Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8436:9fe7875ce4bb quic
QUIC: further limiting maximum QUIC packet size.
quic-transport draft 29, section 14:
QUIC depends upon a minimum IP packet size of at least 1280 bytes.
This is the IPv6 minimum size [RFC8200] and is also supported by most
modern IPv4 networks. Assuming the minimum IP header size, this
results in a QUIC maximum packet size of 1232 bytes for IPv6 and 1252
bytes for IPv4.
Since the packet size can change during connection lifetime, the
ngx_quic_max_udp_payload() function is introduced that currently
returns minimal allowed size, depending on address family.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Tue, 16 Jun 2020 11:54:05 +0300 |
| parents | 5bc9229ec4cf |
| children | 4e75267865de |
comparison
equal
deleted
inserted
replaced
| 8435:5bc9229ec4cf | 8436:9fe7875ce4bb |
|---|---|
| 155 static ngx_int_t ngx_quic_retry(ngx_connection_t *c); | 155 static ngx_int_t ngx_quic_retry(ngx_connection_t *c); |
| 156 static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token); | 156 static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token); |
| 157 static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, | 157 static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, |
| 158 ngx_quic_header_t *pkt); | 158 ngx_quic_header_t *pkt); |
| 159 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); | 159 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); |
| 160 static ngx_inline size_t ngx_quic_max_udp_payload(ngx_connection_t *c); | |
| 160 static void ngx_quic_input_handler(ngx_event_t *rev); | 161 static void ngx_quic_input_handler(ngx_event_t *rev); |
| 161 | 162 |
| 162 static void ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc); | 163 static void ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc); |
| 163 static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); | 164 static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); |
| 164 static void ngx_quic_close_timer_handler(ngx_event_t *ev); | 165 static void ngx_quic_close_timer_handler(ngx_event_t *ev); |
| 437 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 438 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 438 "quic maximum packet size is invalid"); | 439 "quic maximum packet size is invalid"); |
| 439 return 0; | 440 return 0; |
| 440 } | 441 } |
| 441 | 442 |
| 442 if (qc->ctp.max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_OUT) { | 443 if (qc->ctp.max_udp_payload_size > ngx_quic_max_udp_payload(c)) { |
| 443 qc->ctp.max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_OUT; | 444 qc->ctp.max_udp_payload_size = ngx_quic_max_udp_payload(c); |
| 444 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 445 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 445 "quic client maximum packet size truncated"); | 446 "quic client maximum packet size truncated"); |
| 446 } | 447 } |
| 447 | 448 |
| 448 #if (NGX_QUIC_DRAFT_VERSION >= 28) | 449 #if (NGX_QUIC_DRAFT_VERSION >= 28) |
| 653 qc->ssl = ssl; | 654 qc->ssl = ssl; |
| 654 qc->tp = *tp; | 655 qc->tp = *tp; |
| 655 qc->streams.handler = handler; | 656 qc->streams.handler = handler; |
| 656 | 657 |
| 657 ctp = &qc->ctp; | 658 ctp = &qc->ctp; |
| 658 ctp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_OUT; | 659 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
| 659 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; | 660 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
| 660 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; | 661 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
| 661 | 662 |
| 662 qc->streams.recv_max_data = qc->tp.initial_max_data; | 663 qc->streams.recv_max_data = qc->tp.initial_max_data; |
| 663 | 664 |
| 1117 | 1118 |
| 1118 qc->max_streams = qc->tp.initial_max_streams_bidi; | 1119 qc->max_streams = qc->tp.initial_max_streams_bidi; |
| 1119 qc->state = ssl_encryption_handshake; | 1120 qc->state = ssl_encryption_handshake; |
| 1120 | 1121 |
| 1121 return NGX_OK; | 1122 return NGX_OK; |
| 1123 } | |
| 1124 | |
| 1125 | |
| 1126 static ngx_inline size_t | |
| 1127 ngx_quic_max_udp_payload(ngx_connection_t *c) | |
| 1128 { | |
| 1129 /* TODO: path MTU discovery */ | |
| 1130 | |
| 1131 #if (NGX_HAVE_INET6) | |
| 1132 if (c->sockaddr->sa_family == AF_INET6) { | |
| 1133 return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6; | |
| 1134 } | |
| 1135 #endif | |
| 1136 | |
| 1137 return NGX_QUIC_MAX_UDP_PAYLOAD_OUT; | |
| 1122 } | 1138 } |
| 1123 | 1139 |
| 1124 | 1140 |
| 1125 static void | 1141 static void |
| 1126 ngx_quic_input_handler(ngx_event_t *rev) | 1142 ngx_quic_input_handler(ngx_event_t *rev) |