Mercurial > hg > nginx
annotate src/event/quic/ngx_event_quic.c @ 9157:daf8f5ba23d8
QUIC: removed use of SSL_quic_read_level and SSL_quic_write_level.
As explained in BoringSSL change[1], levels were introduced in the original
QUIC API to draw a line between when keys are released and when are active.
In the new QUIC API they are released in separate calls when it's needed.
BoringSSL has then a consideration to remove levels API, hence the change.
If not available e.g. from a QUIC packet header, levels can be taken based on
keys availability. The only real use of levels is to prevent using app keys
before they are active in QuicTLS that provides the old BoringSSL QUIC API,
it is replaced with an equivalent check of c->ssl->handshaked.
This change also removes OpenSSL compat shims since they are no longer used.
The only exception left is caching write level from the keylog callback in
the internal field which is a handy equivalent of checking keys availability.
[1] https://boringssl.googlesource.com/boringssl/+/1e859054
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Fri, 01 Sep 2023 20:31:46 +0400 |
parents | 36b59521a41c |
children | ad3d34ddfdcc |
rev | line source |
---|---|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2 /* |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
4 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
5 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
6 |
8171 | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
9 #include <ngx_event.h> |
8736
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8735
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
11 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
12 |
8561
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8560
diff
changeset
|
13 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
14 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
15 static ngx_int_t ngx_quic_handle_stateless_reset(ngx_connection_t *c, |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
16 ngx_quic_header_t *pkt); |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
17 static void ngx_quic_input_handler(ngx_event_t *rev); |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
18 static void ngx_quic_close_handler(ngx_event_t *ev); |
8225 | 19 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
20 static ngx_int_t ngx_quic_handle_datagram(ngx_connection_t *c, ngx_buf_t *b, |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
21 ngx_quic_conf_t *conf); |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
22 static ngx_int_t ngx_quic_handle_packet(ngx_connection_t *c, |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
23 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
24 static ngx_int_t ngx_quic_handle_payload(ngx_connection_t *c, |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
25 ngx_quic_header_t *pkt); |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
26 static ngx_int_t ngx_quic_check_csid(ngx_quic_connection_t *qc, |
8361 | 27 ngx_quic_header_t *pkt); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
28 static ngx_int_t ngx_quic_handle_frames(ngx_connection_t *c, |
8225 | 29 ngx_quic_header_t *pkt); |
8751
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8750
diff
changeset
|
30 |
8309 | 31 static void ngx_quic_push_handler(ngx_event_t *ev); |
8225 | 32 |
33 | |
8674 | 34 static ngx_core_module_t ngx_quic_module_ctx = { |
35 ngx_string("quic"), | |
36 NULL, | |
37 NULL | |
38 }; | |
39 | |
40 | |
41 ngx_module_t ngx_quic_module = { | |
42 NGX_MODULE_V1, | |
43 &ngx_quic_module_ctx, /* module context */ | |
44 NULL, /* module directives */ | |
45 NGX_CORE_MODULE, /* module type */ | |
46 NULL, /* init master */ | |
47 NULL, /* init module */ | |
48 NULL, /* init process */ | |
49 NULL, /* init thread */ | |
50 NULL, /* exit thread */ | |
51 NULL, /* exit process */ | |
52 NULL, /* exit master */ | |
53 NGX_MODULE_V1_PADDING | |
54 }; | |
55 | |
56 | |
8604
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
57 #if (NGX_DEBUG) |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
58 |
8751
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8750
diff
changeset
|
59 void |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
60 ngx_quic_connstate_dbg(ngx_connection_t *c) |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
61 { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
62 u_char *p, *last; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
63 ngx_quic_connection_t *qc; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
64 u_char buf[NGX_MAX_ERROR_STR]; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
65 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
66 p = buf; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
67 last = p + sizeof(buf); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
68 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
69 qc = ngx_quic_get_connection(c); |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
70 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
71 p = ngx_slprintf(p, last, "state:"); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
72 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
73 if (qc) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
74 |
9048
9c427e98d8c1
QUIC: treat qc->error == -1 as a missing error.
Roman Arutyunyan <arut@nginx.com>
parents:
9025
diff
changeset
|
75 if (qc->error != (ngx_uint_t) -1) { |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
76 p = ngx_slprintf(p, last, "%s", qc->error_app ? " app" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
77 p = ngx_slprintf(p, last, " error:%ui", qc->error); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
78 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
79 if (qc->error_reason) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
80 p = ngx_slprintf(p, last, " \"%s\"", qc->error_reason); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
81 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
82 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
83 |
8724
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
84 p = ngx_slprintf(p, last, "%s", qc->shutdown ? " shutdown" : ""); |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
85 p = ngx_slprintf(p, last, "%s", qc->closing ? " closing" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
86 p = ngx_slprintf(p, last, "%s", qc->draining ? " draining" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
87 p = ngx_slprintf(p, last, "%s", qc->key_phase ? " kp" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
88 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
89 } else { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
90 p = ngx_slprintf(p, last, " early"); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
91 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
92 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
93 if (c->read->timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
94 p = ngx_slprintf(p, last, |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
95 qc && qc->send_timer_set ? " send:%M" : " read:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
96 c->read->timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
97 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
98 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
99 if (qc) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
100 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
101 if (qc->push.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
102 p = ngx_slprintf(p, last, " push:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
103 qc->push.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
104 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
105 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
106 if (qc->pto.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
107 p = ngx_slprintf(p, last, " pto:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
108 qc->pto.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
109 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
110 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
111 if (qc->close.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
112 p = ngx_slprintf(p, last, " close:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
113 qc->close.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
114 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
115 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
116 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
117 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
118 "quic %*s", p - buf, buf); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
119 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
120 |
8604
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
121 #endif |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
122 |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
123 |
8753
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8752
diff
changeset
|
124 ngx_int_t |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
125 ngx_quic_apply_transport_params(ngx_connection_t *c, ngx_quic_tp_t *ctp) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
126 { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
127 ngx_str_t scid; |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
128 ngx_quic_connection_t *qc; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
129 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
130 qc = ngx_quic_get_connection(c); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
131 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
132 scid.data = qc->path->cid->id; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
133 scid.len = qc->path->cid->len; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
134 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
135 if (scid.len != ctp->initial_scid.len |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
136 || ngx_memcmp(scid.data, ctp->initial_scid.data, scid.len) != 0) |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
137 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
138 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
139 "quic client initial_source_connection_id mismatch"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
140 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
141 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
142 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
143 if (ctp->max_udp_payload_size < NGX_QUIC_MIN_INITIAL_SIZE |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
144 || ctp->max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
145 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
146 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
147 qc->error_reason = "invalid maximum packet size"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
148 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
149 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
150 "quic maximum packet size is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
151 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
152 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
153 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
154 if (ctp->active_connection_id_limit < 2) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
155 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
156 qc->error_reason = "invalid active_connection_id_limit"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
157 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
158 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
159 "quic active_connection_id_limit is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
160 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
161 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
162 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
163 if (ctp->ack_delay_exponent > 20) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
164 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
165 qc->error_reason = "invalid ack_delay_exponent"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
166 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
167 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
168 "quic ack_delay_exponent is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
169 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
170 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
171 |
8806
f8ad3dd142ad
QUIC: consider max_ack_delay=16384 invalid.
Roman Arutyunyan <arut@nginx.com>
parents:
8797
diff
changeset
|
172 if (ctp->max_ack_delay >= 16384) { |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
173 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
174 qc->error_reason = "invalid max_ack_delay"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
175 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
176 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
177 "quic max_ack_delay is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
178 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
179 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
180 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
181 if (ctp->max_idle_timeout > 0 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
182 && ctp->max_idle_timeout < qc->tp.max_idle_timeout) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
183 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
184 qc->tp.max_idle_timeout = ctp->max_idle_timeout; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
185 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
186 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
187 qc->streams.server_max_streams_bidi = ctp->initial_max_streams_bidi; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
188 qc->streams.server_max_streams_uni = ctp->initial_max_streams_uni; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
189 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
190 ngx_memcpy(&qc->ctp, ctp, sizeof(ngx_quic_tp_t)); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
191 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
192 return NGX_OK; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
193 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
194 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
195 |
8225 | 196 void |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
197 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) |
8225 | 198 { |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
199 ngx_int_t rc; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
200 ngx_quic_connection_t *qc; |
8225 | 201 |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
202 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
8225 | 203 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
204 rc = ngx_quic_handle_datagram(c, c->buffer, conf); |
8536
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
205 if (rc != NGX_OK) { |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
206 ngx_quic_close_connection(c, rc); |
8225 | 207 return; |
208 } | |
209 | |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
210 /* quic connection is now created */ |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
211 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
212 |
8686 | 213 ngx_add_timer(c->read, qc->tp.max_idle_timeout); |
214 ngx_quic_connstate_dbg(c); | |
8225 | 215 |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
216 c->read->handler = ngx_quic_input_handler; |
8225 | 217 |
218 return; | |
219 } | |
220 | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
221 |
8561
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8560
diff
changeset
|
222 static ngx_quic_connection_t * |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
223 ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, |
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
224 ngx_quic_header_t *pkt) |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
225 { |
8308
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
8307
diff
changeset
|
226 ngx_uint_t i; |
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
227 ngx_quic_tp_t *ctp; |
8225 | 228 ngx_quic_connection_t *qc; |
8387
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
229 |
8225 | 230 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
231 if (qc == NULL) { | |
8561
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8560
diff
changeset
|
232 return NULL; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
233 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
234 |
9025
e50f77a2d0b0
QUIC: removed ngx_quic_keys_new().
Vladimir Homutov <vl@nginx.com>
parents:
9024
diff
changeset
|
235 qc->keys = ngx_pcalloc(c->pool, sizeof(ngx_quic_keys_t)); |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
236 if (qc->keys == NULL) { |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
237 return NULL; |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
238 } |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
239 |
8624
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
240 qc->version = pkt->version; |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
241 |
8225 | 242 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
243 ngx_quic_rbtree_insert_stream); | |
244 | |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
245 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
8331
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
8328
diff
changeset
|
246 ngx_queue_init(&qc->send_ctx[i].frames); |
8822
ad046179eb91
QUIC: handle EAGAIN properly on UDP sockets.
Vladimir Homutov <vl@nginx.com>
parents:
8820
diff
changeset
|
247 ngx_queue_init(&qc->send_ctx[i].sending); |
8331
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
8328
diff
changeset
|
248 ngx_queue_init(&qc->send_ctx[i].sent); |
8598
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8597
diff
changeset
|
249 qc->send_ctx[i].largest_pn = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8597
diff
changeset
|
250 qc->send_ctx[i].largest_ack = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8597
diff
changeset
|
251 qc->send_ctx[i].largest_range = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8597
diff
changeset
|
252 qc->send_ctx[i].pending_ack = NGX_QUIC_UNSET_PN; |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
253 } |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
254 |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
255 qc->send_ctx[0].level = ssl_encryption_initial; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
256 qc->send_ctx[1].level = ssl_encryption_handshake; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
257 qc->send_ctx[2].level = ssl_encryption_application; |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
258 |
8308
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
8307
diff
changeset
|
259 ngx_queue_init(&qc->free_frames); |
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
8307
diff
changeset
|
260 |
8469
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
261 qc->avg_rtt = NGX_QUIC_INITIAL_RTT; |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
262 qc->rttvar = NGX_QUIC_INITIAL_RTT / 2; |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
263 qc->min_rtt = NGX_TIMER_INFINITE; |
8792
004172345bdc
QUIC: persistent congestion calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8791
diff
changeset
|
264 qc->first_rtt = NGX_TIMER_INFINITE; |
8469
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
265 |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
266 /* |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
267 * qc->latest_rtt = 0 |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
268 */ |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
8458
diff
changeset
|
269 |
8472 | 270 qc->pto.log = c->log; |
271 qc->pto.data = c; | |
272 qc->pto.handler = ngx_quic_pto_handler; | |
8308
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
8307
diff
changeset
|
273 |
8309 | 274 qc->push.log = c->log; |
275 qc->push.data = c; | |
276 qc->push.handler = ngx_quic_push_handler; | |
277 | |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
278 qc->close.log = c->log; |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
279 qc->close.data = c; |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
280 qc->close.handler = ngx_quic_close_handler; |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
281 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
282 qc->path_validation.log = c->log; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
283 qc->path_validation.data = c; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9144
diff
changeset
|
284 qc->path_validation.handler = ngx_quic_path_handler; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
285 |
9152
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
286 qc->key_update.log = c->log; |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
287 qc->key_update.data = c; |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
288 qc->key_update.handler = ngx_quic_keys_update; |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
289 |
8481
0d2b2664b41c
QUIC: added "quic" listen parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
8480
diff
changeset
|
290 qc->conf = conf; |
8924
d6ef13c5fd8e
QUIC: simplified configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8913
diff
changeset
|
291 |
d6ef13c5fd8e
QUIC: simplified configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8913
diff
changeset
|
292 if (ngx_quic_init_transport_params(&qc->tp, conf) != NGX_OK) { |
d6ef13c5fd8e
QUIC: simplified configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8913
diff
changeset
|
293 return NULL; |
d6ef13c5fd8e
QUIC: simplified configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8913
diff
changeset
|
294 } |
8225 | 295 |
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
296 ctp = &qc->ctp; |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
297 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
298 /* defaults to be used before actual client parameters are received */ |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9144
diff
changeset
|
299 ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE; |
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
300 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
301 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
8701
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8698
diff
changeset
|
302 ctp->active_connection_id_limit = 2; |
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
303 |
8827
fe919fd63b0b
QUIC: client certificate validation with OCSP.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8822
diff
changeset
|
304 ngx_queue_init(&qc->streams.uninitialized); |
9010 | 305 ngx_queue_init(&qc->streams.free); |
8827
fe919fd63b0b
QUIC: client certificate validation with OCSP.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8822
diff
changeset
|
306 |
8365
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
307 qc->streams.recv_max_data = qc->tp.initial_max_data; |
8791
af33d1ef1c3c
QUIC: stream flow control refactored.
Roman Arutyunyan <arut@nginx.com>
parents:
8782
diff
changeset
|
308 qc->streams.recv_window = qc->streams.recv_max_data; |
8338
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
8337
diff
changeset
|
309 |
8496
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8495
diff
changeset
|
310 qc->streams.client_max_streams_uni = qc->tp.initial_max_streams_uni; |
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8495
diff
changeset
|
311 qc->streams.client_max_streams_bidi = qc->tp.initial_max_streams_bidi; |
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8495
diff
changeset
|
312 |
8415
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8413
diff
changeset
|
313 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8413
diff
changeset
|
314 ngx_max(2 * qc->tp.max_udp_payload_size, |
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8413
diff
changeset
|
315 14720)); |
8623
8550b91e8e35
QUIC: added proper logging of special values.
Vladimir Homutov <vl@nginx.com>
parents:
8622
diff
changeset
|
316 qc->congestion.ssthresh = (size_t) -1; |
8364
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
8363
diff
changeset
|
317 qc->congestion.recovery_start = ngx_current_msec; |
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
8363
diff
changeset
|
318 |
8746
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
319 if (pkt->validated && pkt->retried) { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
320 qc->tp.retry_scid.len = pkt->dcid.len; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
321 qc->tp.retry_scid.data = ngx_pstrdup(c->pool, &pkt->dcid); |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
322 if (qc->tp.retry_scid.data == NULL) { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
323 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
324 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
325 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
326 |
9024
f2925c80401c
QUIC: avoided pool usage in ngx_quic_protection.c.
Vladimir Homutov <vl@nginx.com>
parents:
9017
diff
changeset
|
327 if (ngx_quic_keys_set_initial_secret(qc->keys, &pkt->dcid, c->log) |
8746
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
328 != NGX_OK) |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
329 { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
330 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
331 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
332 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
333 qc->validated = pkt->validated; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
334 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
335 if (ngx_quic_open_sockets(c, qc, pkt) != NGX_OK) { |
8746
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
336 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
337 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
338 |
9055
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
339 c->idle = 1; |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
340 ngx_reusable_connection(c, 1); |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
341 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
342 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
343 "quic connection created"); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
344 |
8746
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
345 return qc; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
346 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
347 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8745
diff
changeset
|
348 |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
349 static ngx_int_t |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
350 ngx_quic_handle_stateless_reset(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
351 { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
352 u_char *tail, ch; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
353 ngx_uint_t i; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
354 ngx_queue_t *q; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
355 ngx_quic_client_id_t *cid; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
356 ngx_quic_connection_t *qc; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
357 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
358 qc = ngx_quic_get_connection(c); |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
359 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
360 /* A stateless reset uses an entire UDP datagram */ |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
361 if (!pkt->first) { |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
362 return NGX_DECLINED; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
363 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
364 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
365 tail = pkt->raw->last - NGX_QUIC_SR_TOKEN_LEN; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
366 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
367 for (q = ngx_queue_head(&qc->client_ids); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
368 q != ngx_queue_sentinel(&qc->client_ids); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
369 q = ngx_queue_next(q)) |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
370 { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
371 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
372 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
373 if (cid->seqnum == 0 || !cid->used) { |
8877
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8846
diff
changeset
|
374 /* |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8846
diff
changeset
|
375 * No stateless reset token in initial connection id. |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8846
diff
changeset
|
376 * Don't accept a token from an unused connection id. |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8846
diff
changeset
|
377 */ |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
378 continue; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
379 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
380 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
381 /* constant time comparison */ |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
382 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
383 for (ch = 0, i = 0; i < NGX_QUIC_SR_TOKEN_LEN; i++) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
384 ch |= tail[i] ^ cid->sr_token[i]; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
385 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
386 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
387 if (ch == 0) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
388 return NGX_OK; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
389 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
390 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
391 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
392 return NGX_DECLINED; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
393 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
394 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
395 |
8225 | 396 static void |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
397 ngx_quic_input_handler(ngx_event_t *rev) |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
398 { |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
399 ngx_int_t rc; |
8730
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8724
diff
changeset
|
400 ngx_buf_t *b; |
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
401 ngx_connection_t *c; |
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
402 ngx_quic_connection_t *qc; |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
403 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
404 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
405 |
8225 | 406 c = rev->data; |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
407 qc = ngx_quic_get_connection(c); |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
408 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
409 c->log->action = "handling quic input"; |
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
410 |
8225 | 411 if (rev->timedout) { |
8361 | 412 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, |
413 "quic client timed out"); | |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
414 ngx_quic_close_connection(c, NGX_DONE); |
8225 | 415 return; |
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
416 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
417 |
8225 | 418 if (c->close) { |
9055
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
419 c->close = 0; |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
420 |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
421 if (!ngx_exiting) { |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
422 qc->error = NGX_QUIC_ERR_NO_ERROR; |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
423 qc->error_reason = "graceful shutdown"; |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
424 ngx_quic_close_connection(c, NGX_ERROR); |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
425 return; |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
426 } |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
427 |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
428 if (!qc->closing && qc->conf->shutdown) { |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
429 qc->conf->shutdown(c); |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
430 } |
1192923be0aa
QUIC: idle mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9051
diff
changeset
|
431 |
8225 | 432 return; |
433 } | |
8220
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8218
diff
changeset
|
434 |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
435 b = c->udp->buffer; |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
436 if (b == NULL) { |
8225 | 437 return; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
438 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
439 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
440 rc = ngx_quic_handle_datagram(c, b, NULL); |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
441 |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
442 if (rc == NGX_ERROR) { |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
443 ngx_quic_close_connection(c, NGX_ERROR); |
8225 | 444 return; |
445 } | |
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
446 |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
447 if (rc == NGX_DONE) { |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
448 return; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
449 } |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
450 |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
451 /* rc == NGX_OK */ |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
452 |
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
453 qc->send_timer_set = 0; |
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
454 ngx_add_timer(rev, qc->tp.max_idle_timeout); |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
455 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
456 ngx_quic_connstate_dbg(c); |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
457 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
458 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
459 |
8736
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8735
diff
changeset
|
460 void |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
461 ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
462 { |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
463 ngx_uint_t i; |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
464 ngx_pool_t *pool; |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
465 ngx_quic_send_ctx_t *ctx; |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
466 ngx_quic_connection_t *qc; |
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
467 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
468 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
469 |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
470 if (qc == NULL) { |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
471 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
472 "quic packet rejected rc:%i, cleanup connection", rc); |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
473 goto quic_done; |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
474 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
475 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
476 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
477 "quic close %s rc:%i", |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
478 qc->closing ? "resumed": "initiated", rc); |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
479 |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
480 if (!qc->closing) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
481 |
8398
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
8397
diff
changeset
|
482 /* drop packets from retransmit queues, no ack is expected */ |
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
8397
diff
changeset
|
483 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
9092
9553eea74f2a
QUIC: optimized immediate close.
Roman Arutyunyan <arut@nginx.com>
parents:
9056
diff
changeset
|
484 ngx_quic_free_frames(c, &qc->send_ctx[i].frames); |
8652
e9bd4305e68b
QUIC: fixed send contexts cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8651
diff
changeset
|
485 ngx_quic_free_frames(c, &qc->send_ctx[i].sent); |
8398
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
8397
diff
changeset
|
486 } |
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
8397
diff
changeset
|
487 |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
488 if (rc == NGX_DONE) { |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
489 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
490 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
491 * RFC 9000, 10.1. Idle Timeout |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
492 * |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
493 * If a max_idle_timeout is specified by either endpoint in its |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
494 * transport parameters (Section 18.2), the connection is silently |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
495 * closed and its state is discarded when it remains idle |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
496 */ |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
497 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
498 /* this case also handles some errors from ngx_quic_run() */ |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
499 |
9015
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9011
diff
changeset
|
500 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9011
diff
changeset
|
501 "quic close silent drain:%d timedout:%d", |
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9011
diff
changeset
|
502 qc->draining, c->read->timedout); |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
503 } else { |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
504 |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
505 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
506 * RFC 9000, 10.2. Immediate Close |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
507 * |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
508 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
509 * to terminate the connection immediately. |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
510 */ |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
511 |
9049
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
512 if (qc->error == (ngx_uint_t) -1) { |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
513 qc->error = NGX_QUIC_ERR_INTERNAL_ERROR; |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
514 qc->error_app = 0; |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
515 } |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
516 |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
517 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
518 "quic close immediate term:%d drain:%d " |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
519 "%serror:%ui \"%s\"", |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
520 rc == NGX_ERROR ? 1 : 0, qc->draining, |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
521 qc->error_app ? "app " : "", qc->error, |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
522 qc->error_reason ? qc->error_reason : ""); |
2b4891fa0fbc
QUIC: made ngx_quic_finalize_connecion() more graceful.
Roman Arutyunyan <arut@nginx.com>
parents:
9048
diff
changeset
|
523 |
9156
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
524 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
525 ctx = &qc->send_ctx[i]; |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
526 |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
527 if (!ngx_quic_keys_available(qc->keys, ctx->level)) { |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
528 continue; |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
529 } |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
530 |
9156
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
531 qc->error_level = ctx->level; |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
532 (void) ngx_quic_send_cc(c); |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
533 |
9156
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
534 if (rc == NGX_OK && !qc->close.timer_set) { |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
535 ngx_add_timer(&qc->close, 3 * ngx_quic_pto(c, ctx)); |
36b59521a41c
QUIC: refined sending CONNECTION_CLOSE in various packet types.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9153
diff
changeset
|
536 } |
8400
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8399
diff
changeset
|
537 } |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
538 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
539 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
540 qc->closing = 1; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
541 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
542 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
543 if (rc == NGX_ERROR && qc->close.timer_set) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
544 /* do not wait for timer in case of fatal error */ |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
545 ngx_del_timer(&qc->close); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
546 } |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
547 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
548 if (ngx_quic_close_streams(c, qc) == NGX_AGAIN) { |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
549 return; |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
550 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
551 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
552 if (qc->push.timer_set) { |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
553 ngx_del_timer(&qc->push); |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
554 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
555 |
8472 | 556 if (qc->pto.timer_set) { |
557 ngx_del_timer(&qc->pto); | |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
558 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
559 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
560 if (qc->path_validation.timer_set) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
561 ngx_del_timer(&qc->path_validation); |
8434
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8433
diff
changeset
|
562 } |
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8433
diff
changeset
|
563 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
564 if (qc->push.posted) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
565 ngx_delete_posted_event(&qc->push); |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
566 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
567 |
9152
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
568 if (qc->key_update.posted) { |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
569 ngx_delete_posted_event(&qc->key_update); |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
570 } |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
571 |
8553
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8546
diff
changeset
|
572 if (qc->close.timer_set) { |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
573 return; |
8553
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8546
diff
changeset
|
574 } |
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8546
diff
changeset
|
575 |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
576 if (qc->close.posted) { |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
577 ngx_delete_posted_event(&qc->close); |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
578 } |
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
579 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
580 ngx_quic_close_sockets(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
581 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
582 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic close completed"); |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
583 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
584 /* may be tested from SSL callback during SSL shutdown */ |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
585 c->udp = NULL; |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
586 |
8995
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
587 quic_done: |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
588 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
589 if (c->ssl) { |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
590 (void) ngx_ssl_shutdown(c); |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
591 } |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
592 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
593 if (c->read->timer_set) { |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
594 ngx_del_timer(c->read); |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
595 } |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
596 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
597 #if (NGX_STAT_STUB) |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
598 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
599 #endif |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
600 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
601 c->destroyed = 1; |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
602 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
603 pool = c->pool; |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
604 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
605 ngx_close_connection(c); |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
606 |
19251fb83187
QUIC: merged ngx_quic_close_quic() and ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8994
diff
changeset
|
607 ngx_destroy_pool(pool); |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
608 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
609 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
610 |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
611 void |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
612 ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
613 const char *reason) |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
614 { |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
615 ngx_quic_connection_t *qc; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
616 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
617 qc = ngx_quic_get_connection(c); |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
618 |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
619 if (qc->closing) { |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
620 return; |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
621 } |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
622 |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
623 qc->error = err; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
624 qc->error_reason = reason; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
625 qc->error_app = 1; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
626 qc->error_ftype = 0; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
627 |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
628 ngx_post_event(&qc->close, &ngx_posted_events); |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
629 } |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
630 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
631 |
8724
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
632 void |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
633 ngx_quic_shutdown_connection(ngx_connection_t *c, ngx_uint_t err, |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
634 const char *reason) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
635 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
636 ngx_quic_connection_t *qc; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
637 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
638 qc = ngx_quic_get_connection(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
639 qc->shutdown = 1; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
640 qc->shutdown_code = err; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
641 qc->shutdown_reason = reason; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
642 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
643 ngx_quic_shutdown_quic(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
644 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
645 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
646 |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
647 static void |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
648 ngx_quic_close_handler(ngx_event_t *ev) |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
649 { |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
650 ngx_connection_t *c; |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
651 |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
652 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic close handler"); |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
653 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
654 c = ev->data; |
9050
aaca8e111959
QUIC: post close event for connection close.
Roman Arutyunyan <arut@nginx.com>
parents:
9049
diff
changeset
|
655 |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
656 ngx_quic_close_connection(c, NGX_OK); |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
657 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
658 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
659 |
8354
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
8350
diff
changeset
|
660 static ngx_int_t |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
661 ngx_quic_handle_datagram(ngx_connection_t *c, ngx_buf_t *b, |
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
662 ngx_quic_conf_t *conf) |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
663 { |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
664 size_t size; |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
665 u_char *p, *start; |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
666 ngx_int_t rc; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
667 ngx_uint_t good; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
668 ngx_quic_path_t *path; |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
669 ngx_quic_header_t pkt; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
670 ngx_quic_connection_t *qc; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
671 |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
672 good = 0; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
673 path = NULL; |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
674 |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
675 size = b->last - b->pos; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
676 |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
677 p = start = b->pos; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
678 |
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
679 while (p < b->last) { |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
680 |
8225 | 681 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
682 pkt.raw = b; | |
683 pkt.data = p; | |
684 pkt.len = b->last - p; | |
685 pkt.log = c->log; | |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
686 pkt.first = (p == start) ? 1 : 0; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
687 pkt.path = path; |
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
688 pkt.flags = p[0]; |
8559
a89a58c642ef
QUIC: simplified packet header parsing.
Vladimir Homutov <vl@nginx.com>
parents:
8558
diff
changeset
|
689 pkt.raw->pos++; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
690 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
691 rc = ngx_quic_handle_packet(c, conf, &pkt); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
692 |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
693 #if (NGX_DEBUG) |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
694 if (pkt.parsed) { |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
695 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
696 "quic packet done rc:%i level:%s" |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
697 " decr:%d pn:%L perr:%ui", |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
698 rc, ngx_quic_level_name(pkt.level), |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
699 pkt.decrypted, pkt.pn, pkt.error); |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
700 } else { |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
701 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
702 "quic packet done rc:%i parse failed", rc); |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
703 } |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
704 #endif |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
705 |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
706 if (rc == NGX_ERROR || rc == NGX_DONE) { |
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
707 return rc; |
8686 | 708 } |
709 | |
8545
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
710 if (rc == NGX_OK) { |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
711 good = 1; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
712 } |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
713 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
714 path = pkt.path; /* preserve packet path from 1st packet */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
715 |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
716 /* NGX_OK || NGX_DECLINED */ |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
717 |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
718 /* |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
719 * we get NGX_DECLINED when there are no keys [yet] available |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
720 * to decrypt packet. |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
721 * Instead of queueing it, we ignore it and rely on the sender's |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
722 * retransmission: |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
723 * |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
724 * RFC 9000, 12.2. Coalescing Packets |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
725 * |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
726 * For example, if decryption fails (because the keys are |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
727 * not available or for any other reason), the receiver MAY either |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
728 * discard or buffer the packet for later processing and MUST |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
729 * attempt to process the remaining packets. |
8535
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8533
diff
changeset
|
730 * |
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8533
diff
changeset
|
731 * We also skip packets that don't match connection state |
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8533
diff
changeset
|
732 * or cannot be parsed properly. |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
733 */ |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
734 |
8225 | 735 /* b->pos is at header end, adjust by actual packet length */ |
8558
0f37b4ef3cd9
QUIC: keep the entire packet size in pkt->len.
Roman Arutyunyan <arut@nginx.com>
parents:
8557
diff
changeset
|
736 b->pos = pkt.data + pkt.len; |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
737 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
738 p = b->pos; |
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
739 } |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
740 |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
741 if (!good) { |
8994
e00295b76395
QUIC: revised ngx_quic_handle_datagram() error codes.
Vladimir Homutov <vl@nginx.com>
parents:
8986
diff
changeset
|
742 return NGX_DONE; |
8882
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
743 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
744 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
745 qc = ngx_quic_get_connection(c); |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
746 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
747 if (qc) { |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
748 qc->received += size; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
749 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
750 if ((uint64_t) (c->sent + qc->received) / 8 > |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
751 (qc->streams.sent + qc->streams.recv_last) + 1048576) |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
752 { |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
753 ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic flood detected"); |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
754 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
755 qc->error = NGX_QUIC_ERR_NO_ERROR; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
756 qc->error_reason = "QUIC flood detected"; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
757 return NGX_ERROR; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
758 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
759 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
760 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8878
diff
changeset
|
761 return NGX_OK; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
762 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
763 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
764 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
765 static ngx_int_t |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
766 ngx_quic_handle_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, |
8563
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8562
diff
changeset
|
767 ngx_quic_header_t *pkt) |
8383
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
768 { |
8536
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
769 ngx_int_t rc; |
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
770 ngx_quic_socket_t *qsock; |
8383
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
771 ngx_quic_connection_t *qc; |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
772 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
773 c->log->action = "parsing quic packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
774 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
775 rc = ngx_quic_parse_packet(pkt); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
776 |
8996 | 777 if (rc == NGX_ERROR) { |
778 return NGX_DECLINED; | |
8383
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
779 } |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
780 |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
781 pkt->parsed = 1; |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
782 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
783 c->log->action = "handling quic packet"; |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
784 |
8651
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
785 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
786 "quic packet rx dcid len:%uz %xV", |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
787 pkt->dcid.len, &pkt->dcid); |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
788 |
8578
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
789 #if (NGX_DEBUG) |
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
790 if (pkt->level != ssl_encryption_application) { |
8651
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
791 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
792 "quic packet rx scid len:%uz %xV", |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
793 pkt->scid.len, &pkt->scid); |
8578
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
794 } |
8641
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8639
diff
changeset
|
795 |
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8639
diff
changeset
|
796 if (pkt->level == ssl_encryption_initial) { |
8651
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
797 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
798 "quic address validation token len:%uz %xV", |
8651
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8642
diff
changeset
|
799 pkt->token.len, &pkt->token); |
8641
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8639
diff
changeset
|
800 } |
8578
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
801 #endif |
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8577
diff
changeset
|
802 |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
803 qc = ngx_quic_get_connection(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
804 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
805 if (qc) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
806 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
807 if (rc == NGX_ABORT) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
808 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
809 "quic unsupported version: 0x%xD", pkt->version); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
810 return NGX_DECLINED; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
811 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
812 |
8624
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
813 if (pkt->level != ssl_encryption_application) { |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
814 |
8624
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
815 if (pkt->version != qc->version) { |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
816 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
817 "quic version mismatch: 0x%xD", pkt->version); |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
818 return NGX_DECLINED; |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8623
diff
changeset
|
819 } |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
820 |
8913
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
821 if (pkt->first) { |
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
822 qsock = ngx_quic_get_socket(c); |
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
823 |
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
824 if (ngx_cmp_sockaddr(&qsock->sockaddr.sockaddr, qsock->socklen, |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
825 qc->path->sockaddr, qc->path->socklen, 1) |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
826 != NGX_OK) |
8913
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
827 { |
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
828 /* packet comes from unknown path, possibly migration */ |
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
829 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
9015
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9011
diff
changeset
|
830 "quic too early migration attempt"); |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
831 return NGX_DONE; |
8913
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
832 } |
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
833 } |
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
834 |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
835 if (ngx_quic_check_csid(qc, pkt) != NGX_OK) { |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
836 return NGX_DECLINED; |
8562
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
837 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8561
diff
changeset
|
838 |
8878
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8877
diff
changeset
|
839 } |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
840 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
841 rc = ngx_quic_handle_payload(c, pkt); |
8878
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8877
diff
changeset
|
842 |
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8877
diff
changeset
|
843 if (rc == NGX_DECLINED && pkt->level == ssl_encryption_application) { |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
844 if (ngx_quic_handle_stateless_reset(c, pkt) == NGX_OK) { |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
845 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
846 "quic stateless reset packet detected"); |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
847 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
848 qc->draining = 1; |
9112
d59277dd3d8c
QUIC: fixed post-close use-after-free.
Roman Arutyunyan <arut@nginx.com>
parents:
9092
diff
changeset
|
849 ngx_post_event(&qc->close, &ngx_posted_events); |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
850 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
851 return NGX_OK; |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
852 } |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
853 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
854 |
8878
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8877
diff
changeset
|
855 return rc; |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
856 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
857 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
858 /* packet does not belong to a connection */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
859 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
860 if (rc == NGX_ABORT) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
861 return ngx_quic_negotiate_version(c, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
862 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
863 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
864 if (pkt->level == ssl_encryption_application) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
865 return ngx_quic_send_stateless_reset(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
866 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
867 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
868 if (pkt->level != ssl_encryption_initial) { |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
869 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
870 "quic expected initial, got handshake"); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
871 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
872 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
873 |
8998
308ac307b3e6
QUIC: improved debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8996
diff
changeset
|
874 c->log->action = "handling initial packet"; |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
875 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
876 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
877 /* RFC 9000, 7.2. Negotiating Connection IDs */ |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
878 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
879 "quic too short dcid in initial" |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
880 " packet: len:%i", pkt->dcid.len); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
881 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
882 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
883 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
884 /* process retry and initialize connection IDs */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
885 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
886 if (pkt->token.len) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
887 |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
888 rc = ngx_quic_validate_token(c, conf->av_token_key, pkt); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
889 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
890 if (rc == NGX_ERROR) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
891 /* internal error */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
892 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
893 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
894 } else if (rc == NGX_ABORT) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
895 /* token cannot be decrypted */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
896 return ngx_quic_send_early_cc(c, pkt, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
897 NGX_QUIC_ERR_INVALID_TOKEN, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
898 "cannot decrypt token"); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
899 } else if (rc == NGX_DECLINED) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
900 /* token is invalid */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
901 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
902 if (pkt->retried) { |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
903 /* invalid address validation token */ |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
904 return ngx_quic_send_early_cc(c, pkt, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
905 NGX_QUIC_ERR_INVALID_TOKEN, |
8694
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8693
diff
changeset
|
906 "invalid address validation token"); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
907 } else if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
908 /* invalid NEW_TOKEN */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
909 return ngx_quic_send_retry(c, conf, pkt); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
910 } |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
911 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
912 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
913 /* NGX_OK */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
914 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
915 } else if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
916 return ngx_quic_send_retry(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
917 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
918 } else { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
919 pkt->odcid = pkt->dcid; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
920 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
921 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
922 if (ngx_terminate || ngx_exiting) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
923 if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
924 return ngx_quic_send_retry(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
925 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
926 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
927 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
928 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
929 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
930 c->log->action = "creating quic connection"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
931 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
932 qc = ngx_quic_new_connection(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
933 if (qc == NULL) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
934 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
935 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
936 |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
937 return ngx_quic_handle_payload(c, pkt); |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
938 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
939 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
940 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
941 static ngx_int_t |
8953
03b40440c13d
QUIC: renamed input handling functions.
Roman Arutyunyan <arut@nginx.com>
parents:
8948
diff
changeset
|
942 ngx_quic_handle_payload(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
943 { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
944 ngx_int_t rc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
945 ngx_quic_send_ctx_t *ctx; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
946 ngx_quic_connection_t *qc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
947 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
948 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
949 qc = ngx_quic_get_connection(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
950 |
9048
9c427e98d8c1
QUIC: treat qc->error == -1 as a missing error.
Roman Arutyunyan <arut@nginx.com>
parents:
9025
diff
changeset
|
951 qc->error = (ngx_uint_t) -1; |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
952 qc->error_reason = 0; |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
953 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
954 c->log->action = "decrypting packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
955 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
956 if (!ngx_quic_keys_available(qc->keys, pkt->level)) { |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
957 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8793
80d396fd8ee8
QUIC: improved errors readability.
Vladimir Homutov <vl@nginx.com>
parents:
8792
diff
changeset
|
958 "quic no %s keys, ignoring packet", |
80d396fd8ee8
QUIC: improved errors readability.
Vladimir Homutov <vl@nginx.com>
parents:
8792
diff
changeset
|
959 ngx_quic_level_name(pkt->level)); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
960 return NGX_DECLINED; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
961 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
962 |
8816
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
963 #if !defined (OPENSSL_IS_BORINGSSL) |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
964 /* OpenSSL provides read keys for an application level before it's ready */ |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
965 |
9157
daf8f5ba23d8
QUIC: removed use of SSL_quic_read_level and SSL_quic_write_level.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9156
diff
changeset
|
966 if (pkt->level == ssl_encryption_application && !c->ssl->handshaked) { |
8816
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
967 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
968 "quic no %s keys ready, ignoring packet", |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
969 ngx_quic_level_name(pkt->level)); |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
970 return NGX_DECLINED; |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
971 } |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
972 #endif |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8806
diff
changeset
|
973 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
974 pkt->keys = qc->keys; |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
975 pkt->key_phase = qc->key_phase; |
8383
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
976 pkt->plaintext = buf; |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
977 |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
978 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8382
diff
changeset
|
979 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
980 rc = ngx_quic_decrypt(pkt, &ctx->largest_pn); |
8536
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
981 if (rc != NGX_OK) { |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
982 qc->error = pkt->error; |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
983 qc->error_reason = "failed to decrypt packet"; |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8535
diff
changeset
|
984 return rc; |
8223 | 985 } |
986 | |
8580
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
987 pkt->decrypted = 1; |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8579
diff
changeset
|
988 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
989 c->log->action = "handling decrypted packet"; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
990 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
991 if (pkt->path == NULL) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
992 rc = ngx_quic_set_path(c, pkt); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
993 if (rc != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
994 return rc; |
8912
50d73bf20e73
QUIC: refactored multiple QUIC packets handling.
Vladimir Homutov <vl@nginx.com>
parents:
8909
diff
changeset
|
995 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
996 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
997 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
998 if (c->ssl == NULL) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
999 if (ngx_quic_init_connection(c) != NGX_OK) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1000 return NGX_ERROR; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1001 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1002 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1003 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1004 if (pkt->level == ssl_encryption_handshake) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1005 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1006 * RFC 9001, 4.9.1. Discarding Initial Keys |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1007 * |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1008 * The successful use of Handshake packets indicates |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1009 * that no more Initial packets need to be exchanged |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1010 */ |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1011 ngx_quic_discard_ctx(c, ssl_encryption_initial); |
8611
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8610
diff
changeset
|
1012 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1013 if (!qc->path->validated) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1014 qc->path->validated = 1; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1015 ngx_quic_path_dbg(c, "in handshake", qc->path); |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
1016 ngx_post_event(&qc->push, &ngx_posted_events); |
8611
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8610
diff
changeset
|
1017 } |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1018 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1019 |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1020 if (qc->closing) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1021 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1022 * RFC 9000, 10.2. Immediate Close |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1023 * |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1024 * ... delayed or reordered packets are properly discarded. |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1025 * |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1026 * In the closing state, an endpoint retains only enough information |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1027 * to generate a packet containing a CONNECTION_CLOSE frame and to |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8793
diff
changeset
|
1028 * identify packets as belonging to the connection. |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1029 */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1030 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1031 qc->error_level = pkt->level; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1032 qc->error = NGX_QUIC_ERR_NO_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1033 qc->error_reason = "connection is closing, packet discarded"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1034 qc->error_ftype = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1035 qc->error_app = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1036 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1037 return ngx_quic_send_cc(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1038 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1039 |
8603
c5ea341f705a
QUIC: optimized acknowledgement generation.
Vladimir Homutov <vl@nginx.com>
parents:
8602
diff
changeset
|
1040 pkt->received = ngx_current_msec; |
8574
1d4417e4f2d0
QUIC: fixed measuring ACK Delay against 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8573
diff
changeset
|
1041 |
8576
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
1042 c->log->action = "handling payload"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8575
diff
changeset
|
1043 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1044 if (pkt->level != ssl_encryption_application) { |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1045 return ngx_quic_handle_frames(c, pkt); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1046 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1047 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1048 if (!pkt->key_update) { |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1049 return ngx_quic_handle_frames(c, pkt); |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1050 } |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1051 |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1052 /* switch keys and generate next on Key Phase change */ |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1053 |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1054 qc->key_phase ^= 1; |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1055 ngx_quic_keys_switch(c, qc->keys); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1056 |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1057 rc = ngx_quic_handle_frames(c, pkt); |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1058 if (rc != NGX_OK) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1059 return rc; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1060 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1061 |
9152
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
1062 ngx_post_event(&qc->key_update, &ngx_posted_events); |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
1063 |
2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9147
diff
changeset
|
1064 return NGX_OK; |
8223 | 1065 } |
1066 | |
1067 | |
8753
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8752
diff
changeset
|
1068 void |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1069 ngx_quic_discard_ctx(ngx_connection_t *c, enum ssl_encryption_level_t level) |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1070 { |
8507
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1071 ngx_queue_t *q; |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1072 ngx_quic_frame_t *f; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1073 ngx_quic_socket_t *qsock; |
8339
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8338
diff
changeset
|
1074 ngx_quic_send_ctx_t *ctx; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1075 ngx_quic_connection_t *qc; |
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
1076 |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
1077 qc = ngx_quic_get_connection(c); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1078 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1079 if (!ngx_quic_keys_available(qc->keys, level)) { |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1080 return; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1081 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1082 |
8621
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1083 ngx_quic_keys_discard(qc->keys, level); |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8620
diff
changeset
|
1084 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1085 qc->pto_count = 0; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1086 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1087 ctx = ngx_quic_get_send_ctx(qc, level); |
8507
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1088 |
9011
f9c788f3f5cc
QUIC: ngx_quic_buffer_t object.
Roman Arutyunyan <arut@nginx.com>
parents:
9010
diff
changeset
|
1089 ngx_quic_free_buffer(c, &ctx->crypto); |
8782
b3f6ad181df4
QUIC: refactored CRYPTO and STREAM buffer ordering.
Roman Arutyunyan <arut@nginx.com>
parents:
8778
diff
changeset
|
1090 |
8507
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1091 while (!ngx_queue_empty(&ctx->sent)) { |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1092 q = ngx_queue_head(&ctx->sent); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1093 ngx_queue_remove(q); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1094 |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1095 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1096 ngx_quic_congestion_ack(c, f); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1097 ngx_quic_free_frame(c, f); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8506
diff
changeset
|
1098 } |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1099 |
8612
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1100 while (!ngx_queue_empty(&ctx->frames)) { |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1101 q = ngx_queue_head(&ctx->frames); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1102 ngx_queue_remove(q); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1103 |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1104 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1105 ngx_quic_free_frame(c, f); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1106 } |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8611
diff
changeset
|
1107 |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1108 if (level == ssl_encryption_initial) { |
9153
8f7e6d8c061e
QUIC: use last client dcid to receive initial packets.
Roman Arutyunyan <arut@nginx.com>
parents:
9152
diff
changeset
|
1109 /* close temporary listener with initial dcid */ |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1110 qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1111 if (qsock) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1112 ngx_quic_close_socket(c, qsock); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1113 } |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1114 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1115 |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1116 ctx->send_ack = 0; |
8697
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8696
diff
changeset
|
1117 |
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8696
diff
changeset
|
1118 ngx_quic_set_lost_timer(c); |
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1119 } |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1120 |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1121 |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1122 static ngx_int_t |
8688
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8687
diff
changeset
|
1123 ngx_quic_check_csid(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) |
8361 | 1124 { |
8538
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1125 ngx_queue_t *q; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1126 ngx_quic_client_id_t *cid; |
8381
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8380
diff
changeset
|
1127 |
8538
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1128 for (q = ngx_queue_head(&qc->client_ids); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1129 q != ngx_queue_sentinel(&qc->client_ids); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1130 q = ngx_queue_next(q)) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1131 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1132 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1133 |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1134 if (pkt->scid.len == cid->len |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1135 && ngx_memcmp(pkt->scid.data, cid->id, cid->len) == 0) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1136 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1137 return NGX_OK; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1138 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1139 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1140 |
8560
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1141 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8559
diff
changeset
|
1142 return NGX_ERROR; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1143 } |
8171 | 1144 |
1145 | |
8225 | 1146 static ngx_int_t |
8687
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8686
diff
changeset
|
1147 ngx_quic_handle_frames(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8225 | 1148 { |
1149 u_char *end, *p; | |
1150 ssize_t len; | |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1151 ngx_buf_t buf; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1152 ngx_uint_t do_close, nonprobing; |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1153 ngx_chain_t chain; |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1154 ngx_quic_frame_t frame; |
8225 | 1155 ngx_quic_connection_t *qc; |
1156 | |
8629
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8628
diff
changeset
|
1157 qc = ngx_quic_get_connection(c); |
8225 | 1158 |
1159 p = pkt->payload.data; | |
1160 end = p + pkt->payload.len; | |
1161 | |
1162 do_close = 0; | |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1163 nonprobing = 0; |
8225 | 1164 |
1165 while (p < end) { | |
1166 | |
8275 | 1167 c->log->action = "parsing frames"; |
1168 | |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1169 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1170 ngx_memzero(&buf, sizeof(ngx_buf_t)); |
8659
d9f673d18e9b
QUIC: set the temporary flag for input frame buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8658
diff
changeset
|
1171 buf.temporary = 1; |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1172 |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1173 chain.buf = &buf; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1174 chain.next = NULL; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1175 frame.data = &chain; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1176 |
8240
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
8239
diff
changeset
|
1177 len = ngx_quic_parse_frame(pkt, p, end, &frame); |
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
1178 |
8225 | 1179 if (len < 0) { |
8385
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
8384
diff
changeset
|
1180 qc->error = pkt->error; |
8225 | 1181 return NGX_ERROR; |
1182 } | |
1183 | |
8604
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
1184 ngx_quic_log_frame(c->log, &frame, 0); |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8603
diff
changeset
|
1185 |
8275 | 1186 c->log->action = "handling frames"; |
1187 | |
8225 | 1188 p += len; |
1189 | |
1190 switch (frame.type) { | |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1191 /* probing frames */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1192 case NGX_QUIC_FT_PADDING: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1193 case NGX_QUIC_FT_PATH_CHALLENGE: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1194 case NGX_QUIC_FT_PATH_RESPONSE: |
8776
901126931bd5
QUIC: consider NEW_CONNECTION_ID a probing frame.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
1195 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1196 break; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1197 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1198 /* non-probing frames */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1199 default: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1200 nonprobing = 1; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1201 break; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1202 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1203 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1204 switch (frame.type) { |
8225 | 1205 |
1206 case NGX_QUIC_FT_ACK: | |
8657
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8656
diff
changeset
|
1207 if (ngx_quic_handle_ack_frame(c, pkt, &frame) != NGX_OK) { |
8225 | 1208 return NGX_ERROR; |
1209 } | |
1210 | |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1211 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1212 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1213 case NGX_QUIC_FT_PADDING: |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1214 /* no action required */ |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1215 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1216 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1217 case NGX_QUIC_FT_CONNECTION_CLOSE: |
8458
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
8450
diff
changeset
|
1218 case NGX_QUIC_FT_CONNECTION_CLOSE_APP: |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1219 do_close = 1; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1220 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1221 } |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1222 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1223 /* got there with ack-eliciting packet */ |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1224 pkt->need_ack = 1; |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1225 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1226 switch (frame.type) { |
8225 | 1227 |
1228 case NGX_QUIC_FT_CRYPTO: | |
1229 | |
8333
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
8332
diff
changeset
|
1230 if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { |
8225 | 1231 return NGX_ERROR; |
1232 } | |
1233 | |
1234 break; | |
1235 | |
1236 case NGX_QUIC_FT_PING: | |
1237 break; | |
1238 | |
8820
4009f120cad4
QUIC: eliminated stream type from ngx_quic_stream_frame_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8816
diff
changeset
|
1239 case NGX_QUIC_FT_STREAM: |
8225 | 1240 |
8334
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8333
diff
changeset
|
1241 if (ngx_quic_handle_stream_frame(c, pkt, &frame) != NGX_OK) { |
8225 | 1242 return NGX_ERROR; |
1243 } | |
1244 | |
1245 break; | |
1246 | |
8237
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1247 case NGX_QUIC_FT_MAX_DATA: |
8365
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1248 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1249 if (ngx_quic_handle_max_data_frame(c, &frame.u.max_data) != NGX_OK) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1250 { |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1251 return NGX_ERROR; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1252 } |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1253 |
8237
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1254 break; |
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1255 |
8236
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1256 case NGX_QUIC_FT_STREAMS_BLOCKED: |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1257 case NGX_QUIC_FT_STREAMS_BLOCKED2: |
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1258 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1259 if (ngx_quic_handle_streams_blocked_frame(c, pkt, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1260 &frame.u.streams_blocked) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1261 != NGX_OK) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1262 { |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1263 return NGX_ERROR; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1264 } |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1265 |
8236
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1266 break; |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1267 |
8909
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1268 case NGX_QUIC_FT_DATA_BLOCKED: |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1269 |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1270 if (ngx_quic_handle_data_blocked_frame(c, pkt, |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1271 &frame.u.data_blocked) |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1272 != NGX_OK) |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1273 { |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1274 return NGX_ERROR; |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1275 } |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1276 |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1277 break; |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8882
diff
changeset
|
1278 |
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1279 case NGX_QUIC_FT_STREAM_DATA_BLOCKED: |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1280 |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1281 if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1282 &frame.u.stream_data_blocked) |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1283 != NGX_OK) |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1284 { |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1285 return NGX_ERROR; |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1286 } |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1287 |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1288 break; |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1289 |
8365
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1290 case NGX_QUIC_FT_MAX_STREAM_DATA: |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1291 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1292 if (ngx_quic_handle_max_stream_data_frame(c, pkt, |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1293 &frame.u.max_stream_data) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1294 != NGX_OK) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1295 { |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1296 return NGX_ERROR; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1297 } |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1298 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1299 break; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
8364
diff
changeset
|
1300 |
8428
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1301 case NGX_QUIC_FT_RESET_STREAM: |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1302 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1303 if (ngx_quic_handle_reset_stream_frame(c, pkt, |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1304 &frame.u.reset_stream) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1305 != NGX_OK) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1306 { |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1307 return NGX_ERROR; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1308 } |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1309 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1310 break; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1311 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1312 case NGX_QUIC_FT_STOP_SENDING: |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1313 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1314 if (ngx_quic_handle_stop_sending_frame(c, pkt, |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1315 &frame.u.stop_sending) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1316 != NGX_OK) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1317 { |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1318 return NGX_ERROR; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1319 } |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1320 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1321 break; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8427
diff
changeset
|
1322 |
8495
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1323 case NGX_QUIC_FT_MAX_STREAMS: |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1324 case NGX_QUIC_FT_MAX_STREAMS2: |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1325 |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1326 if (ngx_quic_handle_max_streams_frame(c, pkt, &frame.u.max_streams) |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1327 != NGX_OK) |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1328 { |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1329 return NGX_ERROR; |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1330 } |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1331 |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1332 break; |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8486
diff
changeset
|
1333 |
8531
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1334 case NGX_QUIC_FT_PATH_CHALLENGE: |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1335 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1336 if (ngx_quic_handle_path_challenge_frame(c, pkt, |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1337 &frame.u.path_challenge) |
8531
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1338 != NGX_OK) |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1339 { |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1340 return NGX_ERROR; |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1341 } |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1342 |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1343 break; |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8530
diff
changeset
|
1344 |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1345 case NGX_QUIC_FT_PATH_RESPONSE: |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1346 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8776
diff
changeset
|
1347 if (ngx_quic_handle_path_response_frame(c, &frame.u.path_response) |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1348 != NGX_OK) |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1349 { |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1350 return NGX_ERROR; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1351 } |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1352 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1353 break; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8736
diff
changeset
|
1354 |
8325
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
8322
diff
changeset
|
1355 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8538
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1356 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8776
diff
changeset
|
1357 if (ngx_quic_handle_new_connection_id_frame(c, &frame.u.ncid) |
8538
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1358 != NGX_OK) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1359 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1360 return NGX_ERROR; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1361 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1362 |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1363 break; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8536
diff
changeset
|
1364 |
8325
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
8322
diff
changeset
|
1365 case NGX_QUIC_FT_RETIRE_CONNECTION_ID: |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1366 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8776
diff
changeset
|
1367 if (ngx_quic_handle_retire_connection_id_frame(c, |
8628
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1368 &frame.u.retire_cid) |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1369 != NGX_OK) |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1370 { |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1371 return NGX_ERROR; |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1372 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1373 |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1374 break; |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8627
diff
changeset
|
1375 |
8225 | 1376 default: |
8346
4e4485793418
Added MAX_STREAM_DATA stub handler.
Vladimir Homutov <vl@nginx.com>
parents:
8345
diff
changeset
|
1377 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8359 | 1378 "quic missing frame handler"); |
8225 | 1379 return NGX_ERROR; |
1380 } | |
1381 } | |
1382 | |
1383 if (p != end) { | |
1384 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
8605
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8604
diff
changeset
|
1385 "quic trailing garbage in payload:%ui bytes", end - p); |
8385
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
8384
diff
changeset
|
1386 |
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
8384
diff
changeset
|
1387 qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
8225 | 1388 return NGX_ERROR; |
1389 } | |
1390 | |
1391 if (do_close) { | |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
1392 qc->draining = 1; |
9112
d59277dd3d8c
QUIC: fixed post-close use-after-free.
Roman Arutyunyan <arut@nginx.com>
parents:
9092
diff
changeset
|
1393 ngx_post_event(&qc->close, &ngx_posted_events); |
8225 | 1394 } |
1395 | |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1396 if (pkt->path != qc->path && nonprobing) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1397 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1398 /* |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1399 * RFC 9000, 9.2. Initiating Connection Migration |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1400 * |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1401 * An endpoint can migrate a connection to a new local |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1402 * address by sending packets containing non-probing frames |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1403 * from that address. |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1404 */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1405 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8953
diff
changeset
|
1406 return NGX_ERROR; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1407 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1408 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8753
diff
changeset
|
1409 |
8596
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1410 if (ngx_quic_ack_packet(c, pkt) != NGX_OK) { |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1411 return NGX_ERROR; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1412 } |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8595
diff
changeset
|
1413 |
8367
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1414 return NGX_OK; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1415 } |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1416 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8365
diff
changeset
|
1417 |
8309 | 1418 static void |
1419 ngx_quic_push_handler(ngx_event_t *ev) | |
1420 { | |
8334
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8333
diff
changeset
|
1421 ngx_connection_t *c; |
8309 | 1422 |
8978
c37ea624c307
QUIC: changed debug message.
Roman Arutyunyan <arut@nginx.com>
parents:
8971
diff
changeset
|
1423 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic push handler"); |
8309 | 1424 |
1425 c = ev->data; | |
1426 | |
1427 if (ngx_quic_output(c) != NGX_OK) { | |
8355
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
8354
diff
changeset
|
1428 ngx_quic_close_connection(c, NGX_ERROR); |
8309 | 1429 return; |
1430 } | |
8607
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
1431 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8606
diff
changeset
|
1432 ngx_quic_connstate_dbg(c); |
8309 | 1433 } |
1434 | |
1435 | |
8750
41807e581de9
QUIC: separate files for stream related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8749
diff
changeset
|
1436 void |
8724
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1437 ngx_quic_shutdown_quic(ngx_connection_t *c) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1438 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1439 ngx_quic_connection_t *qc; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1440 |
9051
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
1441 if (c->reusable) { |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
1442 qc = ngx_quic_get_connection(c); |
37d5dddabaea
QUIC: reusable mode for main connection.
Roman Arutyunyan <arut@nginx.com>
parents:
9050
diff
changeset
|
1443 ngx_quic_finalize_connection(c, qc->shutdown_code, qc->shutdown_reason); |
8724
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8717
diff
changeset
|
1444 } |
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1445 } |