Mercurial > hg > nginx

comparison src/event/ngx_event_quic.c @ 8397:1245e274b9ba quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Avoided excessive definitions for connection state. There is no need in a separate type for the QUIC connection state. The only state not found in the SSL library is NGX_QUIC_ST_UNAVAILABLE, which is actually a flag used by the ngx_quic_close_quic() function to prevent cleanup of uninitialized connection.
author Vladimir Homutov <vl@nginx.com>
date Thu, 21 May 2020 15:38:52 +0300
parents df18ae7161b8
children 8bec0ac23cf9
comparison
equal deleted inserted replaced
8396:94c06fe6e159 8397:1245e274b9ba
31 * Implementations MUST support buffering at least 4096 bytes of data 31 * Implementations MUST support buffering at least 4096 bytes of data
32 */ 32 */
33 #define NGX_QUIC_MAX_BUFFERED 65535 33 #define NGX_QUIC_MAX_BUFFERED 65535
34 34
35 35
36 typedef enum {
37 NGX_QUIC_ST_UNAVAIL, /* connection not ready */
38 NGX_QUIC_ST_INITIAL, /* connection just created */
39 NGX_QUIC_ST_HANDSHAKE, /* handshake started */
40 NGX_QUIC_ST_EARLY_DATA, /* handshake in progress */
41 NGX_QUIC_ST_APPLICATION /* handshake complete */
42 } ngx_quic_state_t;
43
44
45 typedef struct { 36 typedef struct {
46 ngx_rbtree_t tree; 37 ngx_rbtree_t tree;
47 ngx_rbtree_node_t sentinel; 38 ngx_rbtree_node_t sentinel;
48 ngx_connection_handler_pt handler; 39 ngx_connection_handler_pt handler;
49 40
93 84
94 ngx_uint_t client_tp_done; 85 ngx_uint_t client_tp_done;
95 ngx_quic_tp_t tp; 86 ngx_quic_tp_t tp;
96 ngx_quic_tp_t ctp; 87 ngx_quic_tp_t ctp;
97 88
98 ngx_quic_state_t state; 89 enum ssl_encryption_level_t state;
99 90
100 ngx_quic_send_ctx_t send_ctx[NGX_QUIC_SEND_CTX_LAST]; 91 ngx_quic_send_ctx_t send_ctx[NGX_QUIC_SEND_CTX_LAST];
101 ngx_quic_secrets_t keys[NGX_QUIC_ENCRYPTION_LAST]; 92 ngx_quic_secrets_t keys[NGX_QUIC_ENCRYPTION_LAST];
102 ngx_quic_secrets_t next_key; 93 ngx_quic_secrets_t next_key;
103 ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST]; 94 ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST];
125 unsigned send_timer_set:1; 116 unsigned send_timer_set:1;
126 unsigned closing:1; 117 unsigned closing:1;
127 unsigned draining:1; 118 unsigned draining:1;
128 unsigned key_phase:1; 119 unsigned key_phase:1;
129 unsigned in_retry:1; 120 unsigned in_retry:1;
121 unsigned initialized:1;
130 }; 122 };
131 123
132 124
133 typedef ngx_int_t (*ngx_quic_frame_handler_pt)(ngx_connection_t *c, 125 typedef ngx_int_t (*ngx_quic_frame_handler_pt)(ngx_connection_t *c,
134 ngx_quic_frame_t *frame, void *data); 126 ngx_quic_frame_t *frame, void *data);
295 #endif 287 #endif
296 288
297 keys = &c->quic->keys[level]; 289 keys = &c->quic->keys[level];
298 290
299 if (level == ssl_encryption_early_data) { 291 if (level == ssl_encryption_early_data) {
300 c->quic->state = NGX_QUIC_ST_EARLY_DATA; 292 c->quic->state = ssl_encryption_early_data;
301 } 293 }
302 294
303 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, 295 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level,
304 rsecret, secret_len, 296 rsecret, secret_len,
305 &keys->client); 297 &keys->client);
356 if (rc != 1) { 348 if (rc != 1) {
357 return rc; 349 return rc;
358 } 350 }
359 351
360 if (level == ssl_encryption_early_data) { 352 if (level == ssl_encryption_early_data) {
361 c->quic->state = NGX_QUIC_ST_EARLY_DATA; 353 c->quic->state = ssl_encryption_early_data;
362 return 1; 354 return 1;
363 } 355 }
364 356
365 #ifdef NGX_QUIC_DEBUG_CRYPTO 357 #ifdef NGX_QUIC_DEBUG_CRYPTO
366 ngx_quic_hexdump(c->log, "quic write", wsecret, secret_len); 358 ngx_quic_hexdump(c->log, "quic write", wsecret, secret_len);
618 qc->push.data = c; 610 qc->push.data = c;
619 qc->push.handler = ngx_quic_push_handler; 611 qc->push.handler = ngx_quic_push_handler;
620 qc->push.cancelable = 1; 612 qc->push.cancelable = 1;
621 613
622 c->quic = qc; 614 c->quic = qc;
623 qc->state = NGX_QUIC_ST_UNAVAIL; 615 qc->state = ssl_encryption_initial;
624 qc->ssl = ssl; 616 qc->ssl = ssl;
625 qc->tp = *tp; 617 qc->tp = *tp;
626 qc->streams.handler = handler; 618 qc->streams.handler = handler;
627 619
628 ctp = &qc->ctp; 620 ctp = &qc->ctp;
655 != NGX_OK) 647 != NGX_OK)
656 { 648 {
657 return NGX_ERROR; 649 return NGX_ERROR;
658 } 650 }
659 651
660 qc->state = NGX_QUIC_ST_INITIAL; 652 qc->initialized = 1;
661 653
662 if (pkt->token.len) { 654 if (pkt->token.len) {
663 rc = ngx_quic_validate_token(c, pkt); 655 rc = ngx_quic_validate_token(c, pkt);
664 656
665 if (rc == NGX_ERROR) { 657 if (rc == NGX_ERROR) {
1064 "quic SSL_set_quic_transport_params() failed"); 1056 "quic SSL_set_quic_transport_params() failed");
1065 return NGX_ERROR; 1057 return NGX_ERROR;
1066 } 1058 }
1067 1059
1068 qc->max_streams = qc->tp.initial_max_streams_bidi; 1060 qc->max_streams = qc->tp.initial_max_streams_bidi;
1069 qc->state = NGX_QUIC_ST_HANDSHAKE; 1061 qc->state = ssl_encryption_handshake;
1070 1062
1071 return NGX_OK; 1063 return NGX_OK;
1072 } 1064 }
1073 1065
1074 1066
1137 ngx_pool_t *pool; 1129 ngx_pool_t *pool;
1138 1130
1139 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, 1131 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
1140 "quic ngx_quic_close_connection, rc: %i", rc); 1132 "quic ngx_quic_close_connection, rc: %i", rc);
1141 1133
1142 if (!c->quic || c->quic->state == NGX_QUIC_ST_UNAVAIL) { 1134 if (!c->quic || !c->quic->initialized) {
1143 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, 1135 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
1144 "quic close connection early error"); 1136 "quic close connection early error");
1145 1137
1146 } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { 1138 } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) {
1147 return; 1139 return;
1178 1170
1179 qc = c->quic; 1171 qc = c->quic;
1180 1172
1181 if (!qc->closing) { 1173 if (!qc->closing) {
1182 1174
1183 switch (qc->state) { 1175 level = (qc->state == ssl_encryption_early_data)
1184 case NGX_QUIC_ST_INITIAL: 1176 ? ssl_encryption_application
1185 level = ssl_encryption_initial; 1177 : qc->state;
1186 break;
1187
1188 case NGX_QUIC_ST_HANDSHAKE:
1189 level = ssl_encryption_handshake;
1190 break;
1191
1192 default: /* NGX_QUIC_ST_APPLICATION/EARLY_DATA */
1193 level = ssl_encryption_application;
1194 break;
1195 }
1196 1178
1197 if (rc == NGX_OK) { 1179 if (rc == NGX_OK) {
1198 1180
1199 /* 1181 /*
1200 * 10.3. Immediate Close 1182 * 10.3. Immediate Close
1637 1619
1638 if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) { 1620 if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) {
1639 return NGX_ERROR; 1621 return NGX_ERROR;
1640 } 1622 }
1641 1623
1642 if (c->quic->state != NGX_QUIC_ST_EARLY_DATA) { 1624 if (c->quic->state != ssl_encryption_early_data) {
1643 ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic unexpected 0-RTT packet"); 1625 ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic unexpected 0-RTT packet");
1644 return NGX_OK; 1626 return NGX_OK;
1645 } 1627 }
1646 1628
1647 keys = &c->quic->keys[ssl_encryption_early_data]; 1629 keys = &c->quic->keys[ssl_encryption_early_data];
2478 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); 2460 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed");
2479 return NGX_ERROR; 2461 return NGX_ERROR;
2480 } 2462 }
2481 2463
2482 } else if (n == 1 && !SSL_in_init(ssl_conn)) { 2464 } else if (n == 1 && !SSL_in_init(ssl_conn)) {
2483 c->quic->state = NGX_QUIC_ST_APPLICATION; 2465 c->quic->state = ssl_encryption_application;
2484 2466
2485 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, 2467 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
2486 "quic ssl cipher: %s", SSL_get_cipher(ssl_conn)); 2468 "quic ssl cipher: %s", SSL_get_cipher(ssl_conn));
2487 2469
2488 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, 2470 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,