Mercurial > hg > nginx
annotate src/event/ngx_event_quic.c @ 8212:e3c0b19a3a8a quic
Implemented ngx_quic_stream_send_chain() method.
- just call send in a loop
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Fri, 13 Mar 2020 15:56:10 +0300 |
parents | 6bc18966b8c1 |
children | 33a22e74101e |
rev | line source |
---|---|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2 /* |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
4 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
5 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
6 |
8171 | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
9 #include <ngx_event.h> |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
10 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
11 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
12 #define quic_version 0xff000018 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
13 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
14 #define NGX_AES_128_GCM_SHA256 0x1301 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
15 #define NGX_AES_256_GCM_SHA384 0x1302 |
8202
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
16 #define NGX_CHACHA20_POLY1305_SHA256 0x1303 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
17 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
18 #define NGX_QUIC_IV_LEN 12 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
19 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
20 #ifdef OPENSSL_IS_BORINGSSL |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
21 #define ngx_quic_cipher_t EVP_AEAD |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
22 #else |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
23 #define ngx_quic_cipher_t EVP_CIPHER |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
24 #endif |
8189
80a07843c711
Using SSL cipher suite id to obtain cipher/digest, part 1.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8188
diff
changeset
|
25 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
26 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
27 #if (NGX_HAVE_NONALIGNED) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
28 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
29 #define ngx_quic_parse_uint16(p) ntohs(*(uint16_t *) (p)) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
30 #define ngx_quic_parse_uint32(p) ntohl(*(uint32_t *) (p)) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
31 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
32 #define ngx_quic_write_uint16 ngx_quic_write_uint16_aligned |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
33 #define ngx_quic_write_uint32 ngx_quic_write_uint32_aligned |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
34 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
35 #else |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
36 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
37 #define ngx_quic_parse_uint16(p) ((p)[0] << 8 | (p)[1]) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
38 #define ngx_quic_parse_uint32(p) \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
39 ((uint32_t) (p)[0] << 24 | (p)[1] << 16 | (p)[2] << 8 | (p)[3]) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
40 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
41 #define ngx_quic_write_uint16(p, s) \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
42 ((p)[0] = (u_char) ((s) >> 8), \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
43 (p)[1] = (u_char) (s), \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
44 (p) + sizeof(uint16_t)) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
45 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
46 #define ngx_quic_write_uint32(p, s) \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
47 ((p)[0] = (u_char) ((s) >> 24), \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
48 (p)[1] = (u_char) ((s) >> 16), \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
49 (p)[2] = (u_char) ((s) >> 8), \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
50 (p)[3] = (u_char) (s), \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
51 (p) + sizeof(uint32_t)) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
52 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
53 #endif |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
54 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
55 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
56 #define ngx_quic_write_uint16_aligned(p, s) \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
57 (*(uint16_t *) (p) = htons((uint16_t) (s)), (p) + sizeof(uint16_t)) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
58 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
59 #define ngx_quic_write_uint32_aligned(p, s) \ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
60 (*(uint32_t *) (p) = htonl((uint32_t) (s)), (p) + sizeof(uint32_t)) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
61 |
8191
7bd7c4e24951
Macro for calculating size of varint.
Vladimir Homutov <vl@nginx.com>
parents:
8190
diff
changeset
|
62 #define ngx_quic_varint_len(value) \ |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
63 ((value) <= 63 ? 1 : ((uint32_t)value) <= 16383 ? 2 : ((uint64_t)value) <= 1073741823 ? 4 : 8) |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
64 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
65 |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
66 #if (NGX_DEBUG) |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
67 |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
68 #define ngx_quic_hexdump(log, fmt, data, len, ...) \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
69 do { \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
70 ngx_int_t m; \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
71 u_char buf[2048]; \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
72 \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
73 if (log->log_level & NGX_LOG_DEBUG_EVENT) { \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
74 m = ngx_hex_dump(buf, (u_char *) data, ngx_min(len, 1024)) - buf; \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
75 ngx_log_debug(NGX_LOG_DEBUG_EVENT, log, 0, \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
76 "%s: " fmt " %*s%s, len: %uz", \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
77 __FUNCTION__, __VA_ARGS__, m, buf, \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
78 len < 2048 ? "" : "...", len); \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
79 } \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
80 } while (0) |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
81 |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
82 #else |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
83 |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
84 #define ngx_quic_hexdump(log, fmt, data, len, ...) |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
85 |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
86 #endif |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
87 |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
88 #define ngx_quic_hexdump0(log, fmt, data, len) \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
89 ngx_quic_hexdump(log, fmt "%s", data, len, "") \ |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
90 |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
91 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
92 /* 17.2. Long Header Packets */ |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
93 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
94 #define NGX_QUIC_PKT_LONG 0x80 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
95 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
96 #define NGX_QUIC_PKT_INITIAL 0xc0 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
97 #define NGX_QUIC_PKT_HANDSHAKE 0xe0 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
98 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
99 /* 12.4. Frames and Frame Types */ |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
100 #define NGX_QUIC_FT_PADDING 0x00 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
101 #define NGX_QUIC_FT_PING 0x01 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
102 #define NGX_QUIC_FT_ACK 0x02 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
103 #define NGX_QUIC_FT_ACK_ECN 0x03 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
104 #define NGX_QUIC_FT_RESET_STREAM 0x04 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
105 #define NGX_QUIC_FT_STOP_SENDING 0x05 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
106 #define NGX_QUIC_FT_CRYPTO 0x06 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
107 #define NGX_QUIC_FT_NEW_TOKEN 0x07 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
108 #define NGX_QUIC_FT_STREAM0 0x08 |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
109 #define NGX_QUIC_FT_STREAM1 0x09 |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
110 #define NGX_QUIC_FT_STREAM2 0x0A |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
111 #define NGX_QUIC_FT_STREAM3 0x0B |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
112 #define NGX_QUIC_FT_STREAM4 0x0C |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
113 #define NGX_QUIC_FT_STREAM5 0x0D |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
114 #define NGX_QUIC_FT_STREAM6 0x0E |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
115 #define NGX_QUIC_FT_STREAM7 0x0F |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
116 #define NGX_QUIC_FT_MAX_DATA 0x10 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
117 #define NGX_QUIC_FT_MAX_STREAM_DATA 0x11 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
118 #define NGX_QUIC_FT_MAX_STREAMS 0x12 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
119 #define NGX_QUIC_FT_MAX_STREAMS2 0x13 // XXX |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
120 #define NGX_QUIC_FT_DATA_BLOCKED 0x14 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
121 #define NGX_QUIC_FT_STREAM_DATA_BLOCKED 0x15 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
122 #define NGX_QUIC_FT_STREAMS_BLOCKED 0x16 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
123 #define NGX_QUIC_FT_STREAMS_BLOCKED2 0x17 // XXX |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
124 #define NGX_QUIC_FT_NEW_CONNECTION_ID 0x18 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
125 #define NGX_QUIC_FT_RETIRE_CONNECTION_ID 0x19 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
126 #define NGX_QUIC_FT_PATH_CHALLENGE 0x1a |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
127 #define NGX_QUIC_FT_PATH_RESPONSE 0x1b |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
128 #define NGX_QUIC_FT_CONNECTION_CLOSE 0x1c |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
129 #define NGX_QUIC_FT_CONNECTION_CLOSE2 0x1d // XXX |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
130 #define NGX_QUIC_FT_HANDSHAKE_DONE 0x1e |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
131 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
132 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
133 #define ngx_quic_stream_bit_off(val) (((val) & 0x04) ? 1 : 0) |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
134 #define ngx_quic_stream_bit_len(val) (((val) & 0x02) ? 1 : 0) |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
135 #define ngx_quic_stream_bit_fin(val) (((val) & 0x01) ? 1 : 0) |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
136 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
137 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
138 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
139 /* TODO: real states, these are stubs */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
140 typedef enum { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
141 NGX_QUIC_ST_INITIAL, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
142 NGX_QUIC_ST_HANDSHAKE, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
143 NGX_QUIC_ST_APP_DATA |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
144 } ngx_quic_state_t; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
145 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
146 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
147 typedef struct { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
148 ngx_str_t secret; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
149 ngx_str_t key; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
150 ngx_str_t iv; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
151 ngx_str_t hp; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
152 } ngx_quic_secret_t; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
153 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
154 typedef struct { |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
155 const ngx_quic_cipher_t *c; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
156 const EVP_CIPHER *hp; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
157 const EVP_MD *d; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
158 } ngx_quic_ciphers_t; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
159 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
160 typedef enum ssl_encryption_level_t ngx_quic_level_t; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
161 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
162 typedef struct ngx_quic_frame_s ngx_quic_frame_t; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
163 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
164 typedef struct { |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
165 ngx_uint_t pn; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
166 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
167 // input |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
168 uint64_t largest; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
169 uint64_t delay; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
170 uint64_t range_count; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
171 uint64_t first_range; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
172 uint64_t ranges[20]; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
173 /* ecn counts */ |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
174 } ngx_quic_ack_frame_t; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
175 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
176 typedef struct { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
177 size_t offset; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
178 size_t len; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
179 u_char *data; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
180 } ngx_quic_crypto_frame_t; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
181 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
182 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
183 typedef struct { |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
184 uint64_t seqnum; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
185 uint64_t retire; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
186 uint64_t len; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
187 u_char cid[20]; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
188 u_char srt[16]; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
189 } ngx_quic_ncid_t; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
190 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
191 |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
192 typedef struct { |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
193 uint8_t type; |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
194 uint64_t stream_id; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
195 uint64_t offset; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
196 uint64_t length; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
197 u_char *data; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
198 } ngx_quic_stream_frame_t; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
199 |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
200 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
201 struct ngx_quic_frame_s { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
202 ngx_uint_t type; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
203 ngx_quic_level_t level; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
204 ngx_quic_frame_t *next; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
205 union { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
206 ngx_quic_crypto_frame_t crypto; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
207 ngx_quic_ack_frame_t ack; |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
208 ngx_quic_ncid_t ncid; |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
209 ngx_quic_stream_frame_t stream; |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
210 // more frames |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
211 } u; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
212 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
213 u_char info[128]; // for debug purposes |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
214 }; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
215 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
216 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
217 struct ngx_quic_connection_s { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
218 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
219 ngx_quic_state_t state; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
220 ngx_ssl_t *ssl; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
221 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
222 ngx_quic_frame_t *frames; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
223 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
224 ngx_str_t scid; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
225 ngx_str_t dcid; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
226 ngx_str_t token; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
227 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
228 /* current packet numbers for each namespace */ |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
229 ngx_uint_t initial_pn; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
230 ngx_uint_t handshake_pn; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
231 ngx_uint_t appdata_pn; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
232 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
233 ngx_quic_secret_t client_in; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
234 ngx_quic_secret_t client_hs; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
235 ngx_quic_secret_t client_ad; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
236 ngx_quic_secret_t server_in; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
237 ngx_quic_secret_t server_hs; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
238 ngx_quic_secret_t server_ad; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
239 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
240 /* streams */ |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
241 ngx_rbtree_t stree; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
242 ngx_rbtree_node_t stree_sentinel; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
243 ngx_msec_t stream_timeout; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
244 ngx_connection_handler_pt stream_handler; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
245 }; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
246 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
247 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
248 typedef struct { |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
249 ngx_rbtree_node_t node; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
250 ngx_buf_t *b; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
251 ngx_connection_t *c; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
252 ngx_quic_stream_t s; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
253 } ngx_quic_stream_node_t; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
254 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
255 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
256 typedef struct { |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
257 ngx_quic_secret_t *secret; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
258 ngx_uint_t type; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
259 ngx_uint_t *number; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
260 ngx_uint_t flags; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
261 uint32_t version; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
262 ngx_str_t token; |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
263 ngx_quic_level_t level; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
264 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
265 /* filled in by parser */ |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
266 ngx_buf_t *raw; /* udp datagram from wire */ |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
267 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
268 u_char *data; /* quic packet */ |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
269 size_t len; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
270 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
271 /* cleartext fields */ |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
272 ngx_str_t dcid; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
273 ngx_str_t scid; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
274 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
275 uint64_t pn; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
276 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
277 ngx_str_t payload; /* decrypted payload */ |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
278 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
279 } ngx_quic_header_t; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
280 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
281 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
282 static ngx_int_t ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
283 ngx_quic_header_t *pkt); |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
284 static void ngx_quic_close_connection(ngx_connection_t *c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
285 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
286 static ngx_quic_stream_node_t *ngx_quic_stream_lookup(ngx_rbtree_t *rbtree, |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
287 ngx_uint_t key); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
288 static void ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
289 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
290 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
291 static void ngx_quic_handshake_handler(ngx_event_t *rev); |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
292 static ngx_int_t ngx_quic_handshake_input(ngx_connection_t *c, |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
293 ngx_quic_header_t *pkt); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
294 static ngx_int_t ngx_quic_app_input(ngx_connection_t *c, |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
295 ngx_quic_header_t *pkt); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
296 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
297 |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
298 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
299 static int ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
300 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
301 const uint8_t *secret, size_t secret_len); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
302 static int ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
303 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
304 const uint8_t *secret, size_t secret_len); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
305 #else |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
306 static int ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
307 enum ssl_encryption_level_t level, const uint8_t *read_secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
308 const uint8_t *write_secret, size_t secret_len); |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
309 #endif |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
310 static int ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
311 enum ssl_encryption_level_t level, const uint8_t *data, size_t len); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
312 static ngx_int_t ngx_quic_create_long_packet(ngx_connection_t *c, |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
313 ngx_ssl_conn_t *ssl_conn, ngx_quic_header_t *pkt, ngx_str_t *in, |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
314 ngx_str_t *res); |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
315 static ngx_int_t ngx_quic_create_short_packet(ngx_connection_t *c, |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
316 ngx_ssl_conn_t *ssl_conn, ngx_quic_header_t *pkt, ngx_str_t *in, |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
317 ngx_str_t *res); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
318 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
319 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
320 enum ssl_encryption_level_t level, uint8_t alert); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
321 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
322 static ngx_int_t ngx_quic_process_long_header(ngx_connection_t *c, |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
323 ngx_quic_header_t *pkt); |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
324 static ngx_int_t ngx_quic_process_short_header(ngx_connection_t *c, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
325 ngx_quic_header_t *pkt); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
326 static ngx_int_t ngx_quic_process_initial_header(ngx_connection_t *c, |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
327 ngx_quic_header_t *pkt); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
328 static ngx_int_t ngx_quic_process_handshake_header(ngx_connection_t *c, |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
329 ngx_quic_header_t *pkt); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
330 static ngx_int_t ngx_quic_initial_secret(ngx_connection_t *c); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
331 static ngx_int_t ngx_quic_decrypt(ngx_connection_t *c, ngx_quic_header_t *pkt); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
332 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
333 static uint64_t ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
334 static uint64_t ngx_quic_parse_int(u_char **pos); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
335 static void ngx_quic_build_int(u_char **pos, uint64_t value); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
336 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
337 static ngx_int_t ngx_hkdf_extract(u_char *out_key, size_t *out_len, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
338 const EVP_MD *digest, const u_char *secret, size_t secret_len, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
339 const u_char *salt, size_t salt_len); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
340 static ngx_int_t ngx_hkdf_expand(u_char *out_key, size_t out_len, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
341 const EVP_MD *digest, const u_char *prk, size_t prk_len, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
342 const u_char *info, size_t info_len); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
343 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
344 static ngx_int_t ngx_quic_hkdf_expand(ngx_connection_t *c, const EVP_MD *digest, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
345 ngx_str_t *out, ngx_str_t *label, const uint8_t *prk, size_t prk_len); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
346 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
347 static ngx_int_t ngx_quic_tls_open(ngx_connection_t *c, |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
348 const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, ngx_str_t *out, |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
349 u_char *nonce, ngx_str_t *in, ngx_str_t *ad); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
350 static ngx_int_t ngx_quic_tls_seal(ngx_connection_t *c, |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
351 const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, ngx_str_t *out, |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
352 u_char *nonce, ngx_str_t *in, ngx_str_t *ad); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
353 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
354 static ngx_int_t ngx_quic_tls_hp(ngx_connection_t *c, const EVP_CIPHER *cipher, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
355 ngx_quic_secret_t *s, u_char *out, u_char *in); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
356 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
357 static ngx_int_t ngx_quic_ciphers(ngx_connection_t *c, |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
358 ngx_quic_ciphers_t *ciphers, enum ssl_encryption_level_t level); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
359 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
360 static ssize_t ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
361 size_t size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
362 static ssize_t ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
363 size_t size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
364 static ngx_chain_t *ngx_quic_stream_send_chain(ngx_connection_t *c, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
365 ngx_chain_t *in, off_t limit); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
366 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
367 static SSL_QUIC_METHOD quic_method = { |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
368 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
369 ngx_quic_set_read_secret, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
370 ngx_quic_set_write_secret, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
371 #else |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
372 ngx_quic_set_encryption_secrets, |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
373 #endif |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
374 ngx_quic_add_handshake_data, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
375 ngx_quic_flush_flight, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
376 ngx_quic_send_alert, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
377 }; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
378 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
379 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
380 void |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
381 ngx_quic_init_ssl_methods(SSL_CTX* ctx) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
382 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
383 SSL_CTX_set_quic_method(ctx, &quic_method); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
384 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
385 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
386 |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
387 void |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
388 ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_msec_t timeout, |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
389 ngx_connection_handler_pt handler) |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
390 { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
391 ngx_buf_t *b; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
392 ngx_quic_header_t pkt; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
393 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
394 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic handshake"); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
395 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
396 c->log->action = "QUIC handshaking"; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
397 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
398 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
399 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
400 b = c->buffer; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
401 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
402 pkt.raw = b; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
403 pkt.data = b->start; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
404 pkt.len = b->last - b->start; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
405 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
406 if (ngx_quic_new_connection(c, ssl, &pkt) != NGX_OK) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
407 ngx_quic_close_connection(c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
408 return; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
409 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
410 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
411 // we don't need stream handler for initial packet processing |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
412 c->quic->stream_handler = handler; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
413 c->quic->stream_timeout = timeout; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
414 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
415 ngx_add_timer(c->read, timeout); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
416 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
417 c->read->handler = ngx_quic_handshake_handler; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
418 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
419 return; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
420 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
421 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
422 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
423 static void |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
424 ngx_quic_handshake_handler(ngx_event_t *rev) |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
425 { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
426 ssize_t n; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
427 ngx_connection_t *c; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
428 u_char buf[512]; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
429 ngx_buf_t b; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
430 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
431 b.start = buf; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
432 b.end = buf + 512; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
433 b.pos = b.last = b.start; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
434 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
435 c = rev->data; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
436 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
437 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic handshake handler"); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
438 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
439 if (rev->timedout) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
440 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
441 ngx_quic_close_connection(c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
442 return; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
443 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
444 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
445 if (c->close) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
446 ngx_quic_close_connection(c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
447 return; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
448 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
449 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
450 n = c->recv(c, b.start, b.end - b.start); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
451 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
452 if (n == NGX_AGAIN) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
453 return; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
454 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
455 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
456 if (n == NGX_ERROR) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
457 c->read->eof = 1; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
458 ngx_quic_close_connection(c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
459 return; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
460 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
461 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
462 b.last += n; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
463 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
464 if (ngx_quic_input(c, NULL, &b) != NGX_OK) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
465 ngx_quic_close_connection(c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
466 return; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
467 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
468 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
469 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
470 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
471 static void |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
472 ngx_quic_close_connection(ngx_connection_t *c) |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
473 { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
474 ngx_pool_t *pool; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
475 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
476 /* XXX wait for all streams to close */ |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
477 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
478 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
479 "close quic connection: %d", c->fd); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
480 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
481 (void) ngx_ssl_shutdown(c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
482 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
483 #if (NGX_STAT_STUB) |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
484 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
485 #endif |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
486 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
487 c->destroyed = 1; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
488 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
489 pool = c->pool; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
490 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
491 ngx_close_connection(c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
492 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
493 ngx_destroy_pool(pool); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
494 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
495 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
496 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
497 ngx_connection_t * |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
498 ngx_quic_create_uni_stream(ngx_connection_t *c) |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
499 { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
500 /* XXX */ |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
501 return NULL; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
502 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
503 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
504 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
505 ngx_int_t |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
506 ngx_quic_input(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_buf_t *b) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
507 { |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
508 u_char *p; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
509 ngx_quic_header_t pkt; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
510 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
511 if (c->quic == NULL) { |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
512 // XXX: possible? |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
513 ngx_log_error(NGX_LOG_INFO, c->log, 0, "BUG: no QUIC in connection"); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
514 return NGX_ERROR; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
515 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
516 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
517 p = b->start; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
518 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
519 do { |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
520 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
521 pkt.raw = b; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
522 pkt.data = p; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
523 pkt.len = b->last - p; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
524 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
525 if (p[0] & NGX_QUIC_PKT_LONG) { |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
526 // TODO: check current state |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
527 if (ngx_quic_handshake_input(c, &pkt) != NGX_OK) { |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
528 return NGX_ERROR; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
529 } |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
530 } else { |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
531 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
532 if (ngx_quic_app_input(c, &pkt) != NGX_OK) { |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
533 return NGX_ERROR; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
534 } |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
535 } |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
536 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
537 /* b->pos is at header end, adjust by actual packet length */ |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
538 p = b->pos + pkt.len; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
539 b->pos = p; /* reset b->pos to the next packet start */ |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
540 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
541 } while (p < b->last); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
542 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
543 return NGX_OK; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
544 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
545 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
546 static ngx_int_t |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
547 ngx_quic_send_packet(ngx_connection_t *c, ngx_quic_connection_t *qc, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
548 ngx_quic_level_t level, ngx_str_t *payload) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
549 { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
550 ngx_str_t res; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
551 ngx_quic_header_t pkt; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
552 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
553 static ngx_str_t initial_token = ngx_null_string; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
554 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
555 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
556 ngx_quic_hexdump0(c->log, "payload", payload->data, payload->len); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
557 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
558 pkt.level = level; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
559 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
560 if (level == ssl_encryption_initial) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
561 pkt.number = &qc->initial_pn; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
562 pkt.flags = NGX_QUIC_PKT_INITIAL; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
563 pkt.secret = &qc->server_in; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
564 pkt.token = initial_token; |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
565 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
566 if (ngx_quic_create_long_packet(c, c->ssl->connection, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
567 &pkt, payload, &res) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
568 != NGX_OK) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
569 { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
570 return NGX_ERROR; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
571 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
572 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
573 } else if (level == ssl_encryption_handshake) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
574 pkt.number = &qc->handshake_pn; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
575 pkt.flags = NGX_QUIC_PKT_HANDSHAKE; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
576 pkt.secret = &qc->server_hs; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
577 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
578 if (ngx_quic_create_long_packet(c, c->ssl->connection, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
579 &pkt, payload, &res) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
580 != NGX_OK) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
581 { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
582 return NGX_ERROR; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
583 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
584 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
585 } else { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
586 pkt.number = &qc->appdata_pn; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
587 pkt.secret = &qc->server_ad; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
588 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
589 if (ngx_quic_create_short_packet(c, c->ssl->connection, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
590 &pkt, payload, &res) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
591 != NGX_OK) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
592 { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
593 return NGX_ERROR; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
594 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
595 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
596 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
597 ngx_quic_hexdump0(c->log, "packet to send", res.data, res.len); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
598 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
599 c->send(c, res.data, res.len); // TODO: err handling |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
600 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
601 return NGX_OK; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
602 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
603 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
604 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
605 static size_t |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
606 ngx_quic_create_ack(u_char *p, ngx_quic_ack_frame_t *ack) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
607 { |
8209
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
608 size_t len; |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
609 |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
610 /* minimal ACK packet */ |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
611 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
612 if (p == NULL) { |
8209
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
613 len = ngx_quic_varint_len(NGX_QUIC_FT_ACK); |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
614 len += ngx_quic_varint_len(ack->pn); |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
615 len += ngx_quic_varint_len(0); |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
616 len += ngx_quic_varint_len(0); |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
617 len += ngx_quic_varint_len(ack->pn); |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
618 |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
619 return len; |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
620 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
621 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
622 ngx_quic_build_int(&p, NGX_QUIC_FT_ACK); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
623 ngx_quic_build_int(&p, ack->pn); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
624 ngx_quic_build_int(&p, 0); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
625 ngx_quic_build_int(&p, 0); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
626 ngx_quic_build_int(&p, ack->pn); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
627 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
628 return 5; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
629 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
630 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
631 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
632 static size_t |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
633 ngx_quic_create_crypto(u_char *p, ngx_quic_crypto_frame_t *crypto) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
634 { |
8209
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
635 size_t len; |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
636 u_char *start; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
637 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
638 if (p == NULL) { |
8209
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
639 len = ngx_quic_varint_len(NGX_QUIC_FT_CRYPTO); |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
640 len += ngx_quic_varint_len(crypto->offset); |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
641 len += ngx_quic_varint_len(crypto->len); |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
642 len += crypto->len; |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
643 |
36fe31ce9582
Removed hardcoded CRYPTO and ACK frame sizes.
Vladimir Homutov <vl@nginx.com>
parents:
8208
diff
changeset
|
644 return len; |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
645 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
646 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
647 start = p; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
648 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
649 ngx_quic_build_int(&p, NGX_QUIC_FT_CRYPTO); |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
650 ngx_quic_build_int(&p, crypto->offset); |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
651 ngx_quic_build_int(&p, crypto->len); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
652 p = ngx_cpymem(p, crypto->data, crypto->len); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
653 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
654 return p - start; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
655 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
656 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
657 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
658 static size_t |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
659 ngx_quic_create_stream(u_char *p, ngx_quic_stream_frame_t *sf) |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
660 { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
661 size_t len; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
662 u_char *start; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
663 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
664 if (!ngx_quic_stream_bit_len(sf->type)) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
665 #if 0 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
666 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
667 "attempt to generate a stream frame without length"); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
668 #endif |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
669 // XXX: handle error in caller |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
670 return NGX_ERROR; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
671 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
672 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
673 if (p == NULL) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
674 len = ngx_quic_varint_len(sf->type); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
675 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
676 if (ngx_quic_stream_bit_off(sf->type)) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
677 len += ngx_quic_varint_len(sf->offset); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
678 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
679 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
680 len += ngx_quic_varint_len(sf->stream_id); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
681 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
682 /* length is always present in generated frames */ |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
683 len += ngx_quic_varint_len(sf->length); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
684 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
685 len += sf->length; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
686 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
687 return len; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
688 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
689 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
690 start = p; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
691 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
692 ngx_quic_build_int(&p, sf->type); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
693 ngx_quic_build_int(&p, sf->stream_id); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
694 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
695 if (ngx_quic_stream_bit_off(sf->type)) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
696 ngx_quic_build_int(&p, sf->offset); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
697 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
698 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
699 /* length is always present in generated frames */ |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
700 ngx_quic_build_int(&p, sf->length); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
701 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
702 p = ngx_cpymem(p, sf->data, sf->length); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
703 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
704 return p - start; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
705 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
706 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
707 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
708 size_t |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
709 ngx_quic_frame_len(ngx_quic_frame_t *frame) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
710 { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
711 switch (frame->type) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
712 case NGX_QUIC_FT_ACK: |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
713 return ngx_quic_create_ack(NULL, &frame->u.ack); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
714 case NGX_QUIC_FT_CRYPTO: |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
715 return ngx_quic_create_crypto(NULL, &frame->u.crypto); |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
716 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
717 case NGX_QUIC_FT_STREAM0: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
718 case NGX_QUIC_FT_STREAM1: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
719 case NGX_QUIC_FT_STREAM2: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
720 case NGX_QUIC_FT_STREAM3: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
721 case NGX_QUIC_FT_STREAM4: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
722 case NGX_QUIC_FT_STREAM5: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
723 case NGX_QUIC_FT_STREAM6: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
724 case NGX_QUIC_FT_STREAM7: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
725 return ngx_quic_create_stream(NULL, &frame->u.stream); |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
726 default: |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
727 /* BUG: unsupported frame type generated */ |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
728 return 0; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
729 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
730 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
731 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
732 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
733 /* pack a group of frames [start; end) into memory p and send as single packet */ |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
734 ngx_int_t |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
735 ngx_quic_frames_send(ngx_connection_t *c, ngx_quic_frame_t *start, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
736 ngx_quic_frame_t *end, size_t total) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
737 { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
738 u_char *p; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
739 ngx_str_t out; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
740 ngx_quic_frame_t *f; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
741 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
742 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
743 "sending frames %p...%p", start, end); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
744 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
745 p = ngx_pnalloc(c->pool, total); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
746 if (p == NULL) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
747 return NGX_ERROR; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
748 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
749 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
750 out.data = p; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
751 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
752 for (f = start; f != end; f = f->next) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
753 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
754 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "frame: %s", f->info); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
755 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
756 switch (f->type) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
757 case NGX_QUIC_FT_ACK: |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
758 p += ngx_quic_create_ack(p, &f->u.ack); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
759 break; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
760 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
761 case NGX_QUIC_FT_CRYPTO: |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
762 p += ngx_quic_create_crypto(p, &f->u.crypto); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
763 break; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
764 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
765 case NGX_QUIC_FT_STREAM0: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
766 case NGX_QUIC_FT_STREAM1: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
767 case NGX_QUIC_FT_STREAM2: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
768 case NGX_QUIC_FT_STREAM3: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
769 case NGX_QUIC_FT_STREAM4: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
770 case NGX_QUIC_FT_STREAM5: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
771 case NGX_QUIC_FT_STREAM6: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
772 case NGX_QUIC_FT_STREAM7: |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
773 p += ngx_quic_create_stream(p, &f->u.stream); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
774 break; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
775 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
776 default: |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
777 /* BUG: unsupported frame type generated */ |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
778 return NGX_ERROR; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
779 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
780 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
781 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
782 out.len = p - out.data; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
783 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
784 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
785 "packet ready: %ui bytes at level %d", |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
786 out.len, start->level); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
787 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
788 // IOVEC/sendmsg_chain ? |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
789 if (ngx_quic_send_packet(c, c->quic, start->level, &out) != NGX_OK) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
790 return NGX_ERROR; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
791 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
792 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
793 return NGX_OK; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
794 } |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
795 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
796 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
797 ngx_int_t |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
798 ngx_quic_output(ngx_connection_t *c) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
799 { |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
800 size_t len; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
801 ngx_uint_t lvl; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
802 ngx_quic_frame_t *f, *start; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
803 ngx_quic_connection_t *qc; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
804 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
805 qc = c->quic; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
806 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
807 if (qc->frames == NULL) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
808 return NGX_OK; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
809 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
810 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
811 lvl = qc->frames->level; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
812 start = qc->frames; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
813 f = start; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
814 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
815 do { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
816 len = 0; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
817 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
818 do { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
819 /* process same-level group of frames */ |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
820 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
821 len += ngx_quic_frame_len(f);// TODO: handle overflow, max size |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
822 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
823 f = f->next; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
824 } while (f && f->level == lvl); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
825 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
826 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
827 if (ngx_quic_frames_send(c, start, f, len) != NGX_OK) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
828 return NGX_ERROR; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
829 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
830 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
831 if (f == NULL) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
832 break; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
833 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
834 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
835 lvl = f->level; // TODO: must not decrease (ever, also between calls) |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
836 start = f; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
837 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
838 } while (1); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
839 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
840 qc->frames = NULL; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
841 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
842 return NGX_OK; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
843 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
844 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
845 |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
846 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
847 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
848 static int |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
849 ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
850 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
851 const uint8_t *secret, size_t secret_len) |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
852 { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
853 ngx_int_t key_len; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
854 ngx_uint_t i; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
855 ngx_connection_t *c; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
856 ngx_quic_secret_t *client; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
857 ngx_quic_ciphers_t ciphers; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
858 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
859 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
860 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
861 ngx_quic_hexdump(c->log, "level:%d read", secret, secret_len, level); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
862 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
863 key_len = ngx_quic_ciphers(c, &ciphers, level); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
864 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
865 if (key_len == NGX_ERROR) { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
866 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "unexpected cipher"); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
867 return 0; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
868 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
869 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
870 switch (level) { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
871 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
872 case ssl_encryption_handshake: |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
873 client = &c->quic->client_hs; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
874 break; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
875 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
876 case ssl_encryption_application: |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
877 client = &c->quic->client_ad; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
878 break; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
879 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
880 default: |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
881 return 0; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
882 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
883 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
884 client->key.len = key_len; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
885 client->iv.len = NGX_QUIC_IV_LEN; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
886 client->hp.len = key_len; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
887 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
888 struct { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
889 ngx_str_t label; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
890 ngx_str_t *key; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
891 const uint8_t *secret; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
892 } seq[] = { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
893 { ngx_string("tls13 quic key"), &client->key, secret }, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
894 { ngx_string("tls13 quic iv"), &client->iv, secret }, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
895 { ngx_string("tls13 quic hp"), &client->hp, secret }, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
896 }; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
897 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
898 for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
899 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
900 if (ngx_quic_hkdf_expand(c, ciphers.d, seq[i].key, &seq[i].label, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
901 seq[i].secret, secret_len) |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
902 != NGX_OK) |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
903 { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
904 return 0; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
905 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
906 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
907 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
908 return 1; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
909 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
910 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
911 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
912 static int |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
913 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
914 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
915 const uint8_t *secret, size_t secret_len) |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
916 { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
917 ngx_int_t key_len; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
918 ngx_uint_t i; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
919 ngx_connection_t *c; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
920 ngx_quic_secret_t *server; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
921 ngx_quic_ciphers_t ciphers; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
922 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
923 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
924 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
925 ngx_quic_hexdump(c->log, "level:%d write", secret, secret_len, level); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
926 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
927 key_len = ngx_quic_ciphers(c, &ciphers, level); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
928 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
929 if (key_len == NGX_ERROR) { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
930 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "unexpected cipher"); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
931 return 0; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
932 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
933 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
934 switch (level) { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
935 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
936 case ssl_encryption_handshake: |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
937 server = &c->quic->server_hs; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
938 break; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
939 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
940 case ssl_encryption_application: |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
941 server = &c->quic->server_ad; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
942 break; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
943 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
944 default: |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
945 return 0; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
946 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
947 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
948 server->key.len = key_len; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
949 server->iv.len = NGX_QUIC_IV_LEN; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
950 server->hp.len = key_len; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
951 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
952 struct { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
953 ngx_str_t label; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
954 ngx_str_t *key; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
955 const uint8_t *secret; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
956 } seq[] = { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
957 { ngx_string("tls13 quic key"), &server->key, secret }, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
958 { ngx_string("tls13 quic iv"), &server->iv, secret }, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
959 { ngx_string("tls13 quic hp"), &server->hp, secret }, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
960 }; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
961 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
962 for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
963 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
964 if (ngx_quic_hkdf_expand(c, ciphers.d, seq[i].key, &seq[i].label, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
965 seq[i].secret, secret_len) |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
966 != NGX_OK) |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
967 { |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
968 return 0; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
969 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
970 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
971 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
972 return 1; |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
973 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
974 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
975 #else |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
976 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
977 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
978 ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
979 enum ssl_encryption_level_t level, const uint8_t *read_secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
980 const uint8_t *write_secret, size_t secret_len) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
981 { |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
982 ngx_int_t key_len; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
983 ngx_uint_t i; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
984 ngx_connection_t *c; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
985 ngx_quic_secret_t *client, *server; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
986 ngx_quic_ciphers_t ciphers; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
987 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
988 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
989 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
990 ngx_quic_hexdump(c->log, "level:%d read", read_secret, secret_len, level); |
8196
d447168ed13f
Fixed write secret logging in set_encryption_secrets callback.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
991 ngx_quic_hexdump(c->log, "level:%d write", write_secret, secret_len, level); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
992 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
993 key_len = ngx_quic_ciphers(c, &ciphers, level); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
994 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
995 if (key_len == NGX_ERROR) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
996 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "unexpected cipher"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
997 return 0; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
998 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
999 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1000 switch (level) { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1001 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1002 case ssl_encryption_handshake: |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1003 client = &c->quic->client_hs; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1004 server = &c->quic->server_hs; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1005 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1006 break; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1007 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1008 case ssl_encryption_application: |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1009 client = &c->quic->client_ad; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1010 server = &c->quic->server_ad; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1011 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1012 break; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1013 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1014 default: |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1015 return 0; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1016 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1017 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1018 client->key.len = key_len; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1019 server->key.len = key_len; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1020 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1021 client->iv.len = NGX_QUIC_IV_LEN; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1022 server->iv.len = NGX_QUIC_IV_LEN; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1023 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1024 client->hp.len = key_len; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1025 server->hp.len = key_len; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1026 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1027 struct { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1028 ngx_str_t label; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1029 ngx_str_t *key; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1030 const uint8_t *secret; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1031 } seq[] = { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1032 { ngx_string("tls13 quic key"), &client->key, read_secret }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1033 { ngx_string("tls13 quic iv"), &client->iv, read_secret }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1034 { ngx_string("tls13 quic hp"), &client->hp, read_secret }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1035 { ngx_string("tls13 quic key"), &server->key, write_secret }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1036 { ngx_string("tls13 quic iv"), &server->iv, write_secret }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1037 { ngx_string("tls13 quic hp"), &server->hp, write_secret }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1038 }; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1039 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1040 for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1041 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1042 if (ngx_quic_hkdf_expand(c, ciphers.d, seq[i].key, &seq[i].label, |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1043 seq[i].secret, secret_len) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1044 != NGX_OK) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1045 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1046 return 0; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1047 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1048 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1049 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1050 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1051 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1052 |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
1053 #endif |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
1054 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1055 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1056 static ngx_int_t |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1057 ngx_quic_create_long_packet(ngx_connection_t *c, ngx_ssl_conn_t *ssl_conn, |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1058 ngx_quic_header_t *pkt, ngx_str_t *payload, ngx_str_t *res) |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1059 { |
8189
80a07843c711
Using SSL cipher suite id to obtain cipher/digest, part 1.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8188
diff
changeset
|
1060 u_char *p, *pnp, *nonce, *sample, *packet; |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1061 ngx_str_t ad, out; |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1062 ngx_quic_ciphers_t ciphers; |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1063 ngx_quic_connection_t *qc; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1064 u_char mask[16]; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1065 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1066 qc = c->quic; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1067 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1068 out.len = payload->len + EVP_GCM_TLS_TAG_LEN; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1069 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1070 ad.data = ngx_alloc(346 /*max header*/, c->log); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1071 if (ad.data == 0) { |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1072 return NGX_ERROR; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1073 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1074 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1075 p = ad.data; |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1076 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1077 *p++ = pkt->flags; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1078 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1079 p = ngx_quic_write_uint32(p, quic_version); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1080 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1081 *p++ = qc->scid.len; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1082 p = ngx_cpymem(p, qc->scid.data, qc->scid.len); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1083 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1084 *p++ = qc->dcid.len; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1085 p = ngx_cpymem(p, qc->dcid.data, qc->dcid.len); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1086 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1087 if (pkt->level == ssl_encryption_initial) { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1088 ngx_quic_build_int(&p, pkt->token.len); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1089 } |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1090 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1091 ngx_quic_build_int(&p, out.len + 1); // length (inc. pnl) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1092 pnp = p; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1093 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1094 *p++ = (*pkt->number)++; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1095 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1096 ad.len = p - ad.data; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1097 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1098 ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1099 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1100 if (ngx_quic_ciphers(c, &ciphers, pkt->level) == NGX_ERROR) { |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1101 return NGX_ERROR; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1102 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1103 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1104 nonce = ngx_pstrdup(c->pool, &pkt->secret->iv); |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1105 if (pkt->level == ssl_encryption_handshake) { |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1106 nonce[11] ^= (*pkt->number - 1); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1107 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1108 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1109 ngx_quic_hexdump0(c->log, "server_iv", pkt->secret->iv.data, 12); |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1110 ngx_quic_hexdump0(c->log, "nonce", nonce, 12); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1111 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1112 if (ngx_quic_tls_seal(c, ciphers.c, pkt->secret, &out, nonce, payload, &ad) |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1113 != NGX_OK) |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1114 { |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1115 return NGX_ERROR; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1116 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1117 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1118 sample = &out.data[3]; // pnl=0 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1119 if (ngx_quic_tls_hp(c, ciphers.hp, pkt->secret, mask, sample) != NGX_OK) { |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1120 return NGX_ERROR; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1121 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1122 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1123 ngx_quic_hexdump0(c->log, "sample", sample, 16); |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1124 ngx_quic_hexdump0(c->log, "mask", mask, 16); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1125 ngx_quic_hexdump0(c->log, "hp_key", pkt->secret->hp.data, 16); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1126 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1127 // header protection, pnl = 0 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1128 ad.data[0] ^= mask[0] & 0x0f; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1129 *pnp ^= mask[1]; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1130 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1131 packet = ngx_alloc(ad.len + out.len, c->log); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1132 if (packet == 0) { |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1133 return NGX_ERROR; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1134 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1135 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1136 p = ngx_cpymem(packet, ad.data, ad.len); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1137 p = ngx_cpymem(p, out.data, out.len); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1138 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1139 res->data = packet; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1140 res->len = p - packet; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1141 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1142 return NGX_OK; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1143 } |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1144 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1145 |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1146 static ngx_int_t |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1147 ngx_quic_create_short_packet(ngx_connection_t *c, ngx_ssl_conn_t *ssl_conn, |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1148 ngx_quic_header_t *pkt, ngx_str_t *payload, ngx_str_t *res) |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1149 { |
8189
80a07843c711
Using SSL cipher suite id to obtain cipher/digest, part 1.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8188
diff
changeset
|
1150 u_char *p, *pnp, *nonce, *sample, *packet; |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1151 ngx_str_t ad, out; |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1152 ngx_quic_ciphers_t ciphers; |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1153 ngx_quic_connection_t *qc; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1154 u_char mask[16]; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1155 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1156 qc = c->quic; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1157 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1158 out.len = payload->len + EVP_GCM_TLS_TAG_LEN; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1159 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1160 ad.data = ngx_alloc(25 /*max header*/, c->log); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1161 if (ad.data == 0) { |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1162 return NGX_ERROR; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1163 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1164 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1165 p = ad.data; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1166 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1167 *p++ = 0x40; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1168 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1169 p = ngx_cpymem(p, qc->scid.data, qc->scid.len); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1170 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1171 pnp = p; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1172 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1173 *p++ = (*pkt->number)++; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1174 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1175 ad.len = p - ad.data; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1176 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1177 ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1178 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1179 if (ngx_quic_ciphers(c, &ciphers, pkt->level) == NGX_ERROR) { |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1180 return NGX_ERROR; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1181 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1182 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1183 nonce = ngx_pstrdup(c->pool, &pkt->secret->iv); |
8200
9582adbc7d70
Fixed nonce in short packet protection.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8199
diff
changeset
|
1184 if (pkt->level == ssl_encryption_handshake |
9582adbc7d70
Fixed nonce in short packet protection.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8199
diff
changeset
|
1185 || pkt->level == ssl_encryption_application) |
9582adbc7d70
Fixed nonce in short packet protection.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8199
diff
changeset
|
1186 { |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1187 nonce[11] ^= (*pkt->number - 1); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1188 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1189 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1190 ngx_quic_hexdump0(c->log, "server_iv", pkt->secret->iv.data, 12); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1191 ngx_quic_hexdump0(c->log, "nonce", nonce, 12); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1192 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1193 if (ngx_quic_tls_seal(c, ciphers.c, pkt->secret, &out, nonce, payload, &ad) |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1194 != NGX_OK) |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1195 { |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1196 return NGX_ERROR; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1197 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1198 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1199 ngx_quic_hexdump0(c->log, "out", out.data, out.len); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1200 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1201 sample = &out.data[3]; // pnl=0 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1202 if (ngx_quic_tls_hp(c, ciphers.hp, pkt->secret, mask, sample) != NGX_OK) { |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1203 return NGX_ERROR; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1204 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1205 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1206 ngx_quic_hexdump0(c->log, "sample", sample, 16); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1207 ngx_quic_hexdump0(c->log, "mask", mask, 16); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1208 ngx_quic_hexdump0(c->log, "hp_key", pkt->secret->hp.data, 16); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1209 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1210 // header protection, pnl = 0 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1211 ad.data[0] ^= mask[0] & 0x1f; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1212 *pnp ^= mask[1]; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1213 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1214 packet = ngx_alloc(ad.len + out.len, c->log); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1215 if (packet == 0) { |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1216 return NGX_ERROR; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1217 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1218 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1219 p = ngx_cpymem(packet, ad.data, ad.len); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1220 p = ngx_cpymem(p, out.data, out.len); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1221 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1222 ngx_quic_hexdump0(c->log, "packet", packet, p - packet); |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1223 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1224 res->data = packet; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1225 res->len = p - packet; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1226 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1227 return NGX_OK; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1228 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1229 |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
1230 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1231 static void |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1232 ngx_quic_queue_frame(ngx_quic_connection_t *qc, ngx_quic_frame_t *frame) |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1233 { |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1234 ngx_quic_frame_t *f; |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1235 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1236 if (qc->frames == NULL) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1237 qc->frames = frame; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1238 return; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1239 } |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1240 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1241 for (f = qc->frames; f->next; f = f->next) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1242 if (f->next->level > frame->level) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1243 break; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1244 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1245 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1246 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1247 frame->next = f->next; |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1248 f->next = frame; |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1249 } |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1250 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1251 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1252 static int |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1253 ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1254 enum ssl_encryption_level_t level, const uint8_t *data, size_t len) |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1255 { |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1256 u_char *p; |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1257 ngx_quic_frame_t *frame; |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1258 ngx_connection_t *c; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1259 ngx_quic_connection_t *qc; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1260 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1261 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1262 qc = c->quic; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1263 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1264 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1265 "ngx_quic_add_handshake_data"); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1266 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1267 frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1268 if (frame == NULL) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1269 return 0; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1270 } |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1271 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1272 p = ngx_pnalloc(c->pool, len); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1273 if (p == NULL) { |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1274 return 0; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1275 } |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1276 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1277 ngx_memcpy(p, data, len); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1278 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1279 frame->level = level; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1280 frame->type = NGX_QUIC_FT_CRYPTO; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1281 frame->u.crypto.len = len; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1282 frame->u.crypto.data = p; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1283 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1284 ngx_sprintf(frame->info, "crypto, generated by SSL len=%ui level=%d", len, level); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1285 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
1286 ngx_quic_queue_frame(qc, frame); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
1287 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1288 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1289 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1290 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1291 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1292 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1293 ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1294 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1295 ngx_connection_t *c; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1296 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1297 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1298 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1299 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "ngx_quic_flush_flight()"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1300 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1301 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1302 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1303 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1304 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1305 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1306 ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1307 uint8_t alert) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1308 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1309 ngx_connection_t *c; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1310 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1311 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1312 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1313 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1314 "ngx_quic_send_alert(), lvl=%d, alert=%d", |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1315 (int) level, (int) alert); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1316 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1317 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1318 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1319 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1320 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1321 static ngx_int_t |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1322 ngx_quic_process_short_header(ngx_connection_t *c, ngx_quic_header_t *pkt) |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1323 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1324 u_char *p; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1325 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1326 p = pkt->data; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1327 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1328 ngx_quic_hexdump0(c->log, "short input", pkt->data, pkt->len); |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1329 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1330 if ((p[0] & NGX_QUIC_PKT_LONG)) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1331 ngx_log_error(NGX_LOG_INFO, c->log, 0, "not a short packet"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1332 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1333 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1334 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1335 pkt->flags = *p++; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1336 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1337 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1338 "quic flags:%xi", pkt->flags); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1339 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1340 if (ngx_memcmp(p, c->quic->dcid.data, c->quic->dcid.len) != 0) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1341 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcid"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1342 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1343 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1344 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1345 pkt->dcid.len = c->quic->dcid.len; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1346 pkt->dcid.data = p; |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1347 p += pkt->dcid.len; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1348 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1349 pkt->raw->pos = p; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1350 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1351 return NGX_OK; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1352 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1353 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1354 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1355 static ngx_int_t |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1356 ngx_quic_process_long_header(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1357 { |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1358 u_char *p; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1359 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1360 p = pkt->data; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1361 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1362 ngx_quic_hexdump0(c->log, "long input", pkt->data, pkt->len); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1363 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1364 if (!(p[0] & NGX_QUIC_PKT_LONG)) { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1365 ngx_log_error(NGX_LOG_INFO, c->log, 0, "not a long packet"); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1366 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1367 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1368 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1369 pkt->flags = *p++; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1370 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1371 pkt->version = ngx_quic_parse_uint32(p); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1372 p += sizeof(uint32_t); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1373 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1374 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1375 "quic flags:%xi version:%xD", pkt->flags, pkt->version); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1376 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1377 if (pkt->version != quic_version) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1378 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unsupported quic version"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1379 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1380 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1381 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1382 pkt->dcid.len = *p++; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1383 pkt->dcid.data = p; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1384 p += pkt->dcid.len; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1385 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1386 pkt->scid.len = *p++; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1387 pkt->scid.data = p; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1388 p += pkt->scid.len; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1389 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1390 pkt->raw->pos = p; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1391 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1392 return NGX_OK; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1393 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1394 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1395 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1396 static ngx_int_t |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1397 ngx_quic_process_initial_header(ngx_connection_t *c, ngx_quic_header_t *pkt) |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1398 { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1399 u_char *p; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1400 ngx_int_t plen; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1401 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1402 p = pkt->raw->pos; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1403 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1404 pkt->token.len = ngx_quic_parse_int(&p); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1405 pkt->token.data = p; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1406 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1407 p += pkt->token.len; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1408 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1409 plen = ngx_quic_parse_int(&p); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1410 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1411 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1412 "quic packet length: %d", plen); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1413 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1414 if (plen > pkt->data + pkt->len - p) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1415 ngx_log_error(NGX_LOG_INFO, c->log, 0, "truncated initial packet"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1416 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1417 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1418 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1419 pkt->raw->pos = p; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1420 pkt->len = plen; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1421 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1422 ngx_quic_hexdump0(c->log, "DCID", pkt->dcid.data, pkt->dcid.len); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1423 ngx_quic_hexdump0(c->log, "SCID", pkt->scid.data, pkt->scid.len); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1424 ngx_quic_hexdump0(c->log, "token", pkt->token.data, pkt->token.len); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1425 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1426 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1427 "quic packet length: %d", plen); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1428 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1429 return NGX_OK; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1430 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1431 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1432 static ngx_int_t |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1433 ngx_quic_process_handshake_header(ngx_connection_t *c, ngx_quic_header_t *pkt) |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1434 { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1435 u_char *p; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1436 ngx_int_t plen; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1437 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1438 p = pkt->raw->pos; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1439 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1440 plen = ngx_quic_parse_int(&p); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1441 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1442 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1443 "quic packet length: %d", plen); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1444 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1445 if (plen > pkt->data + pkt->len - p) { |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1446 ngx_log_error(NGX_LOG_INFO, c->log, 0, "truncated handshake packet"); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1447 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1448 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1449 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1450 pkt->raw->pos = p; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1451 pkt->len = plen; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1452 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1453 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1454 "quic packet length: %d", plen); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1455 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1456 return NGX_OK; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1457 } |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1458 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1459 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1460 static ngx_int_t |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1461 ngx_quic_initial_secret(ngx_connection_t *c) |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1462 { |
8194 | 1463 size_t is_len; |
1464 uint8_t is[SHA256_DIGEST_LENGTH]; | |
1465 ngx_uint_t i; | |
1466 const EVP_MD *digest; | |
1467 const EVP_CIPHER *cipher; | |
1468 ngx_quic_connection_t *qc; | |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1469 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1470 static const uint8_t salt[20] = |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1471 "\xc3\xee\xf7\x12\xc7\x2e\xbb\x5a\x11\xa7" |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1472 "\xd2\x43\x2b\xb4\x63\x65\xbe\xf9\xf5\x02"; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1473 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1474 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1475 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1476 cipher = EVP_aes_128_gcm(); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1477 digest = EVP_sha256(); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1478 |
8194 | 1479 qc = c->quic; |
1480 | |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1481 if (ngx_hkdf_extract(is, &is_len, digest, qc->dcid.data, qc->dcid.len, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1482 salt, sizeof(salt)) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1483 != NGX_OK) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1484 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1485 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1486 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1487 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1488 ngx_str_t iss = { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1489 .data = is, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1490 .len = is_len |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1491 }; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1492 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1493 ngx_quic_hexdump0(c->log, "salt", salt, sizeof(salt)); |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1494 ngx_quic_hexdump0(c->log, "initial secret", is, is_len); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1495 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1496 /* draft-ietf-quic-tls-23#section-5.2 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1497 qc->client_in.secret.len = SHA256_DIGEST_LENGTH; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1498 qc->server_in.secret.len = SHA256_DIGEST_LENGTH; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1499 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1500 qc->client_in.key.len = EVP_CIPHER_key_length(cipher); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1501 qc->server_in.key.len = EVP_CIPHER_key_length(cipher); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1502 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1503 qc->client_in.hp.len = EVP_CIPHER_key_length(cipher); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1504 qc->server_in.hp.len = EVP_CIPHER_key_length(cipher); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1505 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1506 qc->client_in.iv.len = EVP_CIPHER_iv_length(cipher); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1507 qc->server_in.iv.len = EVP_CIPHER_iv_length(cipher); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1508 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1509 struct { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1510 ngx_str_t label; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1511 ngx_str_t *key; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1512 ngx_str_t *prk; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1513 } seq[] = { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1514 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1515 /* draft-ietf-quic-tls-23#section-5.2 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1516 { ngx_string("tls13 client in"), &qc->client_in.secret, &iss }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1517 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1518 ngx_string("tls13 quic key"), |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1519 &qc->client_in.key, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1520 &qc->client_in.secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1521 }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1522 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1523 ngx_string("tls13 quic iv"), |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1524 &qc->client_in.iv, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1525 &qc->client_in.secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1526 }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1527 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1528 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1529 ngx_string("tls13 quic hp"), |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1530 &qc->client_in.hp, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1531 &qc->client_in.secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1532 }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1533 { ngx_string("tls13 server in"), &qc->server_in.secret, &iss }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1534 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1535 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1536 ngx_string("tls13 quic key"), |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1537 &qc->server_in.key, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1538 &qc->server_in.secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1539 }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1540 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1541 ngx_string("tls13 quic iv"), |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1542 &qc->server_in.iv, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1543 &qc->server_in.secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1544 }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1545 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1546 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1547 ngx_string("tls13 quic hp"), |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1548 &qc->server_in.hp, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1549 &qc->server_in.secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1550 }, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1551 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1552 }; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1553 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1554 for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1555 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1556 if (ngx_quic_hkdf_expand(c, digest, seq[i].key, &seq[i].label, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1557 seq[i].prk->data, seq[i].prk->len) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1558 != NGX_OK) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1559 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1560 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1561 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1562 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1563 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1564 return NGX_OK; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1565 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1566 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1567 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1568 static ngx_int_t |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1569 ngx_quic_decrypt(ngx_connection_t *c, ngx_quic_header_t *pkt) |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1570 { |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1571 u_char clearflags, *p, *sample; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1572 uint8_t *nonce; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1573 uint64_t pn; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1574 ngx_int_t pnl, rc; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1575 ngx_str_t in, ad; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1576 ngx_quic_ciphers_t ciphers; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1577 uint8_t mask[16]; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1578 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1579 if (ngx_quic_ciphers(c, &ciphers, pkt->level) == NGX_ERROR) { |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1580 return NGX_ERROR; |
8198
ff14b0fe9731
Fixed header protection with negotiated cipher suite.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8197
diff
changeset
|
1581 } |
ff14b0fe9731
Fixed header protection with negotiated cipher suite.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8197
diff
changeset
|
1582 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1583 p = pkt->raw->pos; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1584 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1585 /* draft-ietf-quic-tls-23#section-5.4.2: |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1586 * the Packet Number field is assumed to be 4 bytes long |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1587 * draft-ietf-quic-tls-23#section-5.4.[34]: |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1588 * AES-Based and ChaCha20-Based header protections sample 16 bytes |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1589 */ |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1590 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1591 sample = p + 4; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1592 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1593 ngx_quic_hexdump0(c->log, "sample", sample, 16); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1594 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1595 /* header protection */ |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1596 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1597 if (ngx_quic_tls_hp(c, ciphers.hp, pkt->secret, mask, sample) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1598 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1599 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1600 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1601 if (pkt->flags & NGX_QUIC_PKT_LONG) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1602 clearflags = pkt->flags ^ (mask[0] & 0x0f); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1603 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1604 } else { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1605 clearflags = pkt->flags ^ (mask[0] & 0x1f); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1606 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1607 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1608 pnl = (clearflags & 0x03) + 1; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1609 pn = ngx_quic_parse_pn(&p, pnl, &mask[1]); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1610 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1611 pkt->pn = pn; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1612 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1613 ngx_quic_hexdump0(c->log, "mask", mask, 5); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1614 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1615 "quic clear flags: %xi", clearflags); |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1616 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1617 "quic packet number: %uL, len: %xi", pn, pnl); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1618 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1619 /* packet protection */ |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1620 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1621 in.data = p; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1622 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1623 if (pkt->flags & NGX_QUIC_PKT_LONG) { |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1624 in.len = pkt->len - pnl; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1625 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1626 } else { |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1627 in.len = pkt->data + pkt->len - p; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1628 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1629 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1630 ad.len = p - pkt->data; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1631 ad.data = ngx_pnalloc(c->pool, ad.len); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1632 if (ad.data == NULL) { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1633 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1634 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1635 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1636 ngx_memcpy(ad.data, pkt->data, ad.len); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1637 ad.data[0] = clearflags; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1638 ad.data[ad.len - pnl] = (u_char) pn; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1639 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1640 nonce = ngx_pstrdup(c->pool, &pkt->secret->iv); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1641 nonce[11] ^= pn; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1642 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1643 ngx_quic_hexdump0(c->log, "nonce", nonce, 12); |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
1644 ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1645 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
1646 rc = ngx_quic_tls_open(c, ciphers.c, pkt->secret, &pkt->payload, |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1647 nonce, &in, &ad); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1648 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1649 ngx_quic_hexdump0(c->log, "packet payload", |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1650 pkt->payload.data, pkt->payload.len); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1651 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1652 return rc; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1653 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1654 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
1655 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1656 ssize_t |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1657 ngx_quic_read_frame(ngx_connection_t *c, u_char *start, u_char *end, |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1658 ngx_quic_frame_t *frame) |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1659 { |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1660 u_char *p; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1661 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1662 size_t npad; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1663 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1664 p = start; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1665 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1666 frame->type = *p++; // TODO: check overflow (p < end) |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1667 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1668 switch (frame->type) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1669 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1670 case NGX_QUIC_FT_CRYPTO: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1671 frame->u.crypto.offset = *p++; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1672 frame->u.crypto.len = ngx_quic_parse_int(&p); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1673 frame->u.crypto.data = p; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1674 p += frame->u.crypto.len; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1675 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1676 ngx_quic_hexdump0(c->log, "CRYPTO frame", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1677 frame->u.crypto.data, frame->u.crypto.len); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1678 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1679 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1680 "quic CRYPTO frame length: %uL off:%uL pp:%p", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1681 frame->u.crypto.len, frame->u.crypto.offset, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1682 frame->u.crypto.data); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1683 break; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1684 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1685 case NGX_QUIC_FT_PADDING: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1686 npad = 0; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1687 while (p < end && *p == NGX_QUIC_FT_PADDING) { // XXX |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1688 p++; npad++; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1689 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1690 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1691 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1692 "PADDING frame length %uL", npad); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1693 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1694 break; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1695 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1696 case NGX_QUIC_FT_ACK: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1697 case NGX_QUIC_FT_ACK_ECN: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1698 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1699 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "ACK frame"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1700 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1701 frame->u.ack.largest = ngx_quic_parse_int(&p); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1702 frame->u.ack.delay = ngx_quic_parse_int(&p); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1703 frame->u.ack.range_count =ngx_quic_parse_int(&p); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1704 frame->u.ack.first_range =ngx_quic_parse_int(&p); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1705 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1706 if (frame->u.ack.range_count) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1707 frame->u.ack.ranges[0] = ngx_quic_parse_int(&p); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1708 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1709 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1710 if (frame->type ==NGX_QUIC_FT_ACK_ECN) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1711 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1712 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1713 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1714 break; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1715 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1716 case NGX_QUIC_FT_PING: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1717 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "PING frame"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1718 p++; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1719 break; |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1720 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1721 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1722 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "NCID frame"); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1723 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1724 frame->u.ncid.seqnum = ngx_quic_parse_int(&p); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1725 frame->u.ncid.retire = ngx_quic_parse_int(&p); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1726 frame->u.ncid.len = *p++; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1727 ngx_memcpy(frame->u.ncid.cid, p, frame->u.ncid.len); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1728 p += frame->u.ncid.len; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1729 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1730 ngx_memcpy(frame->u.ncid.srt, p, 16); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1731 p += 16; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1732 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1733 break; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1734 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1735 case NGX_QUIC_FT_CONNECTION_CLOSE: |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1736 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "connection close frame => NGX_ERROR"); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1737 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1738 // TODO: parse connection close here |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1739 return NGX_ERROR; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1740 break; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1741 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1742 case NGX_QUIC_FT_STREAM0: |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1743 case NGX_QUIC_FT_STREAM1: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1744 case NGX_QUIC_FT_STREAM2: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1745 case NGX_QUIC_FT_STREAM3: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1746 case NGX_QUIC_FT_STREAM4: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1747 case NGX_QUIC_FT_STREAM5: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1748 case NGX_QUIC_FT_STREAM6: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1749 case NGX_QUIC_FT_STREAM7: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1750 |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1751 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1752 "STREAM frame, type: 0x%xi", frame->type); |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1753 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1754 frame->u.stream.type = frame->type; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1755 |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1756 frame->u.stream.stream_id = ngx_quic_parse_int(&p); |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1757 if (frame->type & 0x04) { |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1758 frame->u.stream.offset = ngx_quic_parse_int(&p); |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1759 } else { |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1760 frame->u.stream.offset = 0; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1761 } |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1762 |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1763 if (frame->type & 0x02) { |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1764 frame->u.stream.length = ngx_quic_parse_int(&p); |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1765 } else { |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1766 frame->u.stream.length = end - p; /* up to packet end */ |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1767 } |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1768 |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1769 frame->u.stream.data = p; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1770 |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1771 p += frame->u.stream.length; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1772 |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1773 break; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
1774 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1775 default: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1776 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1777 "unknown frame type %xi", frame->type); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1778 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1779 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1780 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
1781 return p - start; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1782 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1783 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1784 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1785 static ngx_int_t |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1786 ngx_quic_handle_crypto_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1787 ngx_quic_frame_t *frame) |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1788 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1789 int sslerr; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1790 ssize_t n; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1791 ngx_ssl_conn_t *ssl_conn; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1792 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1793 ssl_conn = c->ssl->connection; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1794 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1795 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1796 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1797 (int) SSL_quic_read_level(ssl_conn), |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1798 (int) SSL_quic_write_level(ssl_conn)); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1799 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1800 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1801 if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn), |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1802 frame->u.crypto.data, frame->u.crypto.len)) |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1803 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1804 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1805 "SSL_provide_quic_data() failed"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1806 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1807 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1808 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1809 n = SSL_do_handshake(ssl_conn); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1810 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1811 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1812 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1813 if (n == -1) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1814 sslerr = SSL_get_error(ssl_conn, n); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1815 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1816 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1817 sslerr); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1818 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1819 if (sslerr == SSL_ERROR_SSL) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1820 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1821 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1822 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1823 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1824 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1825 "quic ssl cipher: %s", SSL_get_cipher(ssl_conn)); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1826 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1827 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1828 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1829 (int) SSL_quic_read_level(ssl_conn), |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1830 (int) SSL_quic_write_level(ssl_conn)); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1831 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1832 return NGX_OK; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1833 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1834 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1835 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1836 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1837 static ngx_int_t |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1838 ngx_quic_init_connection(ngx_connection_t *c, ngx_quic_header_t *pkt) |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1839 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1840 int n, sslerr; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1841 ngx_ssl_conn_t *ssl_conn; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1842 ngx_quic_connection_t *qc; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1843 |
8205
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1844 static const uint8_t params[] = |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1845 "\x00\x29" /* parameters length: 41 bytes */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1846 "\x00\x0e\x00\x01\x05" /* active connection id limit: 5 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1847 "\x00\x04\x00\x04\x80\x98\x96\x80" /* initial max data = 10000000 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1848 "\x00\x09\x00\x01\x03" /* initial max streams uni: 3 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1849 "\x00\x08\x00\x01\x10" /* initial max streams bidi: 16 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1850 "\x00\x05\x00\x02\x40\xff" /* initial max stream bidi local: 255 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1851 "\x00\x06\x00\x02\x40\xff" /* initial max stream bidi remote: 255 */ |
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1852 "\x00\x07\x00\x02\x40\xff"; /* initial max stream data uni: 255 */ |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1853 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1854 qc = c->quic; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1855 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1856 if (ngx_ssl_create_connection(qc->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1857 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1858 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1859 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1860 ssl_conn = c->ssl->connection; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1861 |
8205
a5423632d67b
Added more transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8204
diff
changeset
|
1862 if (SSL_set_quic_transport_params(ssl_conn, params, sizeof(params) - 1) == 0) { |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1863 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1864 "SSL_set_quic_transport_params() failed"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1865 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1866 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1867 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1868 n = SSL_do_handshake(ssl_conn); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1869 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1870 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1871 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1872 if (n == -1) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1873 sslerr = SSL_get_error(ssl_conn, n); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1874 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1875 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1876 sslerr); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1877 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1878 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1879 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1880 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1881 (int) SSL_quic_read_level(ssl_conn), |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1882 (int) SSL_quic_write_level(ssl_conn)); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1883 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1884 return NGX_OK; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1885 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1886 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
1887 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1888 static ssize_t |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1889 ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, size_t size) |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1890 { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1891 ssize_t len; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1892 ngx_buf_t *b; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1893 ngx_quic_stream_t *qs; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1894 ngx_quic_connection_t *qc; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1895 ngx_quic_stream_node_t *sn; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1896 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1897 qs = c->qs; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1898 qc = qs->parent->quic; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1899 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1900 // XXX: get direct pointer from stream structure? |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1901 sn = ngx_quic_stream_lookup(&qc->stree, qs->id); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1902 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1903 if (sn == NULL) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1904 return NGX_ERROR; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1905 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1906 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1907 // XXX: how to return EOF? |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1908 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1909 b = sn->b; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1910 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1911 if (b->last - b->pos == 0) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1912 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1913 "quic recv() not ready"); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1914 return NGX_AGAIN; // ? |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1915 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1916 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1917 len = ngx_min(b->last - b->pos, (ssize_t) size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1918 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1919 ngx_memcpy(buf, b->pos, len); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1920 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1921 b->pos += len; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1922 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1923 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1924 "quic recv: %z of %uz", len, size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1925 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1926 return len; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1927 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1928 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1929 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1930 static ssize_t |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1931 ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, size_t size) |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1932 { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1933 u_char *p; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1934 ngx_quic_frame_t *frame; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1935 ngx_quic_stream_t *qs; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1936 ngx_quic_connection_t *qc; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1937 ngx_quic_stream_node_t *sn; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1938 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1939 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic send: %uz", size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1940 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1941 qs = c->qs; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1942 qc = qs->parent->quic; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1943 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1944 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1945 // XXX: get direct pointer from stream structure? |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1946 sn = ngx_quic_stream_lookup(&qc->stree, qs->id); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1947 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1948 if (sn == NULL) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1949 return NGX_ERROR; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1950 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1951 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1952 frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1953 if (frame == NULL) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1954 return 0; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1955 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1956 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1957 p = ngx_pnalloc(c->pool, size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1958 if (p == NULL) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1959 return 0; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1960 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1961 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1962 ngx_memcpy(p, buf, size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1963 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1964 frame->level = ssl_encryption_application; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1965 frame->type = NGX_QUIC_FT_STREAM2; /* OFF=0 LEN=1 FIN=0 */ |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1966 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1967 frame->u.stream.type = frame->type; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1968 frame->u.stream.stream_id = qs->id; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1969 frame->u.stream.offset = 0; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1970 frame->u.stream.length = size; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1971 frame->u.stream.data = p; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1972 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1973 ngx_sprintf(frame->info, "stream %xi len=%ui level=%d", |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1974 qs->id, size, frame->level); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1975 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1976 ngx_quic_queue_frame(qc, frame); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1977 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1978 return size; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1979 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1980 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1981 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1982 static ngx_chain_t * |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1983 ngx_quic_stream_send_chain(ngx_connection_t *c, ngx_chain_t *in, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1984 off_t limit) |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
1985 { |
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1986 size_t len; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1987 ssize_t n; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1988 ngx_buf_t *b; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1989 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1990 while (in) { |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1991 b = in->buf; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1992 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1993 if (!ngx_buf_in_memory(b)) { |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1994 continue; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1995 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1996 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1997 if (ngx_buf_size(b) == 0) { |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1998 continue; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
1999 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2000 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2001 len = b->last - b->pos; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2002 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2003 n = ngx_quic_stream_send(c, b->pos, len); |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2004 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2005 if (n == NGX_ERROR) { |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2006 return NGX_CHAIN_ERROR; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2007 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2008 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2009 if (n == NGX_AGAIN) { |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2010 return in; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2011 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2012 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2013 if (n != (ssize_t) len) { |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2014 b->pos += n; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2015 return in; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2016 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2017 |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2018 in = in->next; |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2019 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
2020 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2021 return NULL; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2022 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2023 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2024 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2025 /* process all payload from the current packet and generate ack if required */ |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2026 static ngx_int_t |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2027 ngx_quic_payload_handler(ngx_connection_t *c, ngx_quic_header_t *pkt) |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2028 { |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2029 u_char *end, *p; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2030 ssize_t len; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2031 ngx_buf_t *b; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2032 ngx_uint_t ack_this; |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2033 ngx_pool_t *pool; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2034 ngx_event_t *rev, *wev; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2035 ngx_quic_frame_t frame, *ack_frame; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2036 ngx_quic_connection_t *qc; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2037 ngx_quic_stream_node_t *sn; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2038 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2039 qc = c->quic; |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2040 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2041 p = pkt->payload.data; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2042 end = p + pkt->payload.len; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2043 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2044 ack_this = 0; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2045 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2046 while (p < end) { |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2047 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2048 len = ngx_quic_read_frame(c, p, end, &frame); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2049 if (len < 0) { |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2050 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2051 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2052 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2053 p += len; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2054 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2055 switch (frame.type) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2056 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2057 case NGX_QUIC_FT_ACK: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2058 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2059 // TODO: handle ack |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2060 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2061 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2062 "ACK: { largest=%ui delay=%ui first=%ui count=%ui}", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2063 frame.u.ack.largest, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2064 frame.u.ack.delay, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2065 frame.u.ack.first_range, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2066 frame.u.ack.range_count); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2067 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2068 break; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2069 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2070 case NGX_QUIC_FT_CRYPTO: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2071 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2072 if (frame.u.crypto.offset != 0x0) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2073 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2074 "crypto frame with non-zero offset"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2075 // TODO: support packet spanning with offsets |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2076 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2077 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2078 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2079 if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2080 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2081 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2082 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2083 ack_this = 1; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2084 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2085 continue; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2086 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2087 case NGX_QUIC_FT_PADDING: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2088 continue; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2089 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2090 case NGX_QUIC_FT_PING: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2091 ack_this = 1; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2092 continue; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2093 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2094 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2095 ack_this = 1; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2096 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2097 "NCID: { seq=%ui retire=%ui len=%ui}", |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2098 frame.u.ncid.seqnum, |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2099 frame.u.ncid.retire, |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2100 frame.u.ncid.len); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2101 continue; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2102 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2103 case NGX_QUIC_FT_STREAM0: |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2104 case NGX_QUIC_FT_STREAM1: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2105 case NGX_QUIC_FT_STREAM2: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2106 case NGX_QUIC_FT_STREAM3: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2107 case NGX_QUIC_FT_STREAM4: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2108 case NGX_QUIC_FT_STREAM5: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2109 case NGX_QUIC_FT_STREAM6: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2110 case NGX_QUIC_FT_STREAM7: |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2111 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2112 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2113 "STREAM frame 0x%xi id 0x%xi offset 0x%xi len 0x%xi bits:off=%d len=%d fin=%d", |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2114 frame.type, |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2115 frame.u.stream.stream_id, |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2116 frame.u.stream.offset, |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2117 frame.u.stream.length, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2118 ngx_quic_stream_bit_off(frame.u.stream.type), |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2119 ngx_quic_stream_bit_len(frame.u.stream.type), |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2120 ngx_quic_stream_bit_fin(frame.u.stream.type)); |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2121 |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2122 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2123 sn = ngx_quic_stream_lookup(&qc->stree, frame.u.stream.stream_id); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2124 if (sn == NULL) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2125 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "stream is new"); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2126 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2127 sn = ngx_pcalloc(c->pool, sizeof(ngx_quic_stream_node_t)); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2128 if (sn == NULL) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2129 return NGX_ERROR; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2130 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2131 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2132 pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2133 if (pool == NULL) { |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2134 return NGX_ERROR; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2135 } |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2136 |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2137 sn->c = ngx_get_connection(-1, c->log); // TODO: free on connection termination |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2138 if (sn->c == NULL) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2139 return NGX_ERROR; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2140 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2141 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2142 sn->c->pool = pool; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2143 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2144 rev = sn->c->read; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2145 wev = sn->c->write; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2146 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2147 rev->log = c->log; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2148 wev->log = c->log; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2149 |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2150 sn->c->number = ngx_atomic_fetch_add(ngx_connection_counter, 1); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2151 |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2152 sn->node.key = frame.u.stream.stream_id; |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2153 sn->b = ngx_create_temp_buf(pool, 16 * 1024); // XXX enough for everyone |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2154 if (sn->b == NULL) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2155 return NGX_ERROR; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2156 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2157 b = sn->b; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2158 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2159 ngx_memcpy(b->start, frame.u.stream.data, frame.u.stream.length); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2160 b->last = b->start + frame.u.stream.length; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2161 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2162 ngx_rbtree_insert(&qc->stree, &sn->node); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2163 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2164 sn->s.id = frame.u.stream.stream_id; |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2165 sn->s.unidirectional = (sn->s.id & 0x02) ? 1 : 0; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2166 sn->s.parent = c; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2167 sn->c->qs = &sn->s; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2168 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2169 sn->c->recv = ngx_quic_stream_recv; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2170 sn->c->send = ngx_quic_stream_send; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2171 sn->c->send_chain = ngx_quic_stream_send_chain; |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2172 |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2173 qc->stream_handler(sn->c); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2174 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2175 } else { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2176 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "existing stream"); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2177 b = sn->b; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2178 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2179 if ((size_t) (b->end - b->pos) < frame.u.stream.length) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2180 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2181 "no space in stream buffer"); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2182 return NGX_ERROR; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2183 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2184 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2185 ngx_memcpy(b->pos, frame.u.stream.data, frame.u.stream.length); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2186 b->pos += frame.u.stream.length; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2187 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2188 // TODO: ngx_post_event(&c->read, &ngx_posted_events) ??? |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2189 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2190 |
8207
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2191 ngx_quic_hexdump0(c->log, "STREAM.data", |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2192 frame.u.stream.data, frame.u.stream.length); |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2193 break; |
cc8d211cb45c
Initial parsing of STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
8206
diff
changeset
|
2194 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2195 default: |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2196 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2197 "unexpected frame type 0x%xd in packet", frame.type); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2198 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2199 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2200 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2201 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2202 if (p != end) { |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2203 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2204 "trailing garbage in payload: %ui bytes", end - p); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2205 return NGX_ERROR; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2206 } |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2207 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2208 |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2209 if (ack_this == 0) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2210 /* do not ack packets with ACKs and PADDING */ |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2211 return NGX_OK; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2212 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2213 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2214 // packet processed, ACK it now if required |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2215 // TODO: if (ack_required) ... - currently just ack each packet |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2216 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2217 ack_frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2218 if (ack_frame == NULL) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2219 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2220 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2221 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2222 ack_frame->level = pkt->level; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2223 ack_frame->type = NGX_QUIC_FT_ACK; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2224 ack_frame->u.ack.pn = pkt->pn; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2225 |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
2226 ngx_sprintf(ack_frame->info, "ACK for PN=%d from frame handler level=%d", pkt->pn, pkt->level); |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2227 ngx_quic_queue_frame(qc, ack_frame); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2228 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2229 return ngx_quic_output(c); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2230 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2231 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2232 |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2233 static void |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2234 ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2235 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel) |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2236 { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2237 ngx_rbtree_node_t **p; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2238 ngx_quic_stream_node_t *qn, *qnt; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2239 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2240 for ( ;; ) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2241 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2242 if (node->key < temp->key) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2243 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2244 p = &temp->left; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2245 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2246 } else if (node->key > temp->key) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2247 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2248 p = &temp->right; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2249 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2250 } else { /* node->key == temp->key */ |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2251 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2252 qn = (ngx_quic_stream_node_t *) &node->color; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2253 qnt = (ngx_quic_stream_node_t *) &temp->color; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2254 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2255 if (qn->c < qnt->c) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2256 p = &temp->left; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2257 } else { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2258 p = &temp->right; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2259 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2260 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2261 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2262 if (*p == sentinel) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2263 break; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2264 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2265 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2266 temp = *p; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2267 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2268 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2269 *p = node; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2270 node->parent = temp; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2271 node->left = sentinel; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2272 node->right = sentinel; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2273 ngx_rbt_red(node); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2274 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2275 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2276 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2277 static ngx_quic_stream_node_t * |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2278 ngx_quic_stream_lookup(ngx_rbtree_t *rbtree, ngx_uint_t key) |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2279 { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2280 ngx_rbtree_node_t *node, *sentinel; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2281 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2282 node = rbtree->root; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2283 sentinel = rbtree->sentinel; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2284 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2285 while (node != sentinel) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2286 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2287 if (key == node->key) { |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2288 return (ngx_quic_stream_node_t *) node; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2289 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2290 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2291 node = (key < node->key) ? node->left : node->right; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2292 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2293 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2294 return NULL; |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2295 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2296 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2297 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2298 static ngx_int_t |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2299 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2300 ngx_quic_header_t *pkt) |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2301 { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2302 ngx_quic_connection_t *qc; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2303 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2304 if (ngx_buf_size(pkt->raw) < 1200) { |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2305 ngx_log_error(NGX_LOG_INFO, c->log, 0, "too small UDP datagram"); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2306 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2307 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2308 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2309 if (ngx_quic_process_long_header(c, pkt) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2310 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2311 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2312 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2313 if ((pkt->flags & 0xf0) != NGX_QUIC_PKT_INITIAL) { |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2314 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2315 "invalid initial packet: 0x%xi", pkt->flags); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2316 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2317 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2318 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2319 if (ngx_quic_process_initial_header(c, pkt) != NGX_OK) { |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2320 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2321 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2322 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2323 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2324 if (qc == NULL) { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2325 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2326 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2327 |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2328 ngx_rbtree_init(&qc->stree, &qc->stree_sentinel, |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2329 ngx_quic_rbtree_insert_stream); |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
2330 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2331 c->quic = qc; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2332 qc->ssl = ssl; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2333 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2334 qc->dcid.len = pkt->dcid.len; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2335 qc->dcid.data = ngx_pnalloc(c->pool, pkt->dcid.len); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2336 if (qc->dcid.data == NULL) { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2337 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2338 } |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2339 ngx_memcpy(qc->dcid.data, pkt->dcid.data, qc->dcid.len); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2340 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2341 qc->scid.len = pkt->scid.len; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2342 qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2343 if (qc->scid.data == NULL) { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2344 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2345 } |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2346 ngx_memcpy(qc->scid.data, pkt->scid.data, qc->scid.len); |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2347 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2348 qc->token.len = pkt->token.len; |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2349 qc->token.data = ngx_pnalloc(c->pool, qc->token.len); |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2350 if (qc->token.data == NULL) { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2351 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2352 } |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2353 ngx_memcpy(qc->token.data, pkt->token.data, qc->token.len); |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2354 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2355 |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2356 if (ngx_quic_initial_secret(c) != NGX_OK) { |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2357 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2358 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2359 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2360 pkt->secret = &qc->client_in; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2361 pkt->level = ssl_encryption_initial; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2362 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2363 if (ngx_quic_decrypt(c, pkt) != NGX_OK) { |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2364 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2365 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2366 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2367 if (ngx_quic_init_connection(c, pkt) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2368 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2369 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2370 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2371 return ngx_quic_payload_handler(c, pkt); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2372 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2373 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2374 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2375 static ngx_int_t |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2376 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2377 { |
8188
bf555b94e387
Using cached ssl_conn in ngx_quic_handshake_input(), NFC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8187
diff
changeset
|
2378 ngx_ssl_conn_t *ssl_conn; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2379 ngx_quic_connection_t *qc; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2380 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2381 qc = c->quic; |
8188
bf555b94e387
Using cached ssl_conn in ngx_quic_handshake_input(), NFC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8187
diff
changeset
|
2382 ssl_conn = c->ssl->connection; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2383 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2384 /* extract cleartext data into pkt */ |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2385 if (ngx_quic_process_long_header(c, pkt) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2386 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2387 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2388 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2389 if (pkt->dcid.len != qc->dcid.len) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2390 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcidl"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2391 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2392 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2393 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2394 if (ngx_memcmp(pkt->dcid.data, qc->dcid.data, qc->dcid.len) != 0) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2395 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcid"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2396 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2397 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2398 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2399 if (pkt->scid.len != qc->scid.len) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2400 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scidl"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2401 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2402 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2403 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2404 if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2405 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scid"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2406 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2407 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2408 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2409 if ((pkt->flags & 0xf0) != NGX_QUIC_PKT_HANDSHAKE) { |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
2410 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2411 "invalid packet type: 0x%xi", pkt->flags); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2412 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2413 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2414 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2415 if (ngx_quic_process_handshake_header(c, pkt) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2416 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2417 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2418 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2419 pkt->secret = &qc->client_hs; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2420 pkt->level = ssl_encryption_handshake; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2421 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2422 if (ngx_quic_decrypt(c, pkt) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2423 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2424 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2425 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2426 return ngx_quic_payload_handler(c, pkt); |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2427 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2428 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2429 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2430 static ngx_int_t |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2431 ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2432 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2433 ngx_quic_connection_t *qc; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2434 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2435 qc = c->quic; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2436 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2437 /* TODO: this is a stub, untested */ |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2438 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2439 if (ngx_quic_process_short_header(c, pkt) != NGX_OK) { |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
2440 return NGX_ERROR; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
2441 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
2442 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2443 pkt->secret = &qc->client_ad; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2444 pkt->level = ssl_encryption_application; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2445 |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2446 if (ngx_quic_decrypt(c, pkt) != NGX_OK) { |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
2447 return NGX_ERROR; |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
2448 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
2449 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
2450 return ngx_quic_payload_handler(c, pkt); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2451 } |
8171 | 2452 |
2453 | |
2454 uint64_t | |
2455 ngx_quic_parse_int(u_char **pos) | |
2456 { | |
2457 u_char *p; | |
2458 uint64_t value; | |
2459 ngx_uint_t len; | |
2460 | |
2461 p = *pos; | |
2462 len = 1 << ((*p & 0xc0) >> 6); | |
2463 value = *p++ & 0x3f; | |
2464 | |
2465 while (--len) { | |
2466 value = (value << 8) + *p++; | |
2467 } | |
2468 | |
2469 *pos = p; | |
2470 return value; | |
2471 } | |
2472 | |
2473 | |
2474 void | |
2475 ngx_quic_build_int(u_char **pos, uint64_t value) | |
2476 { | |
2477 u_char *p; | |
2478 ngx_uint_t len;//, len2; | |
2479 | |
2480 p = *pos; | |
2481 len = 0; | |
2482 | |
2483 while (value >> ((1 << len) * 8 - 2)) { | |
2484 len++; | |
2485 } | |
2486 | |
2487 *p = len << 6; | |
2488 | |
2489 // len2 = | |
2490 len = (1 << len); | |
2491 len--; | |
2492 *p |= value >> (len * 8); | |
2493 p++; | |
2494 | |
2495 while (len) { | |
2496 *p++ = value >> ((len-- - 1) * 8); | |
2497 } | |
2498 | |
2499 *pos = p; | |
2500 // return len2; | |
2501 } | |
2502 | |
2503 | |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2504 static uint64_t |
8171 | 2505 ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask) |
2506 { | |
2507 u_char *p; | |
2508 uint64_t value; | |
2509 | |
2510 p = *pos; | |
2511 value = *p++ ^ *mask++; | |
2512 | |
2513 while (--len) { | |
2514 value = (value << 8) + (*p++ ^ *mask++); | |
2515 } | |
2516 | |
2517 *pos = p; | |
2518 return value; | |
2519 } | |
2520 | |
2521 | |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2522 static ngx_int_t |
8171 | 2523 ngx_hkdf_extract(u_char *out_key, size_t *out_len, const EVP_MD *digest, |
2524 const u_char *secret, size_t secret_len, const u_char *salt, | |
2525 size_t salt_len) | |
2526 { | |
2527 #ifdef OPENSSL_IS_BORINGSSL | |
2528 if (HKDF_extract(out_key, out_len, digest, secret, secret_len, salt, | |
2529 salt_len) | |
2530 == 0) | |
2531 { | |
2532 return NGX_ERROR; | |
2533 } | |
2534 #else | |
2535 | |
2536 EVP_PKEY_CTX *pctx; | |
2537 | |
2538 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); | |
2539 | |
2540 if (EVP_PKEY_derive_init(pctx) <= 0) { | |
2541 return NGX_ERROR; | |
2542 } | |
2543 | |
2544 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) <= 0) { | |
2545 return NGX_ERROR; | |
2546 } | |
2547 | |
2548 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { | |
2549 return NGX_ERROR; | |
2550 } | |
2551 | |
2552 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0) { | |
2553 return NGX_ERROR; | |
2554 } | |
2555 | |
2556 if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0) { | |
2557 return NGX_ERROR; | |
2558 } | |
2559 | |
2560 if (EVP_PKEY_derive(pctx, out_key, out_len) <= 0) { | |
2561 return NGX_ERROR; | |
2562 } | |
2563 | |
2564 #endif | |
2565 | |
2566 return NGX_OK; | |
2567 } | |
2568 | |
2569 | |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2570 static ngx_int_t |
8179
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2571 ngx_quic_hkdf_expand(ngx_connection_t *c, const EVP_MD *digest, ngx_str_t *out, |
8180 | 2572 ngx_str_t *label, const uint8_t *prk, size_t prk_len) |
8179
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2573 { |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2574 uint8_t *p; |
8180 | 2575 size_t info_len; |
2576 uint8_t info[20]; | |
8179
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2577 |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2578 out->data = ngx_pnalloc(c->pool, out->len); |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2579 if (out->data == NULL) { |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2580 return NGX_ERROR; |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2581 } |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2582 |
8180 | 2583 info_len = 2 + 1 + label->len + 1; |
8179
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2584 |
8180 | 2585 info[0] = 0; |
2586 info[1] = out->len; | |
2587 info[2] = label->len; | |
2588 p = ngx_cpymem(&info[3], label->data, label->len); | |
8179
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2589 *p = '\0'; |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2590 |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2591 if (ngx_hkdf_expand(out->data, out->len, digest, |
8180 | 2592 prk, prk_len, info, info_len) |
8179
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2593 != NGX_OK) |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2594 { |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2595 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, |
8180 | 2596 "ngx_hkdf_expand(%V) failed", label); |
8179
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2597 return NGX_ERROR; |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2598 } |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2599 |
8183
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
2600 ngx_quic_hexdump(c->log, "%V info", info, info_len, label); |
6091506af0f7
Aded the "ngx_quic_hexdump" macro.
Vladimir Homutov <vl@nginx.com>
parents:
8182
diff
changeset
|
2601 ngx_quic_hexdump(c->log, "%V key", out->data, out->len, label); |
8179
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2602 |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2603 return NGX_OK; |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2604 } |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2605 |
7ee1ada04c8a
Generic function for HKDF expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8178
diff
changeset
|
2606 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2607 static ngx_int_t |
8171 | 2608 ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, |
8180 | 2609 const uint8_t *prk, size_t prk_len, const u_char *info, size_t info_len) |
8171 | 2610 { |
2611 #ifdef OPENSSL_IS_BORINGSSL | |
2612 if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) | |
2613 == 0) | |
2614 { | |
2615 return NGX_ERROR; | |
2616 } | |
2617 #else | |
2618 | |
2619 EVP_PKEY_CTX *pctx; | |
2620 | |
2621 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); | |
2622 | |
2623 if (EVP_PKEY_derive_init(pctx) <= 0) { | |
2624 return NGX_ERROR; | |
2625 } | |
2626 | |
2627 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) <= 0) { | |
2628 return NGX_ERROR; | |
2629 } | |
2630 | |
2631 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { | |
2632 return NGX_ERROR; | |
2633 } | |
2634 | |
2635 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, prk, prk_len) <= 0) { | |
2636 return NGX_ERROR; | |
2637 } | |
2638 | |
2639 if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0) { | |
2640 return NGX_ERROR; | |
2641 } | |
2642 | |
2643 if (EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) { | |
2644 return NGX_ERROR; | |
2645 } | |
2646 | |
2647 #endif | |
2648 | |
2649 return NGX_OK; | |
2650 } | |
8177
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2651 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2652 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2653 static ngx_int_t |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2654 ngx_quic_tls_open(ngx_connection_t *c, const ngx_quic_cipher_t *cipher, |
8177
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2655 ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2656 ngx_str_t *ad) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2657 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2658 out->len = in->len - EVP_GCM_TLS_TAG_LEN; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2659 out->data = ngx_pnalloc(c->pool, out->len); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2660 if (out->data == NULL) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2661 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2662 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2663 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2664 #ifdef OPENSSL_IS_BORINGSSL |
8177
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2665 EVP_AEAD_CTX *ctx; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2666 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2667 ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2668 EVP_AEAD_DEFAULT_TAG_LENGTH); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2669 if (ctx == NULL) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2670 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_AEAD_CTX_new() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2671 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2672 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2673 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2674 if (EVP_AEAD_CTX_open(ctx, out->data, &out->len, out->len, nonce, s->iv.len, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2675 in->data, in->len, ad->data, ad->len) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2676 != 1) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2677 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2678 EVP_AEAD_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2679 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_AEAD_CTX_open() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2680 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2681 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2682 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2683 EVP_AEAD_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2684 #else |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2685 int len; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2686 u_char *tag; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2687 EVP_CIPHER_CTX *ctx; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2688 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2689 ctx = EVP_CIPHER_CTX_new(); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2690 if (ctx == NULL) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2691 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_CIPHER_CTX_new() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2692 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2693 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2694 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2695 if (EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2696 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2697 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_DecryptInit_ex() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2698 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2699 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2700 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2701 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2702 == 0) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2703 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2704 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2705 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2706 "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2707 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2708 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2709 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2710 if (EVP_DecryptInit_ex(ctx, NULL, NULL, s->key.data, nonce) != 1) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2711 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2712 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_DecryptInit_ex() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2713 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2714 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2715 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2716 if (EVP_DecryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2717 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2718 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_DecryptUpdate() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2719 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2720 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2721 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2722 if (EVP_DecryptUpdate(ctx, out->data, &len, in->data, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2723 in->len - EVP_GCM_TLS_TAG_LEN) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2724 != 1) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2725 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2726 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2727 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_DecryptUpdate() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2728 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2729 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2730 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2731 out->len = len; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2732 tag = in->data + in->len - EVP_GCM_TLS_TAG_LEN; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2733 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2734 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, EVP_GCM_TLS_TAG_LEN, tag) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2735 == 0) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2736 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2737 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2738 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2739 "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_TAG) failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2740 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2741 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2742 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2743 if (EVP_DecryptFinal_ex(ctx, out->data + len, &len) <= 0) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2744 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2745 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_DecryptFinal_ex failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2746 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2747 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2748 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2749 out->len += len; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2750 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2751 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2752 #endif |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2753 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2754 return NGX_OK; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2755 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2756 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2757 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2758 static ngx_int_t |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2759 ngx_quic_tls_seal(ngx_connection_t *c, const ngx_quic_cipher_t *cipher, |
8177
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2760 ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2761 ngx_str_t *ad) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2762 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2763 out->len = in->len + EVP_GCM_TLS_TAG_LEN; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2764 out->data = ngx_pnalloc(c->pool, out->len); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2765 if (out->data == NULL) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2766 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2767 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2768 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2769 #ifdef OPENSSL_IS_BORINGSSL |
8177
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2770 EVP_AEAD_CTX *ctx; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2771 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2772 ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2773 EVP_AEAD_DEFAULT_TAG_LENGTH); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2774 if (ctx == NULL) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2775 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_AEAD_CTX_new() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2776 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2777 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2778 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2779 if (EVP_AEAD_CTX_seal(ctx, out->data, &out->len, out->len, nonce, s->iv.len, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2780 in->data, in->len, ad->data, ad->len) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2781 != 1) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2782 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2783 EVP_AEAD_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2784 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_AEAD_CTX_seal() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2785 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2786 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2787 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2788 EVP_AEAD_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2789 #else |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2790 int len; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2791 EVP_CIPHER_CTX *ctx; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2792 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2793 ctx = EVP_CIPHER_CTX_new(); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2794 if (ctx == NULL) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2795 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_CIPHER_CTX_new() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2796 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2797 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2798 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2799 if (EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2800 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2801 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptInit_ex() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2802 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2803 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2804 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2805 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2806 == 0) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2807 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2808 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2809 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2810 "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2811 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2812 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2813 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2814 if (EVP_EncryptInit_ex(ctx, NULL, NULL, s->key.data, nonce) != 1) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2815 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2816 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptInit_ex() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2817 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2818 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2819 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2820 if (EVP_EncryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2821 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2822 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptUpdate() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2823 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2824 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2825 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2826 if (EVP_EncryptUpdate(ctx, out->data, &len, in->data, in->len) != 1) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2827 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2828 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptUpdate() failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2829 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2830 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2831 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2832 out->len = len; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2833 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2834 if (EVP_EncryptFinal_ex(ctx, out->data + out->len, &len) <= 0) { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2835 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2836 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptFinal_ex failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2837 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2838 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2839 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2840 out->len += len; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2841 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2842 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, EVP_GCM_TLS_TAG_LEN, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2843 out->data + in->len) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2844 == 0) |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2845 { |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2846 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2847 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2848 "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_GET_TAG) failed"); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2849 return NGX_ERROR; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2850 } |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2851 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2852 EVP_CIPHER_CTX_free(ctx); |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2853 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2854 out->len += EVP_GCM_TLS_TAG_LEN; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2855 #endif |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2856 |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2857 return NGX_OK; |
76e29ff31cd3
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8171
diff
changeset
|
2858 } |
8178
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2859 |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2860 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2861 static ngx_int_t |
8178
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2862 ngx_quic_tls_hp(ngx_connection_t *c, const EVP_CIPHER *cipher, |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2863 ngx_quic_secret_t *s, u_char *out, u_char *in) |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2864 { |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2865 int outlen; |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2866 EVP_CIPHER_CTX *ctx; |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2867 u_char zero[5] = {0}; |
8178
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2868 |
8203
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2869 #ifdef OPENSSL_IS_BORINGSSL |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2870 uint32_t counter; |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2871 |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2872 ngx_memcpy(&counter, in, sizeof(uint32_t)); |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2873 |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2874 if (cipher == (const EVP_CIPHER *) EVP_aead_chacha20_poly1305()) { |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2875 CRYPTO_chacha_20(out, zero, 5, s->hp.data, &in[4], counter); |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2876 return NGX_OK; |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2877 } |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2878 #endif |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2879 |
8178
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2880 ctx = EVP_CIPHER_CTX_new(); |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2881 if (ctx == NULL) { |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2882 return NGX_ERROR; |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2883 } |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2884 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2885 if (EVP_EncryptInit_ex(ctx, cipher, NULL, s->hp.data, in) != 1) { |
8178
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2886 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptInit_ex() failed"); |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2887 goto failed; |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2888 } |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2889 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2890 if (!EVP_EncryptUpdate(ctx, out, &outlen, zero, 5)) { |
8178
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2891 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptUpdate() failed"); |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2892 goto failed; |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2893 } |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2894 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2895 if (!EVP_EncryptFinal_ex(ctx, out + 5, &outlen)) { |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2896 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptFinal_Ex() failed"); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2897 goto failed; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2898 } |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2899 |
8178
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2900 EVP_CIPHER_CTX_free(ctx); |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2901 |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2902 return NGX_OK; |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2903 |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2904 failed: |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2905 |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2906 EVP_CIPHER_CTX_free(ctx); |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2907 |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2908 return NGX_ERROR; |
a9ff4392ecde
QUIC header protection routines, introduced ngx_quic_tls_hp().
Sergey Kandaurov <pluknet@nginx.com>
parents:
8177
diff
changeset
|
2909 } |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2910 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2911 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2912 static ngx_int_t |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2913 ngx_quic_ciphers(ngx_connection_t *c, ngx_quic_ciphers_t *ciphers, |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2914 enum ssl_encryption_level_t level) |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2915 { |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2916 ngx_int_t id, len; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2917 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2918 if (level == ssl_encryption_initial) { |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2919 id = NGX_AES_128_GCM_SHA256; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2920 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2921 } else { |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2922 id = SSL_CIPHER_get_id(SSL_get_current_cipher(c->ssl->connection)) |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2923 & 0xffff; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2924 } |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2925 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2926 switch (id) { |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2927 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2928 case NGX_AES_128_GCM_SHA256: |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2929 #ifdef OPENSSL_IS_BORINGSSL |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2930 ciphers->c = EVP_aead_aes_128_gcm(); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2931 #else |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2932 ciphers->c = EVP_aes_128_gcm(); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2933 #endif |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2934 ciphers->hp = EVP_aes_128_ctr(); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2935 ciphers->d = EVP_sha256(); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2936 len = 16; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2937 break; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2938 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2939 case NGX_AES_256_GCM_SHA384: |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2940 #ifdef OPENSSL_IS_BORINGSSL |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2941 ciphers->c = EVP_aead_aes_256_gcm(); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2942 #else |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2943 ciphers->c = EVP_aes_256_gcm(); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2944 #endif |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2945 ciphers->hp = EVP_aes_256_ctr(); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2946 ciphers->d = EVP_sha384(); |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2947 len = 32; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2948 break; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2949 |
8202
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2950 case NGX_CHACHA20_POLY1305_SHA256: |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2951 #ifdef OPENSSL_IS_BORINGSSL |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2952 ciphers->c = EVP_aead_chacha20_poly1305(); |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2953 #else |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2954 ciphers->c = EVP_chacha20_poly1305(); |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2955 #endif |
8203
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2956 #ifdef OPENSSL_IS_BORINGSSL |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2957 ciphers->hp = (const EVP_CIPHER *) EVP_aead_chacha20_poly1305(); |
ec0c44aa2881
Chacha20 header protection support with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8202
diff
changeset
|
2958 #else |
8202
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2959 ciphers->hp = EVP_chacha20(); |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2960 #endif |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2961 ciphers->d = EVP_sha256(); |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2962 len = 32; |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2963 break; |
a4ed2305ad2c
ChaCha20 / Poly1305 initial support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8201
diff
changeset
|
2964 |
8201
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2965 default: |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2966 return NGX_ERROR; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2967 } |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2968 |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2969 return len; |
5c66dadb1e34
Using SSL cipher suite id to obtain cipher/digest, part 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8200
diff
changeset
|
2970 } |