Mercurial > hg > nginx

comparison src/event/quic/ngx_event_quic.c @ 8797:4715f3e669f1 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: updated specification references. This includes updating citations and further clarification.
author Sergey Kandaurov <pluknet@nginx.com>
date Wed, 16 Jun 2021 11:55:12 +0300
parents 80d396fd8ee8
children f8ad3dd142ad
comparison
equal deleted inserted replaced
8796:1fec68e322d0 8797:4715f3e669f1
504 } 504 }
505 505
506 if (rc == NGX_DONE) { 506 if (rc == NGX_DONE) {
507 507
508 /* 508 /*
509 * 10.2. Idle Timeout 509 * RFC 9000, 10.1. Idle Timeout
510 * 510 *
511 * If the idle timeout is enabled by either peer, a connection is 511 * If a max_idle_timeout is specified by either endpoint in its
512 * silently closed and its state is discarded when it remains idle 512 * transport parameters (Section 18.2), the connection is silently
513 * closed and its state is discarded when it remains idle
513 */ 514 */
514 515
515 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, 516 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
516 "quic closing %s connection", 517 "quic closing %s connection",
517 qc->draining ? "drained" : "idle"); 518 qc->draining ? "drained" : "idle");
518 519
519 } else { 520 } else {
520 521
521 /* 522 /*
522 * 10.3. Immediate Close 523 * RFC 9000, 10.2. Immediate Close
523 * 524 *
524 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) 525 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19)
525 * to terminate the connection immediately. 526 * to terminate the connection immediately.
526 */ 527 */
527 528
706 * we get NGX_DECLINED when there are no keys [yet] available 707 * we get NGX_DECLINED when there are no keys [yet] available
707 * to decrypt packet. 708 * to decrypt packet.
708 * Instead of queueing it, we ignore it and rely on the sender's 709 * Instead of queueing it, we ignore it and rely on the sender's
709 * retransmission: 710 * retransmission:
710 * 711 *
711 * 12.2. Coalescing Packets: 712 * RFC 9000, 12.2. Coalescing Packets
712 * 713 *
713 * For example, if decryption fails (because the keys are 714 * For example, if decryption fails (because the keys are
714 * not available or any other reason), the receiver MAY either 715 * not available or for any other reason), the receiver MAY either
715 * discard or buffer the packet for later processing and MUST 716 * discard or buffer the packet for later processing and MUST
716 * attempt to process the remaining packets. 717 * attempt to process the remaining packets.
717 * 718 *
718 * We also skip packets that don't match connection state 719 * We also skip packets that don't match connection state
719 * or cannot be parsed properly. 720 * or cannot be parsed properly.
829 } 830 }
830 831
831 c->log->action = "processing initial packet"; 832 c->log->action = "processing initial packet";
832 833
833 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { 834 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) {
834 /* 7.2. Negotiating Connection IDs */ 835 /* RFC 9000, 7.2. Negotiating Connection IDs */
835 ngx_log_error(NGX_LOG_INFO, c->log, 0, 836 ngx_log_error(NGX_LOG_INFO, c->log, 0,
836 "quic too short dcid in initial" 837 "quic too short dcid in initial"
837 " packet: len:%i", pkt->dcid.len); 838 " packet: len:%i", pkt->dcid.len);
838 return NGX_ERROR; 839 return NGX_ERROR;
839 } 840 }
942 } 943 }
943 } 944 }
944 945
945 if (pkt->level == ssl_encryption_handshake) { 946 if (pkt->level == ssl_encryption_handshake) {
946 /* 947 /*
947 * 4.10.1. The successful use of Handshake packets indicates 948 * RFC 9001, 4.9.1. Discarding Initial Keys
949 *
950 * The successful use of Handshake packets indicates
948 * that no more Initial packets need to be exchanged 951 * that no more Initial packets need to be exchanged
949 */ 952 */
950 ngx_quic_discard_ctx(c, ssl_encryption_initial); 953 ngx_quic_discard_ctx(c, ssl_encryption_initial);
951 954
952 if (qc->socket->path->state != NGX_QUIC_PATH_VALIDATED) { 955 if (qc->socket->path->state != NGX_QUIC_PATH_VALIDATED) {
955 } 958 }
956 } 959 }
957 960
958 if (qc->closing) { 961 if (qc->closing) {
959 /* 962 /*
960 * 10.1 Closing and Draining Connection States 963 * RFC 9000, 10.2. Immediate Close
964 *
961 * ... delayed or reordered packets are properly discarded. 965 * ... delayed or reordered packets are properly discarded.
962 * 966 *
963 * An endpoint retains only enough information to generate 967 * In the closing state, an endpoint retains only enough information
964 * a packet containing a CONNECTION_CLOSE frame and to identify 968 * to generate a packet containing a CONNECTION_CLOSE frame and to
965 * packets as belonging to the connection. 969 * identify packets as belonging to the connection.
966 */ 970 */
967 971
968 qc->error_level = pkt->level; 972 qc->error_level = pkt->level;
969 qc->error = NGX_QUIC_ERR_NO_ERROR; 973 qc->error = NGX_QUIC_ERR_NO_ERROR;
970 qc->error_reason = "connection is closing, packet discarded"; 974 qc->error_reason = "connection is closing, packet discarded";
1329 1333
1330 if (qsock != qc->socket) { 1334 if (qsock != qc->socket) {
1331 1335
1332 if (qsock->path != qc->socket->path && nonprobing) { 1336 if (qsock->path != qc->socket->path && nonprobing) {
1333 /* 1337 /*
1338 * RFC 9000, 9.2. Initiating Connection Migration
1339 *
1334 * An endpoint can migrate a connection to a new local 1340 * An endpoint can migrate a connection to a new local
1335 * address by sending packets containing non-probing frames 1341 * address by sending packets containing non-probing frames
1336 * from that address. 1342 * from that address.
1337 */ 1343 */
1338 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) { 1344 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) {