUIC flood detected"; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
762 return NGX_ERROR; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
763 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
764 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
765 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
766 return NGX_OK; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
767 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
768 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
769 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
770 static ngx_int_t |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
771 ngx_quic_handle_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
772 ngx_quic_header_t *pkt) |
8383
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
773 { |
8536
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
774 ngx_int_t rc; |
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
775 ngx_quic_socket_t *qsock; |
8383
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
776 ngx_quic_connection_t *qc; |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
777 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
778 c->log->action = "parsing quic packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
779 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
780 rc = ngx_quic_parse_packet(pkt); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
781 |
8996 | 782 if (rc == NGX_ERROR) { |
783 return NGX_DECLINED; | |
8383
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
784 } |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
785 |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
786 pkt->parsed = 1; |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
787 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
788 c->log->action = "handling quic packet"; |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
789 |
8651
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
790 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
791 "quic packet rx dcid len:%uz %xV", |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
792 pkt->dcid.len, &pkt->dcid); |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
793 |
8578
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
794 #if (NGX_DEBUG) |
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
795 if (pkt->level != ssl_encryption_application) { |
8651
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
796 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
797 "quic packet rx scid len:%uz %xV", |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
798 pkt->scid.len, &pkt->scid); |
8578
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
799 } |
8641
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8639
diff
changeset
|
800 |
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8639
diff
changeset
|
801 if (pkt->level == ssl_encryption_initial) { |
8651
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
802 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
803 "quic address validation token len:%uz %xV", |
8651
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
804 pkt->token.len, &pkt->token); |
8641
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8639
diff
changeset
|
805 } |
8578
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
806 #endif |
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
807 |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
808 qc = ngx_quic_get_connection(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
809 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
810 if (qc) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
811 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
812 if (rc == NGX_ABORT) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
813 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
814 "quic unsupported version: 0x%xD", pkt->version); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
815 return NGX_DECLINED; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
816 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
817 |
8624
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
818 if (pkt->level != ssl_encryption_application) { |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
819 |
8624
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
820 if (pkt->version != qc->version) { |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
821 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
822 "quic version mismatch: 0x%xD", pkt->version); |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
823 return NGX_DECLINED; |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
824 } |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
825 |
8913
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
826 if (pkt->first) { |
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
827 qsock = ngx_quic_get_socket(c); |
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
828 |
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
829 if (ngx_cmp_sockaddr(&qsock->sockaddr.sockaddr, qsock->socklen, |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
830 qc->path->sockaddr, qc->path->socklen, 1) |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
831 != NGX_OK) |
8913
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
832 { |
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
833 /* packet comes from unknown path, possibly migration */ |
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
834 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
9015
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9011
diff
changeset
|
835 "quic too early migration attempt"); |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
836 return NGX_DONE; |
8913
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
837 } |
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
838 } |
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
839 |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
840 if (ngx_quic_check_csid(qc, pkt) != NGX_OK) { |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
841 return NGX_DECLINED; |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
842 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
843 |
8878
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8877
diff
changeset
|
844 } |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
845 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
846 rc = ngx_quic_handle_payload(c, pkt); |
8878
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8877
diff
changeset
|
847 |
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8877
diff
changeset
|
848 if (rc == NGX_DECLINED && pkt->level == ssl_encryption_application) { |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
849 if (ngx_quic_handle_stateless_reset(c, pkt) == NGX_OK) { |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
850 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
851 "quic stateless reset packet detected"); |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
852 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
853 qc->draining = 1; |
9112
d59277dd3d8c
QUIC: fixed post-close use-after-free.
Roman Arutyunyan <arut@nginx.com>
parents:
9092
diff
changeset
|
854 ngx_post_event(&qc->close, &ngx_posted_events); |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
855 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
856 return NGX_OK; |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
857 } |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
858 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
859 |
8878
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8877
diff
changeset
|
860 return rc; |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
861 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
862 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
863 /* packet does not belong to a connection */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
864 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
865 if (rc == NGX_ABORT) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
866 return ngx_quic_negotiate_version(c, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
867 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
868 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
869 if (pkt->level == ssl_encryption_application) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
870 return ngx_quic_send_stateless_reset(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
871 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
872 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
873 if (pkt->level != ssl_encryption_initial) { |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
874 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
875 "quic expected initial, got handshake"); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
876 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
877 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
878 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
879 c->log->action = "handling initial packet"; |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
880 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
881 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
882 /* RFC 9000, 7.2. Negotiating Connection IDs */ |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
883 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
884 "quic too short dcid in initial" |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
885 " packet: len:%i", pkt->dcid.len); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
886 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
887 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
888 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
889 /* process retry and initialize connection IDs */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
890 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
891 if (pkt->token.len) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
892 |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
893 rc = ngx_quic_validate_token(c, conf->av_token_key, pkt); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
894 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
895 if (rc == NGX_ERROR) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
896 /* internal error */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
897 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
898 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
899 } else if (rc == NGX_ABORT) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
900 /* token cannot be decrypted */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
901 return ngx_quic_send_early_cc(c, pkt, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
902 NGX_QUIC_ERR_INVALID_TOKEN, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
903 "cannot decrypt token"); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
904 } else if (rc == NGX_DECLINED) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
905 /* token is invalid */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
906 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
907 if (pkt->retried) { |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
908 /* invalid address validation token */ |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
909 return ngx_quic_send_early_cc(c, pkt, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
910 NGX_QUIC_ERR_INVALID_TOKEN, |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
911 "invalid address validation token"); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
912 } else if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
913 /* invalid NEW_TOKEN */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
914 return ngx_quic_send_retry(c, conf, pkt); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
915 } |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
916 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
917 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
918 /* NGX_OK */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
919 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
920 } else if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
921 return ngx_quic_send_retry(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
922 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
923 } else { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
924 pkt->odcid = pkt->dcid; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
925 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
926 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
927 if (ngx_terminate || ngx_exiting) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
928 if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
929 return ngx_quic_send_retry(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
930 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
931 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
932 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
933 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
934 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
935 c->log->action = "creating quic connection"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
936 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
937 qc = ngx_quic_new_connection(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
938 if (qc == NULL) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
939 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
940 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
941 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
942 return ngx_quic_handle_payload(c, pkt); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
943 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
944 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
945 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
946 static ngx_int_t |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
947 ngx_quic_handle_payload(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
948 { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
949 ngx_int_t rc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
950 ngx_quic_send_ctx_t *ctx; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
951 ngx_quic_connection_t *qc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
952 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
953 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
954 qc = ngx_quic_get_connection(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
955 |
9048
9c427e98d8c1
QUIC: treat qc->error == -1 as a missing error.
Roman Arutyunyan <arut@nginx.com>
parents:
9025
diff
changeset
|
956 qc->error = (ngx_uint_t) -1; |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
957 qc->error_reason = 0; |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
958 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
959 c->log->action = "decrypting packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
960 |
9168
ff98ae7d261e
QUIC: split keys availability checks to read and write sides.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9162
diff
changeset
|
961 if (!ngx_quic_keys_available(qc->keys, pkt->level, 0)) { |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
962 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8793
80d396fd8ee8
QUIC: improved errors readability.
Vladimir Homutov <vl@nginx.com>
parents:
8792
diff
changeset
|
963 "quic no %s keys, ignoring packet", |
80d396fd8ee8
QUIC: improved errors readability.
Vladimir Homutov <vl@nginx.com>
parents:
8792
diff
changeset
|
964 ngx_quic_level_name(pkt->level)); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
965 return NGX_DECLINED; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
966 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
967 |
8816
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
968 #if !defined (OPENSSL_IS_BORINGSSL) |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
969 /* OpenSSL provides read keys for an application level before it's ready */ |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
970 |
9157
daf8f5ba23d8
QUIC: removed use of SSL_quic_read_level and SSL_quic_write_level.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9156
diff
changeset
|
971 if (pkt->level == ssl_encryption_application && !c->ssl->handshaked) { |
8816
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
972 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
973 "quic no %s keys ready, ignoring packet", |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
974 ngx_quic_level_name(pkt->level)); |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
975 return NGX_DECLINED; |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
976 } |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
977 #endif |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
978 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
979 pkt->keys = qc->keys; |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
980 pkt->key_phase = qc->key_phase; |
8383
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
981 pkt->plaintext = buf; |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
982 |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
983 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
984 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
985 rc = ngx_quic_decrypt(pkt, &ctx->largest_pn); |
8536
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
986 if (rc != NGX_OK) { |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
987 qc->error = pkt->error; |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
988 qc->error_reason = "failed to decrypt packet"; |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
989 return rc; |
8223 | 990 } |
991 | |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
992 pkt->decrypted = 1; |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
993 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
994 c->log->action = "handling decrypted packet"; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
995 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
996 if (pkt->path == NULL) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
997 rc = ngx_quic_set_path(c, pkt); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
998 if (rc != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
999 return rc; |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
1000 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1001 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1002 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1003 if (c->ssl == NULL) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1004 if (ngx_quic_init_connection(c) != NGX_OK) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1005 return NGX_ERROR; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1006 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1007 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1008 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1009 if (pkt->level == ssl_encryption_handshake) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1010 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1011 * RFC 9001, 4.9.1. Discarding Initial Keys |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1012 * |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1013 * The successful use of Handshake packets indicates |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1014 * that no more Initial packets need to be exchanged |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1015 */ |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1016 ngx_quic_discard_ctx(c, ssl_encryption_initial); |
8611
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8610
diff
changeset
|
1017 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1018 if (!qc->path->validated) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1019 qc->path->validated = 1; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1020 ngx_quic_path_dbg(c, "in handshake", qc->path); |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
1021 ngx_post_event(&qc->push, &ngx_posted_events); |
8611
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8610
diff
changeset
|
1022 } |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1023 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1024 |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1025 if (qc->closing) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1026 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1027 * RFC 9000, 10.2. Immediate Close |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1028 * |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1029 * ... delayed or reordered packets are properly discarded. |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1030 * |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1031 * In the closing state, an endpoint retains only enough information |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1032 * to generate a packet containing a CONNECTION_CLOSE frame and to |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1033 * identify packets as belonging to the connection. |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1034 */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1035 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1036 qc->error_level = pkt->level; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1037 qc->error = NGX_QUIC_ERR_NO_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1038 qc->error_reason = "connection is closing, packet discarded"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1039 qc->error_ftype = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1040 qc->error_app = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1041 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1042 return ngx_quic_send_cc(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1043 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1044 |
8603
c5ea341f705a
QUIC: optimized acknowledgement generation.
Vladimir Homutov <vl@nginx.com>
parents:
8602
diff
changeset
|
1045 pkt->received = ngx_current_msec; |
8574
1d4417e4f2d0
QUIC: fixed measuring ACK Delay against 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8573
diff
changeset
|
1046 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
1047 c->log->action = "handling payload"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
1048 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1049 if (pkt->level != ssl_encryption_application) { |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1050 return ngx_quic_handle_frames(c, pkt); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1051 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1052 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1053 if (!pkt->key_update) { |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1054 return ngx_quic_handle_frames(c, pkt); |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1055 } |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1056 |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1057 /* switch keys and generate next on Key Phase change */ |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1058 |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1059 qc->key_phase ^= 1; |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1060 ngx_quic_keys_switch(c, qc->keys); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1061 |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1062 rc = ngx_quic_handle_frames(c, pkt); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1063 if (rc != NGX_OK) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1064 return rc; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1065 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1066 |
9152
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
1067 ngx_post_event(&qc->key_update, &ngx_posted_events); |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
1068 |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
1069 return NGX_OK; |
8223 | 1070 } |
1071 | |
1072 | |
8753
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8752
diff
changeset
|
1073 void |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1074 ngx_quic_discard_ctx(ngx_connection_t *c, enum ssl_encryption_level_t level) |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1075 { |
8507
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1076 ngx_queue_t *q; |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1077 ngx_quic_frame_t *f; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1078 ngx_quic_socket_t *qsock; |
8339
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8338
diff
changeset
|
1079 ngx_quic_send_ctx_t *ctx; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1080 ngx_quic_connection_t *qc; |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
1081 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
1082 qc = ngx_quic_get_connection(c); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1083 |
9168
ff98ae7d261e
QUIC: split keys availability checks to read and write sides.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9162
diff
changeset
|
1084 if (!ngx_quic_keys_available(qc->keys, level, 0) |
ff98ae7d261e
QUIC: split keys availability checks to read and write sides.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9162
diff
changeset
|
1085 && !ngx_quic_keys_available(qc->keys, level, 1)) |
ff98ae7d261e
QUIC: split keys availability checks to read and write sides.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9162
diff
changeset
|
1086 { |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1087 return; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1088 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1089 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1090 ngx_quic_keys_discard(qc->keys, level); |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1091 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1092 qc->pto_count = 0; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1093 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1094 ctx = ngx_quic_get_send_ctx(qc, level); |
8507
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1095 |
9011
f9c788f3f5cc
QUIC: ngx_quic_buffer_t object.
Roman Arutyunyan <arut@nginx.com>
parents:
9010
diff
changeset
|
1096 ngx_quic_free_buffer(c, &ctx->crypto); |
8782
b3f6ad181df4
QUIC: refactored CRYPTO and STREAM buffer ordering.
Roman Arutyunyan <arut@nginx.com>
parents:
8778
diff
changeset
|
1097 |
8507
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1098 while (!ngx_queue_empty(&ctx->sent)) { |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1099 q = ngx_queue_head(&ctx->sent); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1100 ngx_queue_remove(q); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1101 |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1102 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1103 ngx_quic_congestion_ack(c, f); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1104 ngx_quic_free_frame(c, f); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1105 } |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1106 |
8612
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1107 while (!ngx_queue_empty(&ctx->frames)) { |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1108 q = ngx_queue_head(&ctx->frames); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1109 ngx_queue_remove(q); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1110 |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1111 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1112 ngx_quic_free_frame(c, f); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1113 } |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1114 |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1115 if (level == ssl_encryption_initial) { |
9153
8f7e6d8c061e
QUIC: use last client dcid to receive initial packets.
Roman Arutyunyan <arut@nginx.com>
parents:
9152
diff
changeset
|
1116 /* close temporary listener with initial dcid */ |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1117 qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1118 if (qsock) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1119 ngx_quic_close_socket(c, qsock); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1120 } |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1121 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1122 |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1123 ctx->send_ack = 0; |
8697
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8696
diff
changeset
|
1124 |
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8696
diff
changeset
|
1125 ngx_quic_set_lost_timer(c); |
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1126 } |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1127 |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1128 |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1129 static ngx_int_t |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
1130 ngx_quic_check_csid(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) |
8361 | 1131 { |
8538
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1132 ngx_queue_t *q; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1133 ngx_quic_client_id_t *cid; |
8381
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8380
diff
changeset
|
1134 |
8538
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1135 for (q = ngx_queue_head(&qc->client_ids); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1136 q != ngx_queue_sentinel(&qc->client_ids); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1137 q = ngx_queue_next(q)) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1138 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1139 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1140 |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1141 if (pkt->scid.len == cid->len |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1142 && ngx_memcmp(pkt->scid.data, cid->id, cid->len) == 0) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1143 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1144 return NGX_OK; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1145 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1146 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1147 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1148 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1149 return NGX_ERROR; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1150 } |
8171 | 1151 |
1152 | |
8225 | 1153 static ngx_int_t |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1154 ngx_quic_handle_frames(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8225 | 1155 { |
1156 u_char *end, *p; | |
1157 ssize_t len; | |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1158 ngx_buf_t buf; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1159 ngx_uint_t do_close, nonprobing; |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1160 ngx_chain_t chain; |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1161 ngx_quic_frame_t frame; |
8225 | 1162 ngx_quic_connection_t *qc; |
1163 | |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
1164 qc = ngx_quic_get_connection(c); |
8225 | 1165 |
1166 p = pkt->payload.data; | |
1167 end = p + pkt->payload.len; | |
1168 | |
1169 do_close = 0; | |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1170 nonprobing = 0; |
8225 | 1171 |
1172 while (p < end) { | |
1173 | |
8275 | 1174 c->log->action = "parsing frames"; |
1175 | |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1176 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1177 ngx_memzero(&buf, sizeof(ngx_buf_t)); |
8659
d9f673d18e9b
QUIC: set the temporary flag for input frame buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8658
diff
changeset
|
1178 buf.temporary = 1; |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1179 |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1180 chain.buf = &buf; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1181 chain.next = NULL; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1182 frame.data = &chain; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1183 |
8240
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
8239
diff
changeset
|
1184 len = ngx_quic_parse_frame(pkt, p, end, &frame); |
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
1185 |
8225 | 1186 if (len < 0) { |
8385
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
8384
diff
changeset
|
1187 qc->error = pkt->error; |
8225 | 1188 return NGX_ERROR; |
1189 } | |
1190 | |
8604
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
1191 ngx_quic_log_frame(c->log, &frame, 0); |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
1192 |
8275 | 1193 c->log->action = "handling frames"; |
1194 | |
8225 | 1195 p += len; |
1196 | |
1197 switch (frame.type) { | |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1198 /* probing frames */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1199 case NGX_QUIC_FT_PADDING: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1200 case NGX_QUIC_FT_PATH_CHALLENGE: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1201 case NGX_QUIC_FT_PATH_RESPONSE: |
8776
901126931bd5
QUIC: consider NEW_CONNECTION_ID a probing frame.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
1202 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1203 break; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1204 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1205 /* non-probing frames */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1206 default: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1207 nonprobing = 1; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1208 break; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1209 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1210 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1211 switch (frame.type) { |
8225 | 1212 |
1213 case NGX_QUIC_FT_ACK: | |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1214 if (ngx_quic_handle_ack_frame(c, pkt, &frame) != NGX_OK) { |
8225 | 1215 return NGX_ERROR; |
1216 } | |
1217 | |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1218 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1219 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1220 case NGX_QUIC_FT_PADDING: |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1221 /* no action required */ |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1222 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1223 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1224 case NGX_QUIC_FT_CONNECTION_CLOSE: |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
1225 case NGX_QUIC_FT_CONNECTION_CLOSE_APP: |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1226 do_close = 1; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1227 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1228 } |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1229 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1230 /* got there with ack-eliciting packet */ |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1231 pkt->need_ack = 1; |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1232 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1233 switch (frame.type) { |
8225 | 1234 |
1235 case NGX_QUIC_FT_CRYPTO: | |
1236 | |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
1237 if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { |
8225 | 1238 return NGX_ERROR; |
1239 } | |
1240 | |
1241 break; | |
1242 | |
1243 case NGX_QUIC_FT_PING: | |
1244 break; | |
1245 | |
8820
4009f120cad4
QUIC: eliminated stream type from ngx_quic_stream_frame_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8816
diff
changeset
|
1246 case NGX_QUIC_FT_STREAM: |
8225 | 1247 |
8334
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8333
diff
changeset
|
1248 if (ngx_quic_handle_stream_frame(c, pkt, &frame) != NGX_OK) { |
8225 | 1249 return NGX_ERROR; |
1250 } | |
1251 | |
1252 break; | |
1253 | |
8237
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1254 case NGX_QUIC_FT_MAX_DATA: |
8365
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1255 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1256 if (ngx_quic_handle_max_data_frame(c, &frame.u.max_data) != NGX_OK) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1257 { |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1258 return NGX_ERROR; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1259 } |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1260 |
8237
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1261 break; |
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1262 |
8236
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1263 case NGX_QUIC_FT_STREAMS_BLOCKED: |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1264 case NGX_QUIC_FT_STREAMS_BLOCKED2: |
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1265 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1266 if (ngx_quic_handle_streams_blocked_frame(c, pkt, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1267 &frame.u.streams_blocked) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1268 != NGX_OK) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1269 { |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1270 return NGX_ERROR; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1271 } |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1272 |
8236
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1273 break; |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1274 |
8909
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1275 case NGX_QUIC_FT_DATA_BLOCKED: |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1276 |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1277 if (ngx_quic_handle_data_blocked_frame(c, pkt, |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1278 &frame.u.data_blocked) |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1279 != NGX_OK) |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1280 { |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1281 return NGX_ERROR; |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1282 } |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1283 |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1284 break; |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1285 |
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1286 case NGX_QUIC_FT_STREAM_DATA_BLOCKED: |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1287 |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1288 if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1289 &frame.u.stream_data_blocked) |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1290 != NGX_OK) |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1291 { |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1292 return NGX_ERROR; |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1293 } |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1294 |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1295 break; |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1296 |
8365
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1297 case NGX_QUIC_FT_MAX_STREAM_DATA: |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1298 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1299 if (ngx_quic_handle_max_stream_data_frame(c, pkt, |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1300 &frame.u.max_stream_data) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1301 != NGX_OK) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1302 { |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1303 return NGX_ERROR; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1304 } |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1305 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1306 break; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1307 |
8428
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1308 case NGX_QUIC_FT_RESET_STREAM: |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1309 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1310 if (ngx_quic_handle_reset_stream_frame(c, pkt, |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1311 &frame.u.reset_stream) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1312 != NGX_OK) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1313 { |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1314 return NGX_ERROR; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1315 } |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1316 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1317 break; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1318 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1319 case NGX_QUIC_FT_STOP_SENDING: |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1320 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1321 if (ngx_quic_handle_stop_sending_frame(c, pkt, |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1322 &frame.u.stop_sending) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1323 != NGX_OK) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1324 { |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1325 return NGX_ERROR; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1326 } |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1327 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1328 break; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1329 |
8495
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1330 case NGX_QUIC_FT_MAX_STREAMS: |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1331 case NGX_QUIC_FT_MAX_STREAMS2: |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1332 |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1333 if (ngx_quic_handle_max_streams_frame(c, pkt, &frame.u.max_streams) |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1334 != NGX_OK) |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1335 { |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1336 return NGX_ERROR; |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1337 } |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1338 |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1339 break; |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1340 |
8531
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1341 case NGX_QUIC_FT_PATH_CHALLENGE: |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1342 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1343 if (ngx_quic_handle_path_challenge_frame(c, pkt, |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1344 &frame.u.path_challenge) |
8531
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1345 != NGX_OK) |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1346 { |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1347 return NGX_ERROR; |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1348 } |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1349 |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1350 break; |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1351 |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1352 case NGX_QUIC_FT_PATH_RESPONSE: |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1353 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8776
diff
changeset
|
1354 if (ngx_quic_handle_path_response_frame(c, &frame.u.path_response) |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1355 != NGX_OK) |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1356 { |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1357 return NGX_ERROR; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1358 } |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1359 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1360 break; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1361 |
8325
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
8322
diff
changeset
|
1362 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8538
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1363 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8776
diff
changeset
|
1364 if (ngx_quic_handle_new_connection_id_frame(c, &frame.u.ncid) |
8538
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1365 != NGX_OK) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1366 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1367 return NGX_ERROR; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1368 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1369 |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1370 break; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1371 |
8325
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
8322
diff
changeset
|
1372 case NGX_QUIC_FT_RETIRE_CONNECTION_ID: |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1373 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8776
diff
changeset
|
1374 if (ngx_quic_handle_retire_connection_id_frame(c, |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1375 &frame.u.retire_cid) |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1376 != NGX_OK) |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1377 { |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1378 return NGX_ERROR; |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1379 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1380 |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1381 break; |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1382 |
8225 | 1383 default: |
8346
4e4485793418
Added MAX_STREAM_DATA stub handler.
Vladimir Homutov <vl@nginx.com>
parents:
8345
diff
changeset
|
1384 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8359 | 1385 "quic missing frame handler"); |
8225 | 1386 return NGX_ERROR; |
1387 } | |
1388 } | |
1389 | |
1390 if (p != end) { | |
1391 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
8605
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8604
diff
changeset
|
1392 "quic trailing garbage in payload:%ui bytes", end - p); |
8385
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
8384
diff
changeset
|
1393 |
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
8384
diff
changeset
|
1394 qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
8225 | 1395 return NGX_ERROR; |
1396 } | |
1397 | |
1398 if (do_close) { | |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
1399 qc->draining = 1; |
9112
d59277dd3d8c
QUIC: fixed post-close use-after-free.
Roman Arutyunyan <arut@nginx.com>
parents:
9092
diff
changeset
|
1400 ngx_post_event(&qc->close, &ngx_posted_events); |
8225 | 1401 } |
1402 | |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1403 if (pkt->path != qc->path && nonprobing) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1404 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1405 /* |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1406 * RFC 9000, 9.2. Initiating Connection Migration |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1407 * |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1408 * An endpoint can migrate a connection to a new local |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1409 * address by sending packets containing non-probing frames |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1410 * from that address. |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1411 */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1412 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1413 return NGX_ERROR; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1414 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1415 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1416 |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1417 if (ngx_quic_ack_packet(c, pkt) != NGX_OK) { |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1418 return NGX_ERROR; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1419 } |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1420 |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1421 return NGX_OK; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1422 } |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1423 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1424 |
8309 | 1425 static void |
1426 ngx_quic_push_handler(ngx_event_t *ev) | |
1427 { | |
8334
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8333
diff
changeset
|
1428 ngx_connection_t *c; |
8309 | 1429 |
8978
c37ea624c307
QUIC: changed debug message.
Roman Arutyunyan <arut@nginx.com>
parents:
8971
diff
changeset
|
1430 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic push handler"); |
8309 | 1431 |
1432 c = ev->data; | |
1433 | |
1434 if (ngx_quic_output(c) != NGX_OK) { | |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
1435 ngx_quic_close_connection(c, NGX_ERROR); |
8309 | 1436 return; |
1437 } | |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
1438 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
1439 ngx_quic_connstate_dbg(c); |
8309 | 1440 } |
1441 | |
1442 | |
8750
41807e581de9
QUIC: separate files for stream related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8749
diff
changeset
|
1443 void |
8724
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1444 ngx_quic_shutdown_quic(ngx_connection_t *c) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1445 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1446 ngx_quic_connection_t *qc; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1447 |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
1448 if (c->reusable) { |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
1449 qc = ngx_quic_get_connection(c); |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
1450 ngx_quic_finalize_connection(c, qc->shutdown_code, qc->shutdown_reason); |
8724
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1451 } |
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1452 } |