Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic.c @ 8797:4715f3e669f1 quic
QUIC: updated specification references.
This includes updating citations and further clarification.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 16 Jun 2021 11:55:12 +0300 |
parents | 80d396fd8ee8 |
children | f8ad3dd142ad |
comparison
equal
deleted
inserted
replaced
8796:1fec68e322d0 | 8797:4715f3e669f1 |
---|---|
504 } | 504 } |
505 | 505 |
506 if (rc == NGX_DONE) { | 506 if (rc == NGX_DONE) { |
507 | 507 |
508 /* | 508 /* |
509 * 10.2. Idle Timeout | 509 * RFC 9000, 10.1. Idle Timeout |
510 * | 510 * |
511 * If the idle timeout is enabled by either peer, a connection is | 511 * If a max_idle_timeout is specified by either endpoint in its |
512 * silently closed and its state is discarded when it remains idle | 512 * transport parameters (Section 18.2), the connection is silently |
513 * closed and its state is discarded when it remains idle | |
513 */ | 514 */ |
514 | 515 |
515 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 516 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
516 "quic closing %s connection", | 517 "quic closing %s connection", |
517 qc->draining ? "drained" : "idle"); | 518 qc->draining ? "drained" : "idle"); |
518 | 519 |
519 } else { | 520 } else { |
520 | 521 |
521 /* | 522 /* |
522 * 10.3. Immediate Close | 523 * RFC 9000, 10.2. Immediate Close |
523 * | 524 * |
524 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) | 525 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) |
525 * to terminate the connection immediately. | 526 * to terminate the connection immediately. |
526 */ | 527 */ |
527 | 528 |
706 * we get NGX_DECLINED when there are no keys [yet] available | 707 * we get NGX_DECLINED when there are no keys [yet] available |
707 * to decrypt packet. | 708 * to decrypt packet. |
708 * Instead of queueing it, we ignore it and rely on the sender's | 709 * Instead of queueing it, we ignore it and rely on the sender's |
709 * retransmission: | 710 * retransmission: |
710 * | 711 * |
711 * 12.2. Coalescing Packets: | 712 * RFC 9000, 12.2. Coalescing Packets |
712 * | 713 * |
713 * For example, if decryption fails (because the keys are | 714 * For example, if decryption fails (because the keys are |
714 * not available or any other reason), the receiver MAY either | 715 * not available or for any other reason), the receiver MAY either |
715 * discard or buffer the packet for later processing and MUST | 716 * discard or buffer the packet for later processing and MUST |
716 * attempt to process the remaining packets. | 717 * attempt to process the remaining packets. |
717 * | 718 * |
718 * We also skip packets that don't match connection state | 719 * We also skip packets that don't match connection state |
719 * or cannot be parsed properly. | 720 * or cannot be parsed properly. |
829 } | 830 } |
830 | 831 |
831 c->log->action = "processing initial packet"; | 832 c->log->action = "processing initial packet"; |
832 | 833 |
833 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { | 834 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { |
834 /* 7.2. Negotiating Connection IDs */ | 835 /* RFC 9000, 7.2. Negotiating Connection IDs */ |
835 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 836 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
836 "quic too short dcid in initial" | 837 "quic too short dcid in initial" |
837 " packet: len:%i", pkt->dcid.len); | 838 " packet: len:%i", pkt->dcid.len); |
838 return NGX_ERROR; | 839 return NGX_ERROR; |
839 } | 840 } |
942 } | 943 } |
943 } | 944 } |
944 | 945 |
945 if (pkt->level == ssl_encryption_handshake) { | 946 if (pkt->level == ssl_encryption_handshake) { |
946 /* | 947 /* |
947 * 4.10.1. The successful use of Handshake packets indicates | 948 * RFC 9001, 4.9.1. Discarding Initial Keys |
949 * | |
950 * The successful use of Handshake packets indicates | |
948 * that no more Initial packets need to be exchanged | 951 * that no more Initial packets need to be exchanged |
949 */ | 952 */ |
950 ngx_quic_discard_ctx(c, ssl_encryption_initial); | 953 ngx_quic_discard_ctx(c, ssl_encryption_initial); |
951 | 954 |
952 if (qc->socket->path->state != NGX_QUIC_PATH_VALIDATED) { | 955 if (qc->socket->path->state != NGX_QUIC_PATH_VALIDATED) { |
955 } | 958 } |
956 } | 959 } |
957 | 960 |
958 if (qc->closing) { | 961 if (qc->closing) { |
959 /* | 962 /* |
960 * 10.1 Closing and Draining Connection States | 963 * RFC 9000, 10.2. Immediate Close |
964 * | |
961 * ... delayed or reordered packets are properly discarded. | 965 * ... delayed or reordered packets are properly discarded. |
962 * | 966 * |
963 * An endpoint retains only enough information to generate | 967 * In the closing state, an endpoint retains only enough information |
964 * a packet containing a CONNECTION_CLOSE frame and to identify | 968 * to generate a packet containing a CONNECTION_CLOSE frame and to |
965 * packets as belonging to the connection. | 969 * identify packets as belonging to the connection. |
966 */ | 970 */ |
967 | 971 |
968 qc->error_level = pkt->level; | 972 qc->error_level = pkt->level; |
969 qc->error = NGX_QUIC_ERR_NO_ERROR; | 973 qc->error = NGX_QUIC_ERR_NO_ERROR; |
970 qc->error_reason = "connection is closing, packet discarded"; | 974 qc->error_reason = "connection is closing, packet discarded"; |
1329 | 1333 |
1330 if (qsock != qc->socket) { | 1334 if (qsock != qc->socket) { |
1331 | 1335 |
1332 if (qsock->path != qc->socket->path && nonprobing) { | 1336 if (qsock->path != qc->socket->path && nonprobing) { |
1333 /* | 1337 /* |
1338 * RFC 9000, 9.2. Initiating Connection Migration | |
1339 * | |
1334 * An endpoint can migrate a connection to a new local | 1340 * An endpoint can migrate a connection to a new local |
1335 * address by sending packets containing non-probing frames | 1341 * address by sending packets containing non-probing frames |
1336 * from that address. | 1342 * from that address. |
1337 */ | 1343 */ |
1338 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) { | 1344 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) { |