nginx: src/event/ngx_event_quic.c comparison

comparison src/event/ngx_event_quic.c @ 8183:6091506af0f7 quic

Aded the "ngx_quic_hexdump" macro. ngx_quic_hexdump0(log, format, buffer, buffer_size); - logs hexdump of buffer to specified error log ngx_quic_hexdump0(c->log, "this is foo:", foo.data, foo.len); ngx_quic_hexdump(log, format, buffer, buffer_size, ...) - same as hexdump0, but more format/args possible: ngx_quic_hexdump(c->log, "a=%d b=%d, foo is:", foo.data, foo.len, a, b);

author	Vladimir Homutov <vl@nginx.com>
date	Mon, 02 Mar 2020 21:38:03 +0300
parents	b28ea685a56e
children	ec1f84996990

comparison

equal deleted inserted replaced

-:b28ea685a56e
+:6091506af0f7
 #define ngx_quic_write_uint16_aligned(p, s)                                   \
 (*(uint16_t *) (p) = htons((uint16_t) (s)), (p) + sizeof(uint16_t))
 #define ngx_quic_write_uint32_aligned(p, s)                                   \
 (*(uint32_t *) (p) = htonl((uint32_t) (s)), (p) + sizeof(uint32_t))
+#if (NGX_DEBUG)
+#define ngx_quic_hexdump(log, fmt, data, len, ...)                            \
+do {                                                                          \
+ngx_int_t  m;                                                             \
+u_char     buf[2048];                                                     \
+\
+if (log->log_level & NGX_LOG_DEBUG_EVENT) {                               \
+m = ngx_hex_dump(buf, (u_char *) data, ngx_min(len, 1024)) - buf;     \
+ngx_log_debug(NGX_LOG_DEBUG_EVENT, log, 0,                            \
+"%s: " fmt " %*s%s, len: %uz",                             \
+__FUNCTION__,  __VA_ARGS__, m, buf,                        \
+len < 2048 ? "" : "...", len);                             \
+}                                                                         \
+} while (0)
+#else
+#define ngx_quic_hexdump(log, fmt, data, len, ...)
+#endif
+#define ngx_quic_hexdump0(log, fmt, data, len)                                \
+ngx_quic_hexdump(log, fmt "%s", data, len, "")                            \
 /* TODO: real states, these are stubs */
 typedef enum  {
 NGX_QUIC_ST_INITIAL,
 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn);
 //ngx_ssl_handshake_log(c); // TODO: enable again
-#if (NGX_DEBUG)
+ngx_quic_hexdump(c->log, "level:%d read", read_secret, secret_len, level);
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
+ngx_quic_hexdump(c->log, "level:%d read", write_secret, secret_len, level);
-u_char  buf[64];
-size_t  m;
-m = ngx_hex_dump(buf, (u_char *) read_secret, secret_len) - buf;
-ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"set_encryption_secrets: read %*s, len: %uz, level:%d",
-m, buf, secret_len, (int) level);
-m = ngx_hex_dump(buf, (u_char *) write_secret, secret_len) - buf;
-ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"set_encryption_secrets: write %*s, len: %uz, level:%d",
-m, buf, secret_len, (int) level);
-}
-#endif
 name = (u_char *) SSL_get_cipher(ssl_conn);
 if (ngx_strcasecmp(name, (u_char *) "TLS_AES_128_GCM_SHA256") == 0
 || ngx_strcasecmp(name, (u_char *) "(NONE)") == 0)
 static int
 ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn,
 enum ssl_encryption_level_t level, const uint8_t *data, size_t len)
 {
 u_char                   *p, *pnp, *name, *nonce, *sample;
-ngx_int_t                 m;
 ngx_str_t                 in, out, ad;
 static int                pn;
 const EVP_CIPHER         *cipher;
 ngx_connection_t         *c;
 ngx_quic_secret_t        *secret;
 ngx_quic_connection_t    *qc;
-u_char                    buf[2048], mask[16];
+u_char                    mask[16];
 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn);
 qc = c->quic;
 //ngx_ssl_handshake_log(c); // TODO: enable again
 default:
 return 0;
 }
-m = ngx_hex_dump(buf, (u_char *) data, ngx_min(len, 1024)) - buf;
+ngx_quic_hexdump(c->log, "level:%d read", data, len, level);
-ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"ngx_quic_add_handshake_data: %*s%s, len: %uz, level:%d",
-m, buf, len < 2048 ? "" : "...", len, (int) level);
 in.data = ngx_alloc(4 + len + 5 /*minimal ACK*/, c->log);
 if (in.data == 0) {
 return 0;
 }
 *p++ = pn++;
 }
 ad.len = p - ad.data;
-m = ngx_hex_dump(buf, ad.data, ad.len) - buf;
+ngx_quic_hexdump0(c->log, "ad", data, len);
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"ngx_quic_add_handshake_data ad: %*s, len: %uz",
-m, buf, ad.len);
 name = (u_char *) SSL_get_cipher(ssl_conn);
 if (ngx_strcasecmp(name, (u_char *) "TLS_AES_128_GCM_SHA256") == 0
 || ngx_strcasecmp(name, (u_char *) "(NONE)") == 0)
 nonce = ngx_pstrdup(c->pool, &secret->iv);
 if (level == ssl_encryption_handshake) {
 nonce[11] ^= (pn - 1);
 }
-m = ngx_hex_dump(buf, (u_char *) secret->iv.data, 12) - buf;
+ngx_quic_hexdump0(c->log, "server_iv", secret->iv.data, 12);
-ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+ngx_quic_hexdump(c->log, "sample: n=%d nonce", nonce, 12, pn - 1);
-"ngx_quic_add_handshake_data sample: server_iv %*s",
-m, buf);
-m = ngx_hex_dump(buf, (u_char *) nonce, 12) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"ngx_quic_add_handshake_data sample: n=%d nonce %*s",
-pn - 1, m, buf);
 if (ngx_quic_tls_seal(c, cipher, secret, &out, nonce, &in, &ad) != NGX_OK)
 {
 return 0;
 }
 sample = &out.data[3]; // pnl=0
 if (ngx_quic_tls_hp(c, EVP_aes_128_ecb(), secret, mask, sample) != NGX_OK) {
 return 0;
 }
-m = ngx_hex_dump(buf, (u_char *) sample, 16) - buf;
+ngx_quic_hexdump0(c->log, "sample", sample, 16);
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
+ngx_quic_hexdump0(c->log, "mask", mask, 16);
-"ngx_quic_add_handshake_data sample: %*s, len: %uz",
+ngx_quic_hexdump0(c->log, "hp_key", secret->hp.data, 16);
-m, buf, 16);
-m = ngx_hex_dump(buf, (u_char *) mask, 16) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"ngx_quic_add_handshake_data mask: %*s, len: %uz",
-m, buf, 16);
-m = ngx_hex_dump(buf, (u_char *) secret->hp.data, 16) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"ngx_quic_add_handshake_data hp_key: %*s, len: %uz",
-m, buf, 16);
 // header protection, pnl = 0
 ad.data[0] ^= mask[0] & 0x0f;
 *pnp ^= mask[1];
 }
 p = ngx_cpymem(packet, ad.data, ad.len);
 p = ngx_cpymem(p, out.data, out.len);
-m = ngx_hex_dump(buf, (u_char *) packet, ngx_min(1024, p - packet)) - buf;
+ngx_quic_hexdump0(c->log, "packet", packet, p - packet);
-ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"ngx_quic_add_handshake_data packet: %*s%s, len: %uz",
-m, buf, len < 2048 ? "" : "...", p - packet);
 // TODO: save state of data to send into qc (push into queue)
 qc->out.data = packet;
 qc->out.len = p - packet;
 static ngx_int_t
 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_buf_t *b)
 {
-int             n, sslerr;
+int                     n, sslerr;
-#if (NGX_DEBUG)
+ngx_quic_connection_t  *qc;
-u_char          buf[512];
-size_t          m;
-#endif
-ngx_quic_connection_t    *qc;
 if ((b->pos[0] & 0xf0) != 0xc0) {
 ngx_log_error(NGX_LOG_INFO, c->log, 0, "invalid initial packet");
 return NGX_ERROR;
 }
 * draft-ietf-quic-tls-23#section-5.4.[34]:
 * AES-Based and ChaCha20-Based header protections sample 16 bytes
 */
 u_char *sample = b->pos + 4;
-#if (NGX_DEBUG)
+ngx_quic_hexdump0(c->log, "DCID", qc->dcid.data, qc->dcid.len);
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
+ngx_quic_hexdump0(c->log, "SCID", qc->scid.data, qc->scid.len);
-m = ngx_hex_dump(buf, qc->dcid.data, qc->dcid.len) - buf;
+ngx_quic_hexdump0(c->log, "token", qc->token.data, qc->token.len);
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
+ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic DCID: %*s, len: %uz", m, buf, qc->dcid.len);
+"quic packet length: %d", plen);
+ngx_quic_hexdump0(c->log, "sample", sample, 16);
-m = ngx_hex_dump(buf, qc->scid.data, qc->scid.len) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic SCID: %*s, len: %uz", m, buf, qc->scid.len);
-m = ngx_hex_dump(buf, qc->token.data, qc->token.len) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic token: %*s, len: %uz", m, buf, qc->token.len);
-ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic packet length: %d", plen);
-m = ngx_hex_dump(buf, sample, 16) - buf;
-ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic sample: %*s", m, buf);
-}
-#endif
 // initial secret
 size_t                    is_len;
 uint8_t                   is[SHA256_DIGEST_LENGTH];
 ngx_str_t iss = {
 .data = is,
 .len = is_len
 };
-#if (NGX_DEBUG)
+ngx_quic_hexdump0(c->log, "salt", salt, sizeof(salt));
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
+ngx_quic_hexdump0(c->log, "initial secret", is, is_len);
-m = ngx_hex_dump(buf, (uint8_t *) salt, sizeof(salt)) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic salt: %*s, len: %uz", m, buf, sizeof(salt));
-m = ngx_hex_dump(buf, is, is_len) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic initial secret: %*s, len: %uz", m, buf, is_len);
-}
-#endif
 /* draft-ietf-quic-tls-23#section-5.2 */
 qc->client_in.secret.len = SHA256_DIGEST_LENGTH;
 qc->server_in.secret.len = SHA256_DIGEST_LENGTH;
 u_char  clearflags = flags ^ (mask[0] & 0x0f);
 ngx_int_t  pnl = (clearflags & 0x03) + 1;
 uint64_t  pn = ngx_quic_parse_pn(&b->pos, pnl, &mask[1]);
-#if (NGX_DEBUG)
+ngx_quic_hexdump0(c->log, "sample", sample, 16);
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
+ngx_quic_hexdump0(c->log, "mask", mask, 5);
-m = ngx_hex_dump(buf, sample, 16) - buf;
+ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
-ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
+"quic packet number: %uL, len: %xi", pn, pnl);
-"quic sample: %*s", m, buf);
-m = ngx_hex_dump(buf, mask, 5) - buf;
-ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic mask: %*s", m, buf);
-ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic packet number: %uL, len: %xi", pn, pnl);
-}
-#endif
 // packet protection
 ngx_str_t in;
 in.data = b->pos;
 ad.data[ad.len - pnl] = (u_char)pn;
 uint8_t *nonce = ngx_pstrdup(c->pool, &qc->client_in.iv);
 nonce[11] ^= pn;
-#if (NGX_DEBUG)
+ngx_quic_hexdump0(c->log, "nonce", nonce, 12);
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
+ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len);
-m = ngx_hex_dump(buf, nonce, 12) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic nonce: %*s, len: %uz", m, buf, 12);
-m = ngx_hex_dump(buf, ad.data, ad.len) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic ad: %*s, len: %uz", m, buf, ad.len);
-}
-#endif
 ngx_str_t  out;
 if (ngx_quic_tls_open(c, EVP_aes_128_gcm(), &qc->client_in, &out, nonce,
 &in, &ad)
 != NGX_OK)
 {
 return NGX_ERROR;
 }
-#if (NGX_DEBUG)
+ngx_quic_hexdump0(c->log, "packet payload", out.data, out.len);
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
-m = ngx_hex_dump(buf, out.data, ngx_min(out.len, 256)) - buf;
-ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic packet payload: %*s%s, len: %uz",
-m, buf, m < 512 ? "" : "...", out.len);
-}
-#endif
 if (out.data[0] != 0x06) {
 ngx_log_error(NGX_LOG_INFO, c->log, 0,
 "unexpected frame in initial packet");
 return NGX_ERROR;
 static ngx_int_t
 ngx_quic_handshake_input(ngx_connection_t *c, ngx_buf_t *bb)
 {
-size_t                  m;
 ssize_t                 n;
 ngx_str_t               out;
 const EVP_CIPHER       *cipher;
 ngx_quic_connection_t  *qc;
-u_char                  buf[4096], *p, *b;
+u_char                  *p, *b;
 qc = c->quic;
 n = bb->last - bb->pos;
 p = bb->pos;
 b = bb->start;
-m = ngx_hex_dump(buf, b, n) - buf;
+ngx_quic_hexdump0(c->log, "input", buf, n);
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic handshake handler: %*s, len: %uz", m, buf, n);
 if ((p[0] & 0xf0) != 0xe0) {
 ngx_log_error(NGX_LOG_INFO, c->log, 0, "invalid packet type");
 return NGX_ERROR;
 }
 return NGX_ERROR;
 }
 u_char *sample = p + 4;
-m = ngx_hex_dump(buf, sample, 16) - buf;
+ngx_quic_hexdump0(c->log, "sample", sample, 16);
-ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic sample: %*s", m, buf);
 // header protection
 uint8_t mask[16];
 if (ngx_quic_tls_hp(c, EVP_aes_128_ecb(), &qc->client_hs, mask, sample)
 u_char  clearflags = flags ^ (mask[0] & 0x0f);
 ngx_int_t  pnl = (clearflags & 0x03) + 1;
 uint64_t  pn = ngx_quic_parse_pn(&p, pnl, &mask[1]);
-#if (NGX_DEBUG)
+ngx_quic_hexdump0(c->log, "mask", mask, 5);
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
+ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
-m = ngx_hex_dump(buf, mask, 5) - buf;
+"quic clear flags: %xi", clearflags);
 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic mask: %*s", m, buf);
+"quic packet number: %uL, len: %xi", pn, pnl);
-ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic clear flags: %xi", clearflags);
-ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic packet number: %uL, len: %xi", pn, pnl);
-}
-#endif
 // packet protection
 ngx_str_t in;
 in.data = p;
 ad.data[ad.len - pnl] = (u_char)pn;
 uint8_t *nonce = ngx_pstrdup(c->pool, &qc->client_hs.iv);
 nonce[11] ^= pn;
-#if (NGX_DEBUG)
+ngx_quic_hexdump0(c->log, "nonce", nonce, 12);
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
+ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len);
-m = ngx_hex_dump(buf, nonce, 12) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic nonce: %*s, len: %uz", m, buf, 12);
-m = ngx_hex_dump(buf, ad.data, ad.len) - buf;
-ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic ad: %*s, len: %uz", m, buf, ad.len);
-}
-#endif
 u_char *name = (u_char *) SSL_get_cipher(c->ssl->connection);
 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
 "quic ssl cipher: %s", name);
 != NGX_OK)
 {
 return NGX_ERROR;
 }
-#if (NGX_DEBUG)
+ngx_quic_hexdump0(c->log, "packet payload", out.data, out.len);
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
-m = ngx_hex_dump(buf, out.data, ngx_min(out.len, 256)) - buf;
-ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"quic packet payload: %*s%s, len: %uz",
-m, buf, m < 512 ? "" : "...", out.len);
-}
-#endif
 return NGX_OK;
 }
 {
 uint8_t  *p;
 size_t    info_len;
 uint8_t   info[20];
-#if (NGX_DEBUG)
-u_char    buf[512];
-size_t    m;
-#endif
 out->data = ngx_pnalloc(c->pool, out->len);
 if (out->data == NULL) {
 return NGX_ERROR;
 }
 ngx_ssl_error(NGX_LOG_INFO, c->log, 0,
 "ngx_hkdf_expand(%V) failed", label);
 return NGX_ERROR;
 }
-if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
+ngx_quic_hexdump(c->log, "%V info", info, info_len, label);
-m = ngx_hex_dump(buf, info, info_len) - buf;
+ngx_quic_hexdump(c->log, "%V key", out->data, out->len, label);
-ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"%V info: %*s, len: %uz", label, m, buf, info_len);
-m = ngx_hex_dump(buf, out->data, out->len) - buf;
-ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0,
-"%V key: %*s, len: %uz", label, m, buf, out->len);
-}
 return NGX_OK;
 }

Mercurial > hg > nginx

comparison src/event/ngx_event_quic.c @ 8183:6091506af0f7 quic