comparison src/event/ngx_event_quic.h @ 8221:69345a26ba69 quic

Split transport and crypto parts into separate files. New files: src/event/ngx_event_quic_protection.h src/event/ngx_event_quic_protection.c The protection.h header provides interface to the crypto part of the QUIC: 2 functions to initialize corresponding secrets: ngx_quic_set_initial_secret() ngx_quic_set_encryption_secret() and 2 functions to deal with packet processing: ngx_quic_encrypt() ngx_quic_decrypt() Also, structures representing secrets are defined there. All functions require SSL connection and a pool, only crypto operations inside, no access to nginx connections or events. Currently pool->log is used for the logging (instead of original c->log).
author Vladimir Homutov <vl@nginx.com>
date Mon, 16 Mar 2020 19:00:47 +0300
parents 38c0898b6df7
children 61f9b873e2e7
comparison
equal deleted inserted replaced
8220:7ada2feeac18 8221:69345a26ba69
8 #define _NGX_EVENT_QUIC_H_INCLUDED_ 8 #define _NGX_EVENT_QUIC_H_INCLUDED_
9 9
10 10
11 #include <ngx_event_openssl.h> 11 #include <ngx_event_openssl.h>
12 12
13
14 #define quic_version 0xff000018 /* draft-24 */
15
16 /* 17.2. Long Header Packets */
17
18 #define NGX_QUIC_PKT_LONG 0x80
19
20 #define NGX_QUIC_PKT_INITIAL 0xc0
21 #define NGX_QUIC_PKT_HANDSHAKE 0xe0
22
23
24 #if (NGX_HAVE_NONALIGNED)
25
26 #define ngx_quic_parse_uint16(p) ntohs(*(uint16_t *) (p))
27 #define ngx_quic_parse_uint32(p) ntohl(*(uint32_t *) (p))
28
29 #define ngx_quic_write_uint16 ngx_quic_write_uint16_aligned
30 #define ngx_quic_write_uint32 ngx_quic_write_uint32_aligned
31
32 #else
33
34 #define ngx_quic_parse_uint16(p) ((p)[0] << 8 | (p)[1])
35 #define ngx_quic_parse_uint32(p) \
36 ((uint32_t) (p)[0] << 24 | (p)[1] << 16 | (p)[2] << 8 | (p)[3])
37
38 #define ngx_quic_write_uint16(p, s) \
39 ((p)[0] = (u_char) ((s) >> 8), \
40 (p)[1] = (u_char) (s), \
41 (p) + sizeof(uint16_t))
42
43 #define ngx_quic_write_uint32(p, s) \
44 ((p)[0] = (u_char) ((s) >> 24), \
45 (p)[1] = (u_char) ((s) >> 16), \
46 (p)[2] = (u_char) ((s) >> 8), \
47 (p)[3] = (u_char) (s), \
48 (p) + sizeof(uint32_t))
49
50 #endif
51
52
53 #define ngx_quic_write_uint16_aligned(p, s) \
54 (*(uint16_t *) (p) = htons((uint16_t) (s)), (p) + sizeof(uint16_t))
55
56 #define ngx_quic_write_uint32_aligned(p, s) \
57 (*(uint32_t *) (p) = htonl((uint32_t) (s)), (p) + sizeof(uint32_t))
58
59 #define ngx_quic_varint_len(value) \
60 ((value) <= 63 ? 1 \
61 : ((uint32_t) value) <= 16383 ? 2 \
62 : ((uint64_t) value) <= 1073741823 ? 4 \
63 : 8)
64
65
13 struct ngx_quic_stream_s { 66 struct ngx_quic_stream_s {
14 uint64_t id; 67 uint64_t id;
15 ngx_uint_t unidirectional:1; 68 ngx_uint_t unidirectional:1;
16 ngx_connection_t *parent; 69 ngx_connection_t *parent;
17 void *data; 70 void *data;
18 }; 71 };
19 72
20 /* TODO: get rid somehow of ssl argument? */ 73 typedef struct ngx_quic_secret_s ngx_quic_secret_t;
21 ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_buf_t *b); 74 typedef enum ssl_encryption_level_t ngx_quic_level_t;
22 ngx_int_t ngx_quic_output(ngx_connection_t *c); 75
76 typedef struct {
77 ngx_quic_secret_t *secret;
78 ngx_uint_t type;
79 ngx_uint_t *number;
80 ngx_uint_t flags;
81 uint32_t version;
82 ngx_str_t token;
83 ngx_quic_level_t level;
84
85 /* filled in by parser */
86 ngx_buf_t *raw; /* udp datagram from wire */
87
88 u_char *data; /* quic packet */
89 size_t len;
90
91 /* cleartext fields */
92 ngx_str_t dcid;
93 ngx_str_t scid;
94
95 uint64_t pn;
96
97 ngx_str_t payload; /* decrypted payload */
98
99 } ngx_quic_header_t;
100
101 void ngx_quic_build_int(u_char **pos, uint64_t value);
23 102
24 void ngx_quic_init_ssl_methods(SSL_CTX* ctx); 103 void ngx_quic_init_ssl_methods(SSL_CTX* ctx);
25 104
26 void ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_msec_t timeout, 105 void ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_msec_t timeout,
27 ngx_connection_handler_pt handler); 106 ngx_connection_handler_pt handler);
28 ngx_connection_t *ngx_quic_create_uni_stream(ngx_connection_t *c); 107 ngx_connection_t *ngx_quic_create_uni_stream(ngx_connection_t *c);
29 108
109
110 /********************************* DEBUG *************************************/
111
112 #if (NGX_DEBUG)
113
114 #define ngx_quic_hexdump(log, fmt, data, len, ...) \
115 do { \
116 ngx_int_t m; \
117 u_char buf[2048]; \
118 \
119 if (log->log_level & NGX_LOG_DEBUG_EVENT) { \
120 m = ngx_hex_dump(buf, (u_char *) data, ngx_min(len, 1024)) - buf; \
121 ngx_log_debug(NGX_LOG_DEBUG_EVENT, log, 0, \
122 "%s: " fmt " %*s%s, len: %uz", \
123 __FUNCTION__, __VA_ARGS__, m, buf, \
124 len < 2048 ? "" : "...", len); \
125 } \
126 } while (0)
127
128 #else
129
130 #define ngx_quic_hexdump(log, fmt, data, len, ...)
131
132 #endif
133
134 #define ngx_quic_hexdump0(log, fmt, data, len) \
135 ngx_quic_hexdump(log, fmt "%s", data, len, "") \
136
137
30 #endif /* _NGX_EVENT_QUIC_H_INCLUDED_ */ 138 #endif /* _NGX_EVENT_QUIC_H_INCLUDED_ */