nginx: src/event/quic/ngx_event_quic

annotate src/event/quic/ngx_event_quic_migration.c @ 8908:e8cbbfabe547 quic

QUIC: update stream flow control credit on STREAM_DATA_BLOCKED. Previously, after receiving STREAM_DATA_BLOCKED, current flow control limit was sent to client. Now, if the limit can be updated to the full window size, it is updated and the new value is sent to client, otherwise nothing is sent. The change lets client update flow control credit on demand. Also, it saves traffic by not sending MAX_STREAM_DATA with the same value twice.

author	Roman Arutyunyan <arut@nginx.com>
date	Wed, 17 Nov 2021 23:07:38 +0300
parents	a951e0809044
children	50d73bf20e73

rev	line source
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	1
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	2 /*
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	3 * Copyright (C) Nginx, Inc.
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	4 */
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	5
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	6
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	7 #include <ngx_config.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	8 #include <ngx_core.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	9 #include <ngx_event.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	10 #include <ngx_event_quic_connection.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	11
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	12
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	13 static void ngx_quic_set_connection_path(ngx_connection_t *c,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	14 ngx_quic_path_t *path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	15 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	16 ngx_quic_socket_t *qsock);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	17 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	18 ngx_quic_path_t *path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	19 static ngx_int_t ngx_quic_path_restore(ngx_connection_t *c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	20 static ngx_quic_path_t ngx_quic_alloc_path(ngx_connection_t c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	21
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	22
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	23 ngx_int_t
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	24 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	25 ngx_quic_path_challenge_frame_t *f)
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	26 {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	27 off_t max, pad;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	28 ssize_t sent;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	29 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	30 ngx_quic_frame_t frame, *fp;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	31 ngx_quic_socket_t *qsock;
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	32 ngx_quic_connection_t *qc;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	33
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	34 qc = ngx_quic_get_connection(c);
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	35
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	36 frame.level = ssl_encryption_application;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	37 frame.type = NGX_QUIC_FT_PATH_RESPONSE;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	38 frame.u.path_response = *f;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	39
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	40 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	41 * RFC 9000, 8.2.2. Path Validation Responses
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	42 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	43 * A PATH_RESPONSE frame MUST be sent on the network path where the
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	44 * PATH_CHALLENGE frame was received.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	45 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	46 qsock = ngx_quic_get_socket(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	47 path = qsock->path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	48
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	49 /*
8901 a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	50 * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	51 * to at least the smallest allowed maximum datagram size of 1200 bytes.
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	52 * ...
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	53 * An endpoint MUST NOT expand the datagram containing the PATH_RESPONSE
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	54 * if the resulting data exceeds the anti-amplification limit.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	55 */
8901 a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	56 if (path->state != NGX_QUIC_PATH_VALIDATED) {
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	57 max = path->received * 3;
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	58 max = (path->sent >= max) ? 0 : max - path->sent;
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	59 pad = ngx_min(1200, max);
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	60
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	61 } else {
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	62 pad = 1200;
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	63 }
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	64
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	65 sent = ngx_quic_frame_sendto(c, &frame, pad, path->sockaddr, path->socklen);
8822 ad046179eb91 QUIC: handle EAGAIN properly on UDP sockets. Vladimir Homutov <vl@nginx.com> parents: 8797 diff changeset	66 if (sent < 0) {
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	67 return NGX_ERROR;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	68 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	69
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	70 path->sent += sent;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	71
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	72 if (qsock == qc->socket) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	73 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	74 * RFC 9000, 9.3.3. Off-Path Packet Forwarding
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	75 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	76 * An endpoint that receives a PATH_CHALLENGE on an active path SHOULD
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	77 * send a non-probing packet in response.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	78 */
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	79
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	80 fp = ngx_quic_alloc_frame(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	81 if (fp == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	82 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	83 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	84
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	85 fp->level = ssl_encryption_application;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	86 fp->type = NGX_QUIC_FT_PING;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	87
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	88 ngx_quic_queue_frame(qc, fp);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	89 }
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	90
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	91 return NGX_OK;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	92 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	93
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	94
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	95 ngx_int_t
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	96 ngx_quic_handle_path_response_frame(ngx_connection_t *c,
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	97 ngx_quic_path_challenge_frame_t *f)
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	98 {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	99 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	100 ngx_quic_path_t path, prev;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	101 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	102
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	103 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	104
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	105 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	106 * RFC 9000, 8.2.3. Successful Path Validation
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	107 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	108 * A PATH_RESPONSE frame received on any network path validates the path
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	109 * on which the PATH_CHALLENGE was sent.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	110 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	111
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	112 for (q = ngx_queue_head(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	113 q != ngx_queue_sentinel(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	114 q = ngx_queue_next(q))
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	115 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	116 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	117
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	118 if (path->state != NGX_QUIC_PATH_VALIDATING) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	119 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	120 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	121
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	122 if (ngx_memcmp(path->challenge1, f->data, sizeof(f->data)) == 0
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	123 \|\| ngx_memcmp(path->challenge2, f->data, sizeof(f->data)) == 0)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	124 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	125 goto valid;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	126 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	127 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	128
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	129 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	130 "quic stale PATH_RESPONSE ignored");
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	131
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	132 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	133
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	134 valid:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	135
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	136 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	137 * RFC 9000, 9.4. Loss Detection and Congestion Control
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	138 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	139 * On confirming a peer's ownership of its new address,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	140 * an endpoint MUST immediately reset the congestion controller
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	141 * and round-trip time estimator for the new path to initial values
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	142 * unless the only change in the peer's address is its port number.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	143 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	144
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	145 prev = qc->backup->path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	146
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	147 if (ngx_cmp_sockaddr(prev->sockaddr, prev->socklen,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	148 path->sockaddr, path->socklen, 0)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	149 != NGX_OK)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	150 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	151 /* address has changed */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	152 ngx_memzero(&qc->congestion, sizeof(ngx_quic_congestion_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	153
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	154 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	155 ngx_max(2 * qc->tp.max_udp_payload_size,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	156 14720));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	157 qc->congestion.ssthresh = (size_t) -1;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	158 qc->congestion.recovery_start = ngx_current_msec;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	159 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	160
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	161 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	162 * RFC 9000, 9.3. Responding to Connection Migration
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	163 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	164 * After verifying a new client address, the server SHOULD
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	165 * send new address validation tokens (Section 8) to the client.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	166 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	167
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	168 if (ngx_quic_send_new_token(c, path) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	169 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	170 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	171
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	172 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	173 "quic path #%uL successfully validated", path->seqnum);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	174
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	175 path->state = NGX_QUIC_PATH_VALIDATED;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	176 path->validated_at = ngx_time();
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	177
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	178 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	179 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	180
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	181
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	182 static ngx_quic_path_t *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	183 ngx_quic_alloc_path(ngx_connection_t *c)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	184 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	185 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	186 struct sockaddr *sa;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	187 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	188 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	189
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	190 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	191
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	192 if (!ngx_queue_empty(&qc->free_paths)) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	193
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	194 q = ngx_queue_head(&qc->free_paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	195 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	196
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	197 ngx_queue_remove(&path->queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	198
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	199 sa = path->sockaddr;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	200 ngx_memzero(path, sizeof(ngx_quic_path_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	201 path->sockaddr = sa;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	202
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	203 } else {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	204
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	205 path = ngx_pcalloc(c->pool, sizeof(ngx_quic_path_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	206 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	207 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	208 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	209
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	210 path->sockaddr = ngx_palloc(c->pool, NGX_SOCKADDRLEN);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	211 if (path->sockaddr == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	212 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	213 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	214 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	215
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	216 return path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	217 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	218
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	219
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	220 ngx_quic_path_t *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	221 ngx_quic_add_path(ngx_connection_t c, struct sockaddr sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	222 socklen_t socklen)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	223 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	224 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	225 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	226
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	227 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	228
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	229 path = ngx_quic_alloc_path(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	230 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	231 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	232 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	233
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	234 path->seqnum = qc->path_seqnum++;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	235
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	236 path->socklen = socklen;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	237 ngx_memcpy(path->sockaddr, sockaddr, socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	238
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	239 path->addr_text.data = path->text;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	240 path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	241 NGX_SOCKADDR_STRLEN, 1);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	242
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	243 ngx_queue_insert_tail(&qc->paths, &path->queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	244
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	245 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	246 "quic path #%uL created src:%V",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	247 path->seqnum, &path->addr_text);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	248
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	249 return path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	250 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	251
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	252
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	253 ngx_quic_path_t *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	254 ngx_quic_find_path(ngx_connection_t c, struct sockaddr sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	255 socklen_t socklen)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	256 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	257 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	258 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	259 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	260
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	261 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	262
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	263 for (q = ngx_queue_head(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	264 q != ngx_queue_sentinel(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	265 q = ngx_queue_next(q))
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	266 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	267 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	268
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	269 if (ngx_cmp_sockaddr(sockaddr, socklen,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	270 path->sockaddr, path->socklen, 1)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	271 == NGX_OK)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	272 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	273 return path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	274 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	275 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	276
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	277 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	278 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	279
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	280
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	281 ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	282 ngx_quic_check_migration(ngx_connection_t c, ngx_quic_header_t pkt)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	283 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	284 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	285 ngx_quic_socket_t *qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	286 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	287
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	288 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	289
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	290 qsock = ngx_quic_get_socket(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	291
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	292 if (c->udp->dgram == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	293 /* 2nd QUIC packet in first UDP datagram */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	294 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	295 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	296
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	297 path = ngx_quic_find_path(c, c->udp->dgram->sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	298 c->udp->dgram->socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	299 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	300 /* packet comes from unknown path, possibly migration */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	301
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	302 if (qc->tp.disable_active_migration) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	303 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	304 "quic migration disabled, dropping packet "
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	305 "from unknown path");
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	306 return NGX_DECLINED;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	307 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	308
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	309 if (pkt->level != ssl_encryption_application) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	310 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	311 "quic too early migration attempt");
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	312 return NGX_DECLINED;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	313 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	314
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	315 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	316 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	317
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	318 /* packet from known path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	319
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	320 if (qsock->path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	321 /* client switched to previously unused server id */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	322 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	323 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	324
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	325 if (path == qsock->path) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	326 /* regular packet to expected path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	327 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	328 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	329
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	330 /* client is trying to use server id already used on other path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	331
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	332 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	333 "quic attempt to use socket #%uL:%uL:%uL with path #%uL",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	334 qsock->sid.seqnum, qsock->cid->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	335 qsock->path->seqnum, path->seqnum);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	336
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	337 return NGX_DECLINED;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	338 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	339
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	340
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	341 ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	342 ngx_quic_update_paths(ngx_connection_t c, ngx_quic_header_t pkt)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	343 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	344 off_t len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	345 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	346 ngx_quic_socket_t *qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	347 ngx_quic_client_id_t *cid;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	348 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	349
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	350 qsock = ngx_quic_get_socket(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	351 path = qsock->path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	352
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	353 if (path) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	354 goto update;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	355 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	356
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	357 path = ngx_quic_find_path(c, c->udp->dgram->sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	358 c->udp->dgram->socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	359
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	360 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	361 path = ngx_quic_add_path(c, c->udp->dgram->sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	362 c->udp->dgram->socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	363 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	364 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	365 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	366 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	367
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	368 /* prefer unused client IDs if available */
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	369 cid = ngx_quic_next_client_id(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	370 if (cid == NULL) {
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	371
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	372 /* try to reuse connection ID used on the same path */
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	373 cid = ngx_quic_used_client_id(c, path);
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	374 if (cid == NULL) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	375
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	376 qc = ngx_quic_get_connection(c);
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	377 qc->error = NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR;
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	378 qc->error_reason = "no available client ids for new path";
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	379
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	380 ngx_log_error(NGX_LOG_ERR, c->log, 0,
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	381 "no available client ids for new path");
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	382
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	383 return NGX_ERROR;
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	384 }
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	385 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	386
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	387 ngx_quic_connect(c, qsock, path, cid);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	388
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	389 update:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	390
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	391 if (pkt->raw->start == pkt->data) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	392 len = pkt->raw->last - pkt->raw->start;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	393
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	394 } else {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	395 len = 0;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	396 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	397
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	398 /* TODO: this may be too late in some cases;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	399 * for example, if error happens during decrypt(), we cannot
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	400 * send CC, if error happens in 1st packet, due to amplification
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	401 * limit, because path->received = 0
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	402 *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	403 * should we account garbage as received or only decrypting packets?
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	404 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	405 path->received += len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	406
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	407 ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	408 "quic packet via #%uL:%uL:%uL"
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	409 " size:%O path recvd:%O sent:%O",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	410 qsock->sid.seqnum, qsock->cid->seqnum, path->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	411 len, path->received, path->sent);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	412
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	413 return NGX_OK;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	414 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	415
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	416
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	417 static void
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	418 ngx_quic_set_connection_path(ngx_connection_t c, ngx_quic_path_t path)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	419 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	420 size_t len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	421
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	422 ngx_memcpy(c->sockaddr, path->sockaddr, path->socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	423 c->socklen = path->socklen;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	424
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	425 if (c->addr_text.data) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	426 len = ngx_min(c->addr_text.len, path->addr_text.len);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	427
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	428 ngx_memcpy(c->addr_text.data, path->addr_text.data, len);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	429 c->addr_text.len = len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	430 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	431
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	432 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	433 "quic send path set to #%uL addr:%V",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	434 path->seqnum, &path->addr_text);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	435 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	436
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	437
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	438 ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	439 ngx_quic_handle_migration(ngx_connection_t c, ngx_quic_header_t pkt)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	440 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	441 ngx_quic_path_t *next;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	442 ngx_quic_socket_t *qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	443 ngx_quic_send_ctx_t *ctx;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	444 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	445
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	446 /* got non-probing packet via non-active socket with different path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	447
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	448 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	449
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	450 /* current socket, different from active */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	451 qsock = ngx_quic_get_socket(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	452
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	453 next = qsock->path; /* going to migrate to this path... */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	454
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	455 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	456 "quic migration from #%uL:%uL:%uL (%s)"
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	457 " to #%uL:%uL:%uL (%s)",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	458 qc->socket->sid.seqnum, qc->socket->cid->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	459 qc->socket->path->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	460 ngx_quic_path_state_str(qc->socket->path),
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	461 qsock->sid.seqnum, qsock->cid->seqnum, next->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	462 ngx_quic_path_state_str(next));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	463
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	464 switch (next->state) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	465 case NGX_QUIC_PATH_NEW:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	466 if (ngx_quic_validate_path(c, qsock) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	467 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	468 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	469 break;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	470
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	471 /* migration to previously known path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	472
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	473 case NGX_QUIC_PATH_VALIDATING:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	474 /* alredy validating, nothing to do */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	475 break;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	476
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	477 case NGX_QUIC_PATH_VALIDATED:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	478 /* if path is old enough, revalidate */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	479 if (ngx_time() - next->validated_at > NGX_QUIC_PATH_VALID_TIME) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	480
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	481 next->state = NGX_QUIC_PATH_NEW;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	482
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	483 if (ngx_quic_validate_path(c, qsock) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	484 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	485 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	486 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	487
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	488 break;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	489 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	490
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	491 ctx = ngx_quic_get_send_ctx(qc, pkt->level);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	492
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	493 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	494 * RFC 9000, 9.3. Responding to Connection Migration
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	495 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	496 * An endpoint only changes the address to which it sends packets in
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	497 * response to the highest-numbered non-probing packet.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	498 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	499 if (pkt->pn != ctx->largest_pn) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	500 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	501 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	502
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	503 /* switching connection to new path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	504
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	505 ngx_quic_set_connection_path(c, next);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	506
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	507 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	508 * RFC 9000, 9.5. Privacy Implications of Connection Migration
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	509 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	510 * An endpoint MUST NOT reuse a connection ID when sending to
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	511 * more than one destination address.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	512 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	513
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	514 /* preserve valid path we are migrating from */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	515 if (qc->socket->path->state == NGX_QUIC_PATH_VALIDATED) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	516
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	517 if (qc->backup) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	518 ngx_quic_close_socket(c, qc->backup);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	519 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	520
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	521 qc->backup = qc->socket;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	522
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	523 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	524 "quic backup socket is now #%uL:%uL:%uL (%s)",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	525 qc->backup->sid.seqnum, qc->backup->cid->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	526 qc->backup->path->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	527 ngx_quic_path_state_str(qc->backup->path));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	528 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	529
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	530 qc->socket = qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	531
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	532 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	533 "quic active socket is now #%uL:%uL:%uL (%s)",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	534 qsock->sid.seqnum, qsock->cid->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	535 qsock->path->seqnum, ngx_quic_path_state_str(qsock->path));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	536
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	537 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	538 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	539
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	540
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	541 static ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	542 ngx_quic_validate_path(ngx_connection_t c, ngx_quic_socket_t qsock)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	543 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	544 ngx_msec_t pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	545 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	546 ngx_quic_send_ctx_t *ctx;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	547 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	548
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	549 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	550
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	551 path = qsock->path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	552
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	553 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	554 "quic initiated validation of new path #%uL",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	555 path->seqnum);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	556
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	557 path->state = NGX_QUIC_PATH_VALIDATING;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	558
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	559 if (RAND_bytes(path->challenge1, 8) != 1) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	560 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	561 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	562
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	563 if (RAND_bytes(path->challenge2, 8) != 1) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	564 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	565 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	566
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	567 if (ngx_quic_send_path_challenge(c, path) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	568 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	569 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	570
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	571 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	572 pto = ngx_quic_pto(c, ctx);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	573
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	574 path->expires = ngx_current_msec + pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	575 path->tries = NGX_QUIC_PATH_RETRIES;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	576
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	577 if (!qc->path_validation.timer_set) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	578 ngx_add_timer(&qc->path_validation, pto);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	579 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	580
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	581 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	582 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	583
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	584
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	585 static ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	586 ngx_quic_send_path_challenge(ngx_connection_t c, ngx_quic_path_t path)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	587 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	588 off_t max, pad;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	589 ssize_t sent;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	590 ngx_quic_frame_t frame;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	591
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	592 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	593 "quic path #%uL send path challenge tries:%ui",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	594 path->seqnum, path->tries);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	595
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	596 frame.level = ssl_encryption_application;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	597 frame.type = NGX_QUIC_FT_PATH_CHALLENGE;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	598
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	599 ngx_memcpy(frame.u.path_challenge.data, path->challenge1, 8);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	600
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	601 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	602 * RFC 9000, 8.2.1. Initiating Path Validation
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	603 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	604 * An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	605 * to at least the smallest allowed maximum datagram size of 1200 bytes,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	606 * unless the anti-amplification limit for the path does not permit
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	607 * sending a datagram of this size.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	608 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	609
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	610 /* same applies to PATH_RESPONSE frames */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	611
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	612 max = path->received * 3;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	613 max = (path->sent >= max) ? 0 : max - path->sent;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	614 pad = ngx_min(1200, max);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	615
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	616 sent = ngx_quic_frame_sendto(c, &frame, pad, path->sockaddr, path->socklen);
8822 ad046179eb91 QUIC: handle EAGAIN properly on UDP sockets. Vladimir Homutov <vl@nginx.com> parents: 8797 diff changeset	617 if (sent < 0) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	618 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	619 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	620
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	621 path->sent += sent;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	622
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	623 ngx_memcpy(frame.u.path_challenge.data, path->challenge2, 8);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	624
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	625 max = (path->sent >= max) ? 0 : max - path->sent;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	626 pad = ngx_min(1200, max);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	627
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	628 sent = ngx_quic_frame_sendto(c, &frame, pad, path->sockaddr, path->socklen);
8822 ad046179eb91 QUIC: handle EAGAIN properly on UDP sockets. Vladimir Homutov <vl@nginx.com> parents: 8797 diff changeset	629 if (sent < 0) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	630 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	631 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	632
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	633 path->sent += sent;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	634
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	635 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	636 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	637
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	638
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	639 void
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	640 ngx_quic_path_validation_handler(ngx_event_t *ev)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	641 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	642 ngx_msec_t now;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	643 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	644 ngx_msec_int_t left, next, pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	645 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	646 ngx_connection_t *c;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	647 ngx_quic_send_ctx_t *ctx;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	648 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	649
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	650 c = ev->data;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	651 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	652
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	653 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	654 pto = ngx_quic_pto(c, ctx);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	655
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	656 next = -1;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	657 now = ngx_current_msec;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	658
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	659 for (q = ngx_queue_head(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	660 q != ngx_queue_sentinel(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	661 q = ngx_queue_next(q))
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	662 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	663 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	664
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	665 if (path->state != NGX_QUIC_PATH_VALIDATING) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	666 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	667 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	668
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	669 left = path->expires - now;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	670
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	671 if (left > 0) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	672
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	673 if (next == -1 \|\| left < next) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	674 next = path->expires;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	675 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	676
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	677 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	678 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	679
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	680 if (--path->tries) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	681 path->expires = ngx_current_msec + pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	682
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	683 if (next == -1 \|\| pto < next) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	684 next = pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	685 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	686
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	687 /* retransmit */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	688 (void) ngx_quic_send_path_challenge(c, path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	689
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	690 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	691 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	692
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	693 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	694 "quic path #%uL validation failed", path->seqnum);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	695
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	696 /* found expired path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	697
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	698 path->state = NGX_QUIC_PATH_NEW;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	699
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	700 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	701 * RFC 9000, 9.4. Loss Detection and Congestion Control
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	702 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	703 * If the timer fires before the PATH_RESPONSE is received, the
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	704 * endpoint might send a new PATH_CHALLENGE and restart the timer for
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	705 * a longer period of time. This timer SHOULD be set as described in
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	706 * Section 6.2.1 of [QUIC-RECOVERY] and MUST NOT be more aggressive.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	707 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	708
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	709 if (qc->socket->path != path) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	710 /* the path was not actually used */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	711 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	712 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	713
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	714 if (ngx_quic_path_restore(c) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	715 qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	716 qc->error_reason = "no viable path";
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	717 ngx_quic_close_connection(c, NGX_ERROR);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	718 return;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	719 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	720 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	721
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	722 if (next != -1) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	723 ngx_add_timer(&qc->path_validation, next);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	724 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	725 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	726
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	727
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	728 static ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	729 ngx_quic_path_restore(ngx_connection_t *c)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	730 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	731 ngx_quic_socket_t *qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	732 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	733
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	734 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	735
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	736 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	737 * RFC 9000, 9.1. Probing a New Path
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	738 *
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	739 * Failure to validate a path does not cause the connection to end
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	740 *
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	741 * RFC 9000, 9.3.2. On-Path Address Spoofing
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	742 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	743 * To protect the connection from failing due to such a spurious
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	744 * migration, an endpoint MUST revert to using the last validated
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	745 * peer address when validation of a new peer address fails.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	746 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	747
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	748 if (qc->backup == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	749 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	750 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	751
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	752 qc->socket = qc->backup;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	753 qc->backup = NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	754
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	755 qsock = qc->socket;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	756
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	757 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	758 "quic active socket is restored to #%uL:%uL:%uL"
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	759 " (%s), no backup",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	760 qsock->sid.seqnum, qsock->cid->seqnum, qsock->path->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	761 ngx_quic_path_state_str(qsock->path));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	762
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	763 ngx_quic_set_connection_path(c, qsock->path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	764
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	765 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	766 }

Mercurial > hg > nginx

annotate src/event/quic/ngx_event_quic_migration.c @ 8908:e8cbbfabe547 quic