diff src/event/ngx_event_quic.h @ 8221:69345a26ba69 quic

Split transport and crypto parts into separate files. New files: src/event/ngx_event_quic_protection.h src/event/ngx_event_quic_protection.c The protection.h header provides interface to the crypto part of the QUIC: 2 functions to initialize corresponding secrets: ngx_quic_set_initial_secret() ngx_quic_set_encryption_secret() and 2 functions to deal with packet processing: ngx_quic_encrypt() ngx_quic_decrypt() Also, structures representing secrets are defined there. All functions require SSL connection and a pool, only crypto operations inside, no access to nginx connections or events. Currently pool->log is used for the logging (instead of original c->log).
author Vladimir Homutov <vl@nginx.com>
date Mon, 16 Mar 2020 19:00:47 +0300
parents 38c0898b6df7
children 61f9b873e2e7
line wrap: on
line diff
--- a/src/event/ngx_event_quic.h
+++ b/src/event/ngx_event_quic.h
@@ -10,6 +10,59 @@
 
 #include <ngx_event_openssl.h>
 
+
+#define quic_version                       0xff000018  /* draft-24 */
+
+/* 17.2.  Long Header Packets */
+
+#define NGX_QUIC_PKT_LONG                  0x80
+
+#define NGX_QUIC_PKT_INITIAL               0xc0
+#define NGX_QUIC_PKT_HANDSHAKE             0xe0
+
+
+#if (NGX_HAVE_NONALIGNED)
+
+#define ngx_quic_parse_uint16(p)  ntohs(*(uint16_t *) (p))
+#define ngx_quic_parse_uint32(p)  ntohl(*(uint32_t *) (p))
+
+#define ngx_quic_write_uint16  ngx_quic_write_uint16_aligned
+#define ngx_quic_write_uint32  ngx_quic_write_uint32_aligned
+
+#else
+
+#define ngx_quic_parse_uint16(p)  ((p)[0] << 8 | (p)[1])
+#define ngx_quic_parse_uint32(p)                                              \
+    ((uint32_t) (p)[0] << 24 | (p)[1] << 16 | (p)[2] << 8 | (p)[3])
+
+#define ngx_quic_write_uint16(p, s)                                           \
+    ((p)[0] = (u_char) ((s) >> 8),                                            \
+     (p)[1] = (u_char)  (s),                                                  \
+     (p) + sizeof(uint16_t))
+
+#define ngx_quic_write_uint32(p, s)                                           \
+    ((p)[0] = (u_char) ((s) >> 24),                                           \
+     (p)[1] = (u_char) ((s) >> 16),                                           \
+     (p)[2] = (u_char) ((s) >> 8),                                            \
+     (p)[3] = (u_char)  (s),                                                  \
+     (p) + sizeof(uint32_t))
+
+#endif
+
+
+#define ngx_quic_write_uint16_aligned(p, s)                                   \
+    (*(uint16_t *) (p) = htons((uint16_t) (s)), (p) + sizeof(uint16_t))
+
+#define ngx_quic_write_uint32_aligned(p, s)                                   \
+    (*(uint32_t *) (p) = htonl((uint32_t) (s)), (p) + sizeof(uint32_t))
+
+#define ngx_quic_varint_len(value)                                            \
+     ((value) <= 63 ? 1                                                       \
+     : ((uint32_t) value) <= 16383 ? 2                                        \
+     : ((uint64_t) value) <= 1073741823 ?  4                                  \
+     : 8)
+
+
 struct ngx_quic_stream_s {
     uint64_t            id;
     ngx_uint_t          unidirectional:1;
@@ -17,9 +70,35 @@ struct ngx_quic_stream_s {
     void               *data;
 };
 
-/* TODO: get rid somehow of ssl argument? */
-ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_buf_t *b);
-ngx_int_t ngx_quic_output(ngx_connection_t *c);
+typedef struct ngx_quic_secret_s ngx_quic_secret_t;
+typedef enum ssl_encryption_level_t  ngx_quic_level_t;
+
+typedef struct {
+    ngx_quic_secret_t  *secret;
+    ngx_uint_t          type;
+    ngx_uint_t          *number;
+    ngx_uint_t          flags;
+    uint32_t            version;
+    ngx_str_t           token;
+    ngx_quic_level_t    level;
+
+    /* filled in by parser */
+    ngx_buf_t          *raw;        /* udp datagram from wire */
+
+    u_char             *data;       /* quic packet */
+    size_t              len;
+
+    /* cleartext fields */
+    ngx_str_t           dcid;
+    ngx_str_t           scid;
+
+    uint64_t            pn;
+
+    ngx_str_t           payload;  /* decrypted payload */
+
+} ngx_quic_header_t;
+
+void ngx_quic_build_int(u_char **pos, uint64_t value);
 
 void ngx_quic_init_ssl_methods(SSL_CTX* ctx);
 
@@ -27,4 +106,33 @@ void ngx_quic_run(ngx_connection_t *c, n
     ngx_connection_handler_pt handler);
 ngx_connection_t *ngx_quic_create_uni_stream(ngx_connection_t *c);
 
+
+/********************************* DEBUG *************************************/
+
+#if (NGX_DEBUG)
+
+#define ngx_quic_hexdump(log, fmt, data, len, ...)                            \
+do {                                                                          \
+    ngx_int_t  m;                                                             \
+    u_char     buf[2048];                                                     \
+                                                                              \
+    if (log->log_level & NGX_LOG_DEBUG_EVENT) {                               \
+        m = ngx_hex_dump(buf, (u_char *) data, ngx_min(len, 1024)) - buf;     \
+        ngx_log_debug(NGX_LOG_DEBUG_EVENT, log, 0,                            \
+                   "%s: " fmt " %*s%s, len: %uz",                             \
+                   __FUNCTION__,  __VA_ARGS__, m, buf,                        \
+                   len < 2048 ? "" : "...", len);                             \
+    }                                                                         \
+} while (0)
+
+#else
+
+#define ngx_quic_hexdump(log, fmt, data, len, ...)
+
+#endif
+
+#define ngx_quic_hexdump0(log, fmt, data, len)                                \
+    ngx_quic_hexdump(log, fmt "%s", data, len, "")                            \
+
+
 #endif /* _NGX_EVENT_QUIC_H_INCLUDED_ */