Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8436:9fe7875ce4bb quic
QUIC: further limiting maximum QUIC packet size.
quic-transport draft 29, section 14:
QUIC depends upon a minimum IP packet size of at least 1280 bytes.
This is the IPv6 minimum size [RFC8200] and is also supported by most
modern IPv4 networks. Assuming the minimum IP header size, this
results in a QUIC maximum packet size of 1232 bytes for IPv6 and 1252
bytes for IPv4.
Since the packet size can change during connection lifetime, the
ngx_quic_max_udp_payload() function is introduced that currently
returns minimal allowed size, depending on address family.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Tue, 16 Jun 2020 11:54:05 +0300 |
parents | 5bc9229ec4cf |
children | 4e75267865de |
comparison
equal
deleted
inserted
replaced
8435:5bc9229ec4cf | 8436:9fe7875ce4bb |
---|---|
155 static ngx_int_t ngx_quic_retry(ngx_connection_t *c); | 155 static ngx_int_t ngx_quic_retry(ngx_connection_t *c); |
156 static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token); | 156 static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token); |
157 static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, | 157 static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, |
158 ngx_quic_header_t *pkt); | 158 ngx_quic_header_t *pkt); |
159 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); | 159 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); |
160 static ngx_inline size_t ngx_quic_max_udp_payload(ngx_connection_t *c); | |
160 static void ngx_quic_input_handler(ngx_event_t *rev); | 161 static void ngx_quic_input_handler(ngx_event_t *rev); |
161 | 162 |
162 static void ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc); | 163 static void ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc); |
163 static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); | 164 static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); |
164 static void ngx_quic_close_timer_handler(ngx_event_t *ev); | 165 static void ngx_quic_close_timer_handler(ngx_event_t *ev); |
437 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 438 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
438 "quic maximum packet size is invalid"); | 439 "quic maximum packet size is invalid"); |
439 return 0; | 440 return 0; |
440 } | 441 } |
441 | 442 |
442 if (qc->ctp.max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_OUT) { | 443 if (qc->ctp.max_udp_payload_size > ngx_quic_max_udp_payload(c)) { |
443 qc->ctp.max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_OUT; | 444 qc->ctp.max_udp_payload_size = ngx_quic_max_udp_payload(c); |
444 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 445 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
445 "quic client maximum packet size truncated"); | 446 "quic client maximum packet size truncated"); |
446 } | 447 } |
447 | 448 |
448 #if (NGX_QUIC_DRAFT_VERSION >= 28) | 449 #if (NGX_QUIC_DRAFT_VERSION >= 28) |
653 qc->ssl = ssl; | 654 qc->ssl = ssl; |
654 qc->tp = *tp; | 655 qc->tp = *tp; |
655 qc->streams.handler = handler; | 656 qc->streams.handler = handler; |
656 | 657 |
657 ctp = &qc->ctp; | 658 ctp = &qc->ctp; |
658 ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_OUT; | 659 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
659 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; | 660 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
660 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; | 661 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
661 | 662 |
662 qc->streams.recv_max_data = qc->tp.initial_max_data; | 663 qc->streams.recv_max_data = qc->tp.initial_max_data; |
663 | 664 |
1117 | 1118 |
1118 qc->max_streams = qc->tp.initial_max_streams_bidi; | 1119 qc->max_streams = qc->tp.initial_max_streams_bidi; |
1119 qc->state = ssl_encryption_handshake; | 1120 qc->state = ssl_encryption_handshake; |
1120 | 1121 |
1121 return NGX_OK; | 1122 return NGX_OK; |
1123 } | |
1124 | |
1125 | |
1126 static ngx_inline size_t | |
1127 ngx_quic_max_udp_payload(ngx_connection_t *c) | |
1128 { | |
1129 /* TODO: path MTU discovery */ | |
1130 | |
1131 #if (NGX_HAVE_INET6) | |
1132 if (c->sockaddr->sa_family == AF_INET6) { | |
1133 return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6; | |
1134 } | |
1135 #endif | |
1136 | |
1137 return NGX_QUIC_MAX_UDP_PAYLOAD_OUT; | |
1122 } | 1138 } |
1123 | 1139 |
1124 | 1140 |
1125 static void | 1141 static void |
1126 ngx_quic_input_handler(ngx_event_t *rev) | 1142 ngx_quic_input_handler(ngx_event_t *rev) |