Mercurial > hg > nginx-quic
annotate src/event/quic/ngx_event_quic.c @ 8698:d041b8d6ab0b quic
QUIC: handle DATA_BLOCKED frame from client.
Previously the frame was not handled and connection was closed with an error.
Now, after receiving this frame, global flow control is updated and new
flow control credit is sent to client.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Wed, 17 Nov 2021 23:07:51 +0300 |
parents | 6204120cf37f |
children | 50d73bf20e73 |
rev | line source |
---|---|
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
2 /* |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
4 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
5 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
6 |
7637 | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
9 #include <ngx_event.h> |
8386
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8385
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
11 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
12 |
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
13 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
14 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
15 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
16 ngx_quic_header_t *pkt); |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
17 static void ngx_quic_input_handler(ngx_event_t *rev); |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
18 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
19 static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
20 static void ngx_quic_close_timer_handler(ngx_event_t *ev); |
7691 | 21 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
22 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
23 ngx_quic_conf_t *conf); |
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
24 static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
25 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
26 static ngx_int_t ngx_quic_process_payload(ngx_connection_t *c, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
27 ngx_quic_header_t *pkt); |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
28 static ngx_int_t ngx_quic_check_csid(ngx_quic_connection_t *qc, |
7838 | 29 ngx_quic_header_t *pkt); |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
30 static ngx_int_t ngx_quic_handle_frames(ngx_connection_t *c, |
7691 | 31 ngx_quic_header_t *pkt); |
8411
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8410
diff
changeset
|
32 |
7775 | 33 static void ngx_quic_push_handler(ngx_event_t *ev); |
7691 | 34 |
35 | |
8267 | 36 static ngx_core_module_t ngx_quic_module_ctx = { |
37 ngx_string("quic"), | |
38 NULL, | |
39 NULL | |
40 }; | |
41 | |
42 | |
43 ngx_module_t ngx_quic_module = { | |
44 NGX_MODULE_V1, | |
45 &ngx_quic_module_ctx, /* module context */ | |
46 NULL, /* module directives */ | |
47 NGX_CORE_MODULE, /* module type */ | |
48 NULL, /* init master */ | |
49 NULL, /* init module */ | |
50 NULL, /* init process */ | |
51 NULL, /* init thread */ | |
52 NULL, /* exit thread */ | |
53 NULL, /* exit process */ | |
54 NULL, /* exit master */ | |
55 NGX_MODULE_V1_PADDING | |
56 }; | |
57 | |
58 | |
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
59 #if (NGX_DEBUG) |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
60 |
8411
bc910a5ec737
QUIC: separate files for output and ack related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8410
diff
changeset
|
61 void |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
62 ngx_quic_connstate_dbg(ngx_connection_t *c) |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
63 { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
64 u_char *p, *last; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
65 ngx_quic_connection_t *qc; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
66 u_char buf[NGX_MAX_ERROR_STR]; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
67 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
68 p = buf; |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
69 last = p + sizeof(buf); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
70 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
71 qc = ngx_quic_get_connection(c); |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
72 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
73 p = ngx_slprintf(p, last, "state:"); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
74 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
75 if (qc) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
76 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
77 if (qc->error) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
78 p = ngx_slprintf(p, last, "%s", qc->error_app ? " app" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
79 p = ngx_slprintf(p, last, " error:%ui", qc->error); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
80 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
81 if (qc->error_reason) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
82 p = ngx_slprintf(p, last, " \"%s\"", qc->error_reason); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
83 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
84 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
85 |
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
86 p = ngx_slprintf(p, last, "%s", qc->shutdown ? " shutdown" : ""); |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
87 p = ngx_slprintf(p, last, "%s", qc->closing ? " closing" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
88 p = ngx_slprintf(p, last, "%s", qc->draining ? " draining" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
89 p = ngx_slprintf(p, last, "%s", qc->key_phase ? " kp" : ""); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
90 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
91 } else { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
92 p = ngx_slprintf(p, last, " early"); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
93 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
94 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
95 if (c->read->timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
96 p = ngx_slprintf(p, last, |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
97 qc && qc->send_timer_set ? " send:%M" : " read:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
98 c->read->timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
99 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
100 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
101 if (qc) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
102 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
103 if (qc->push.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
104 p = ngx_slprintf(p, last, " push:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
105 qc->push.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
106 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
107 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
108 if (qc->pto.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
109 p = ngx_slprintf(p, last, " pto:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
110 qc->pto.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
111 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
112 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
113 if (qc->close.timer_set) { |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
114 p = ngx_slprintf(p, last, " close:%M", |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
115 qc->close.timer.key - ngx_current_msec); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
116 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
117 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
118 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
119 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
120 "quic %*s", p - buf, buf); |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
121 } |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
122 |
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
123 #endif |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
124 |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
125 |
8413
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8412
diff
changeset
|
126 ngx_int_t |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
127 ngx_quic_apply_transport_params(ngx_connection_t *c, ngx_quic_tp_t *ctp) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
128 { |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
129 ngx_str_t scid; |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
130 ngx_quic_connection_t *qc; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
131 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
132 qc = ngx_quic_get_connection(c); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
133 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
134 scid.data = qc->socket->cid->id; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
135 scid.len = qc->socket->cid->len; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
136 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
137 if (scid.len != ctp->initial_scid.len |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
138 || ngx_memcmp(scid.data, ctp->initial_scid.data, scid.len) != 0) |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
139 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
140 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
141 "quic client initial_source_connection_id mismatch"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
142 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
143 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
144 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
145 if (ctp->max_udp_payload_size < NGX_QUIC_MIN_INITIAL_SIZE |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
146 || ctp->max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
147 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
148 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
149 qc->error_reason = "invalid maximum packet size"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
150 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
151 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
152 "quic maximum packet size is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
153 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
154 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
155 } else if (ctp->max_udp_payload_size > ngx_quic_max_udp_payload(c)) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
156 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
157 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
158 "quic client maximum packet size truncated"); |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
159 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
160 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
161 if (ctp->active_connection_id_limit < 2) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
162 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
163 qc->error_reason = "invalid active_connection_id_limit"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
164 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
165 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
166 "quic active_connection_id_limit is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
167 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
168 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
169 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
170 if (ctp->ack_delay_exponent > 20) { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
171 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
172 qc->error_reason = "invalid ack_delay_exponent"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
173 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
174 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
175 "quic ack_delay_exponent is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
176 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
177 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
178 |
8507
f8ad3dd142ad
QUIC: consider max_ack_delay=16384 invalid.
Roman Arutyunyan <arut@nginx.com>
parents:
8498
diff
changeset
|
179 if (ctp->max_ack_delay >= 16384) { |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
180 qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
181 qc->error_reason = "invalid max_ack_delay"; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
182 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
183 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
184 "quic max_ack_delay is invalid"); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
185 return NGX_ERROR; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
186 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
187 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
188 if (ctp->max_idle_timeout > 0 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
189 && ctp->max_idle_timeout < qc->tp.max_idle_timeout) |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
190 { |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
191 qc->tp.max_idle_timeout = ctp->max_idle_timeout; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
192 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
193 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
194 qc->streams.server_max_streams_bidi = ctp->initial_max_streams_bidi; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
195 qc->streams.server_max_streams_uni = ctp->initial_max_streams_uni; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
196 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
197 ngx_memcpy(&qc->ctp, ctp, sizeof(ngx_quic_tp_t)); |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
198 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
199 return NGX_OK; |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
200 } |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
201 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
202 |
7691 | 203 void |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
204 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) |
7691 | 205 { |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
206 ngx_int_t rc; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
207 ngx_quic_connection_t *qc; |
7691 | 208 |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
209 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
7691 | 210 |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
211 rc = ngx_quic_input(c, c->buffer, conf); |
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
212 if (rc != NGX_OK) { |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
213 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); |
7691 | 214 return; |
215 } | |
216 | |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
217 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
218 |
8279 | 219 if (qc == NULL) { |
220 ngx_quic_close_connection(c, NGX_DONE); | |
221 return; | |
222 } | |
223 | |
224 ngx_add_timer(c->read, qc->tp.max_idle_timeout); | |
225 ngx_quic_connstate_dbg(c); | |
7691 | 226 |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
227 c->read->handler = ngx_quic_input_handler; |
7691 | 228 |
229 return; | |
230 } | |
231 | |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
232 |
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
233 static ngx_quic_connection_t * |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
234 ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, |
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
235 ngx_quic_header_t *pkt) |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
236 { |
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
237 ngx_uint_t i; |
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
238 ngx_quic_tp_t *ctp; |
7691 | 239 ngx_quic_connection_t *qc; |
7864
eebdda507ec3
Added tests for connection id lengths in initial packet.
Vladimir Homutov <vl@nginx.com>
parents:
7863
diff
changeset
|
240 |
7691 | 241 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
242 if (qc == NULL) { | |
8099
b4ef79ef1c23
QUIC: refined the "c->quic->initialized" flag usage.
Vladimir Homutov <vl@nginx.com>
parents:
8098
diff
changeset
|
243 return NULL; |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
244 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
245 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
246 qc->keys = ngx_quic_keys_new(c->pool); |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
247 if (qc->keys == NULL) { |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
248 return NULL; |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
249 } |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
250 |
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
251 qc->version = pkt->version; |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
252 |
7691 | 253 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
254 ngx_quic_rbtree_insert_stream); | |
255 | |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
256 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
257 ngx_queue_init(&qc->send_ctx[i].frames); |
8547
ad046179eb91
QUIC: handle EAGAIN properly on UDP sockets.
Vladimir Homutov <vl@nginx.com>
parents:
8545
diff
changeset
|
258 ngx_queue_init(&qc->send_ctx[i].sending); |
7808
bda817d16cc2
Rename types and variables used for packet number space.
Vladimir Homutov <vl@nginx.com>
parents:
7794
diff
changeset
|
259 ngx_queue_init(&qc->send_ctx[i].sent); |
8157
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
260 qc->send_ctx[i].largest_pn = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
261 qc->send_ctx[i].largest_ack = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
262 qc->send_ctx[i].largest_range = NGX_QUIC_UNSET_PN; |
85a550047eb5
QUIC: added macro for unset packet number.
Vladimir Homutov <vl@nginx.com>
parents:
8156
diff
changeset
|
263 qc->send_ctx[i].pending_ack = NGX_QUIC_UNSET_PN; |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
264 } |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
265 |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
266 qc->send_ctx[0].level = ssl_encryption_initial; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
267 qc->send_ctx[1].level = ssl_encryption_handshake; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
268 qc->send_ctx[2].level = ssl_encryption_application; |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
269 |
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
270 ngx_queue_init(&qc->free_frames); |
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
271 |
7987
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
272 qc->avg_rtt = NGX_QUIC_INITIAL_RTT; |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
273 qc->rttvar = NGX_QUIC_INITIAL_RTT / 2; |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
274 qc->min_rtt = NGX_TIMER_INFINITE; |
8493
004172345bdc
QUIC: persistent congestion calculation.
Vladimir Homutov <vl@nginx.com>
parents:
8492
diff
changeset
|
275 qc->first_rtt = NGX_TIMER_INFINITE; |
7987
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
276 |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
277 /* |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
278 * qc->latest_rtt = 0 |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
279 */ |
3b107aadc9f6
QUIC: added rtt estimation.
Vladimir Homutov <vl@nginx.com>
parents:
7953
diff
changeset
|
280 |
7990 | 281 qc->pto.log = c->log; |
282 qc->pto.data = c; | |
283 qc->pto.handler = ngx_quic_pto_handler; | |
284 qc->pto.cancelable = 1; | |
7774
e10b4c61420f
Implemented retransmission and retransmit queue.
Vladimir Homutov <vl@nginx.com>
parents:
7773
diff
changeset
|
285 |
7775 | 286 qc->push.log = c->log; |
287 qc->push.data = c; | |
288 qc->push.handler = ngx_quic_push_handler; | |
289 qc->push.cancelable = 1; | |
290 | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
291 qc->path_validation.log = c->log; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
292 qc->path_validation.data = c; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
293 qc->path_validation.handler = ngx_quic_path_validation_handler; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
294 qc->path_validation.cancelable = 1; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
295 |
7999
0d2b2664b41c
QUIC: added "quic" listen parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
7998
diff
changeset
|
296 qc->conf = conf; |
0d2b2664b41c
QUIC: added "quic" listen parameter.
Roman Arutyunyan <arut@nginx.com>
parents:
7998
diff
changeset
|
297 qc->tp = conf->tp; |
7691 | 298 |
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
299 ctp = &qc->ctp; |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
300 |
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
301 /* defaults to be used before actual client parameters are received */ |
7931
9fe7875ce4bb
QUIC: further limiting maximum QUIC packet size.
Vladimir Homutov <vl@nginx.com>
parents:
7930
diff
changeset
|
302 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
303 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
304 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
8294
ba9e34c03968
QUIC: added check of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8291
diff
changeset
|
305 ctp->active_connection_id_limit = 2; |
7731
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
7729
diff
changeset
|
306 |
8552
fe919fd63b0b
QUIC: client certificate validation with OCSP.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8547
diff
changeset
|
307 ngx_queue_init(&qc->streams.uninitialized); |
fe919fd63b0b
QUIC: client certificate validation with OCSP.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8547
diff
changeset
|
308 |
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
309 qc->streams.recv_max_data = qc->tp.initial_max_data; |
8492
af33d1ef1c3c
QUIC: stream flow control refactored.
Roman Arutyunyan <arut@nginx.com>
parents:
8442
diff
changeset
|
310 qc->streams.recv_window = qc->streams.recv_max_data; |
7815
0f9e9786b90d
Added primitive flow control mechanisms.
Vladimir Homutov <vl@nginx.com>
parents:
7814
diff
changeset
|
311 |
8014
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
312 qc->streams.client_max_streams_uni = qc->tp.initial_max_streams_uni; |
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
313 qc->streams.client_max_streams_bidi = qc->tp.initial_max_streams_bidi; |
c5324bb3a704
QUIC: limited the number of client-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8013
diff
changeset
|
314 |
7910
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
315 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
316 ngx_max(2 * qc->tp.max_udp_payload_size, |
125cbfa77013
Renamed max_packet_size to max_udp_payload_size, from draft-28.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7908
diff
changeset
|
317 14720)); |
8193
8550b91e8e35
QUIC: added proper logging of special values.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
318 qc->congestion.ssthresh = (size_t) -1; |
7841
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
319 qc->congestion.recovery_start = ngx_current_msec; |
eee307399229
QUIC basic congestion control.
Roman Arutyunyan <arut@nginx.com>
parents:
7840
diff
changeset
|
320 |
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
321 if (pkt->validated && pkt->retried) { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
322 qc->tp.retry_scid.len = pkt->dcid.len; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
323 qc->tp.retry_scid.data = ngx_pstrdup(c->pool, &pkt->dcid); |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
324 if (qc->tp.retry_scid.data == NULL) { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
325 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
326 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
327 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
328 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
329 if (ngx_quic_keys_set_initial_secret(c->pool, qc->keys, &pkt->dcid, |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
330 qc->version) |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
331 != NGX_OK) |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
332 { |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
333 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
334 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
335 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
336 qc->validated = pkt->validated; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
337 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
338 if (ngx_quic_open_sockets(c, qc, pkt) != NGX_OK) { |
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
339 return NULL; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
340 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
341 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
342 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
343 "quic connection created"); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
344 |
8406
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
345 return qc; |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
346 } |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
347 |
0c628de2e2b7
QUIC: separate function for connection ids initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8405
diff
changeset
|
348 |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
349 static ngx_int_t |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
350 ngx_quic_process_stateless_reset(ngx_connection_t *c, ngx_quic_header_t *pkt) |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
351 { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
352 u_char *tail, ch; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
353 ngx_uint_t i; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
354 ngx_queue_t *q; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
355 ngx_quic_client_id_t *cid; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
356 ngx_quic_connection_t *qc; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
357 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
358 qc = ngx_quic_get_connection(c); |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
359 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
360 /* A stateless reset uses an entire UDP datagram */ |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
361 if (pkt->raw->start != pkt->data) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
362 return NGX_DECLINED; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
363 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
364 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
365 tail = pkt->raw->last - NGX_QUIC_SR_TOKEN_LEN; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
366 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
367 for (q = ngx_queue_head(&qc->client_ids); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
368 q != ngx_queue_sentinel(&qc->client_ids); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
369 q = ngx_queue_next(q)) |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
370 { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
371 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
372 |
8639
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8608
diff
changeset
|
373 if (cid->seqnum == 0 || cid->refcnt == 0) { |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8608
diff
changeset
|
374 /* |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8608
diff
changeset
|
375 * No stateless reset token in initial connection id. |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8608
diff
changeset
|
376 * Don't accept a token from an unused connection id. |
b5296bd8631c
QUIC: Check if CID has been used in stateless reset check
Martin Duke <m.duke@f5.com>
parents:
8608
diff
changeset
|
377 */ |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
378 continue; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
379 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
380 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
381 /* constant time comparison */ |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
382 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
383 for (ch = 0, i = 0; i < NGX_QUIC_SR_TOKEN_LEN; i++) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
384 ch |= tail[i] ^ cid->sr_token[i]; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
385 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
386 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
387 if (ch == 0) { |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
388 return NGX_OK; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
389 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
390 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
391 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
392 return NGX_DECLINED; |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
393 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
394 |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
395 |
7691 | 396 static void |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
397 ngx_quic_input_handler(ngx_event_t *rev) |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
398 { |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
399 ngx_int_t rc; |
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
400 ngx_buf_t *b; |
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
401 ngx_connection_t *c; |
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
402 ngx_quic_connection_t *qc; |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
403 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
404 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
405 |
7691 | 406 c = rev->data; |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
407 qc = ngx_quic_get_connection(c); |
7677
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
7675
diff
changeset
|
408 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
409 c->log->action = "handling quic input"; |
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
410 |
7691 | 411 if (rev->timedout) { |
7838 | 412 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, |
413 "quic client timed out"); | |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
414 ngx_quic_close_connection(c, NGX_DONE); |
7691 | 415 return; |
7678
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
416 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
7677
diff
changeset
|
417 |
7691 | 418 if (c->close) { |
7937
b9bce2c4fe33
Close QUIC connection with NO_ERROR on c->close.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7934
diff
changeset
|
419 qc->error_reason = "graceful shutdown"; |
b9bce2c4fe33
Close QUIC connection with NO_ERROR on c->close.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7934
diff
changeset
|
420 ngx_quic_close_connection(c, NGX_OK); |
7691 | 421 return; |
422 } | |
7686
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7684
diff
changeset
|
423 |
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
424 if (!rev->ready) { |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
425 if (qc->closing) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
426 ngx_quic_close_connection(c, NGX_OK); |
8553
a9f6540e61da
QUIC: asynchronous shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8552
diff
changeset
|
427 |
a9f6540e61da
QUIC: asynchronous shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8552
diff
changeset
|
428 } else if (qc->shutdown) { |
a9f6540e61da
QUIC: asynchronous shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8552
diff
changeset
|
429 ngx_quic_shutdown_quic(c); |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
430 } |
8553
a9f6540e61da
QUIC: asynchronous shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8552
diff
changeset
|
431 |
7691 | 432 return; |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
433 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
434 |
8384
c61fcdc1b8e3
UDP: extended datagram context.
Vladimir Homutov <vl@nginx.com>
parents:
8380
diff
changeset
|
435 b = c->udp->dgram->buffer; |
8380
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
436 |
90ae21799f67
QUIC: do not copy input data.
Roman Arutyunyan <arut@nginx.com>
parents:
8359
diff
changeset
|
437 rc = ngx_quic_input(c, b, NULL); |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
438 |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
439 if (rc == NGX_ERROR) { |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
440 ngx_quic_close_connection(c, NGX_ERROR); |
7691 | 441 return; |
442 } | |
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
443 |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
444 if (rc == NGX_DECLINED) { |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
445 return; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
446 } |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
447 |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
448 /* rc == NGX_OK */ |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
449 |
7737
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
450 qc->send_timer_set = 0; |
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7736
diff
changeset
|
451 ngx_add_timer(rev, qc->tp.max_idle_timeout); |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
452 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
453 ngx_quic_connstate_dbg(c); |
7665
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
454 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
455 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
7664
diff
changeset
|
456 |
8386
714e9af983de
QUIC: separate header for ngx_quic_connection_t.
Vladimir Homutov <vl@nginx.com>
parents:
8385
diff
changeset
|
457 void |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
458 ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
459 { |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
460 ngx_pool_t *pool; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
461 ngx_quic_connection_t *qc; |
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
462 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
463 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
464 "quic ngx_quic_close_connection rc:%i", rc); |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
465 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
466 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
467 |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
468 if (qc == NULL) { |
8279 | 469 if (rc == NGX_ERROR) { |
470 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
471 "quic close connection early error"); |
8279 | 472 } |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
473 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
474 } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
475 return; |
7747
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
7746
diff
changeset
|
476 } |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
477 |
7691 | 478 if (c->ssl) { |
479 (void) ngx_ssl_shutdown(c); | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
480 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
481 |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
482 if (c->read->timer_set) { |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
483 ngx_del_timer(c->read); |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
484 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
485 |
7691 | 486 #if (NGX_STAT_STUB) |
487 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); | |
488 #endif | |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
489 |
7691 | 490 c->destroyed = 1; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
491 |
7691 | 492 pool = c->pool; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
493 |
7691 | 494 ngx_close_connection(c); |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
495 |
7691 | 496 ngx_destroy_pool(pool); |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
497 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
498 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
499 |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
500 static ngx_int_t |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
501 ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc) |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
502 { |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
503 ngx_uint_t i; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
504 ngx_quic_send_ctx_t *ctx; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
505 ngx_quic_connection_t *qc; |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
506 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
507 qc = ngx_quic_get_connection(c); |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
508 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
509 if (!qc->closing) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
510 |
7875
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
511 /* drop packets from retransmit queues, no ack is expected */ |
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
512 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
8236
e9bd4305e68b
QUIC: fixed send contexts cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
513 ngx_quic_free_frames(c, &qc->send_ctx[i].sent); |
7875
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
514 } |
8bec0ac23cf9
Fixed retransmission of frames after closing connection.
Vladimir Homutov <vl@nginx.com>
parents:
7874
diff
changeset
|
515 |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
516 if (rc == NGX_DONE) { |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
517 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
518 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
519 * RFC 9000, 10.1. Idle Timeout |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
520 * |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
521 * If a max_idle_timeout is specified by either endpoint in its |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
522 * transport parameters (Section 18.2), the connection is silently |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
523 * closed and its state is discarded when it remains idle |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
524 */ |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
525 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
526 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
527 "quic closing %s connection", |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
528 qc->draining ? "drained" : "idle"); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
529 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
530 } else { |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
531 |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
532 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
533 * RFC 9000, 10.2. Immediate Close |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
534 * |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
535 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
536 * to terminate the connection immediately. |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
537 */ |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
538 |
7993
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
539 qc->error_level = c->ssl ? SSL_quic_read_level(c->ssl->connection) |
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
540 : ssl_encryption_initial; |
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
541 |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
542 if (rc == NGX_OK) { |
8295
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
543 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
544 "quic immediate close drain:%d", |
d4e02b3b734f
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8294
diff
changeset
|
545 qc->draining); |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
546 |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
547 qc->close.log = c->log; |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
548 qc->close.data = c; |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
549 qc->close.handler = ngx_quic_close_timer_handler; |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
550 qc->close.cancelable = 1; |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
551 |
7993
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
552 ctx = ngx_quic_get_send_ctx(qc, qc->error_level); |
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
553 |
b276833111cf
QUIC: implemented probe timeout (PTO) calculation.
Vladimir Homutov <vl@nginx.com>
parents:
7992
diff
changeset
|
554 ngx_add_timer(&qc->close, 3 * ngx_quic_pto(c, ctx)); |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
555 |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
556 qc->error = NGX_QUIC_ERR_NO_ERROR; |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
557 |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
558 } else { |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
559 if (qc->error == 0 && !qc->error_app) { |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
560 qc->error = NGX_QUIC_ERR_INTERNAL_ERROR; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
561 } |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
562 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
563 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
564 "quic immediate close due to %s error: %ui %s", |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
565 qc->error_app ? "app " : "", qc->error, |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
566 qc->error_reason ? qc->error_reason : ""); |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
567 } |
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
568 |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
569 (void) ngx_quic_send_cc(c); |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
570 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
571 if (qc->error_level == ssl_encryption_handshake) { |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
572 /* for clients that might not have handshake keys */ |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
573 qc->error_level = ssl_encryption_initial; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
574 (void) ngx_quic_send_cc(c); |
7877
d96ddef458cd
Added sending of extra CONNECTION_CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
7876
diff
changeset
|
575 } |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
576 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
577 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
578 qc->closing = 1; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
579 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
580 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
581 if (rc == NGX_ERROR && qc->close.timer_set) { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
582 /* do not wait for timer in case of fatal error */ |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
583 ngx_del_timer(&qc->close); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
584 } |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
585 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
586 if (ngx_quic_close_streams(c, qc) == NGX_AGAIN) { |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
587 return NGX_AGAIN; |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
588 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
589 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
590 if (qc->push.timer_set) { |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
591 ngx_del_timer(&qc->push); |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
592 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
593 |
7990 | 594 if (qc->pto.timer_set) { |
595 ngx_del_timer(&qc->pto); | |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
596 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
597 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
598 if (qc->path_validation.timer_set) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
599 ngx_del_timer(&qc->path_validation); |
7929
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
600 } |
ea4899591798
QUIC: Fixed connection cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7928
diff
changeset
|
601 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
602 if (qc->push.posted) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
603 ngx_delete_posted_event(&qc->push); |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
604 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
605 |
8091
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
606 if (qc->close.timer_set) { |
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
607 return NGX_AGAIN; |
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
608 } |
dbcb9d0a3df1
QUIC: prevented posted push event while in the draining state.
Vladimir Homutov <vl@nginx.com>
parents:
8084
diff
changeset
|
609 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
610 ngx_quic_close_sockets(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
611 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
612 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
613 "quic part of connection is terminated"); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
614 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
615 /* may be tested from SSL callback during SSL shutdown */ |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
616 c->udp = NULL; |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
617 |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
618 return NGX_OK; |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
619 } |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
620 |
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
621 |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
622 void |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
623 ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
624 const char *reason) |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
625 { |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
626 ngx_quic_connection_t *qc; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
627 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
628 qc = ngx_quic_get_connection(c); |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
629 qc->error = err; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
630 qc->error_reason = reason; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
631 qc->error_app = 1; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
632 qc->error_ftype = 0; |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
633 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
634 ngx_quic_close_connection(c, NGX_ERROR); |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
635 } |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
636 |
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
637 |
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
638 void |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
639 ngx_quic_shutdown_connection(ngx_connection_t *c, ngx_uint_t err, |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
640 const char *reason) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
641 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
642 ngx_quic_connection_t *qc; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
643 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
644 qc = ngx_quic_get_connection(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
645 qc->shutdown = 1; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
646 qc->shutdown_code = err; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
647 qc->shutdown_reason = reason; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
648 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
649 ngx_quic_shutdown_quic(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
650 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
651 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
652 |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
653 static void |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
654 ngx_quic_close_timer_handler(ngx_event_t *ev) |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
655 { |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
656 ngx_connection_t *c; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
657 |
7836 | 658 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic close timer"); |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
659 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
660 c = ev->data; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
661 ngx_quic_close_connection(c, NGX_DONE); |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
662 } |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
663 |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
664 |
7831
d11bc25fc4c3
Refactored ngx_quic_close_connection().
Vladimir Homutov <vl@nginx.com>
parents:
7827
diff
changeset
|
665 static ngx_int_t |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
666 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
667 { |
8644
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
668 size_t size; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
669 u_char *p; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
670 ngx_int_t rc; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
671 ngx_uint_t good; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
672 ngx_quic_header_t pkt; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
673 ngx_quic_connection_t *qc; |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
674 |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
675 good = 0; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
676 |
8644
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
677 size = b->last - b->pos; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
678 |
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
679 p = b->pos; |
7674
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
7673
diff
changeset
|
680 |
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
681 while (p < b->last) { |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
682 |
7691 | 683 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
684 pkt.raw = b; | |
685 pkt.data = p; | |
686 pkt.len = b->last - p; | |
687 pkt.log = c->log; | |
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
688 pkt.flags = p[0]; |
8097
a89a58c642ef
QUIC: simplified packet header parsing.
Vladimir Homutov <vl@nginx.com>
parents:
8096
diff
changeset
|
689 pkt.raw->pos++; |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
690 |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
691 rc = ngx_quic_process_packet(c, conf, &pkt); |
7659
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
7658
diff
changeset
|
692 |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
693 #if (NGX_DEBUG) |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
694 if (pkt.parsed) { |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
695 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8168
f32740ddd484
QUIC: got rid of "pkt" abbreviation in logs.
Vladimir Homutov <vl@nginx.com>
parents:
8167
diff
changeset
|
696 "quic packet %s done decr:%d pn:%L perr:%ui rc:%i", |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
697 ngx_quic_level_name(pkt.level), pkt.decrypted, |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
698 pkt.pn, pkt.error, rc); |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
699 } else { |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
700 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8168
f32740ddd484
QUIC: got rid of "pkt" abbreviation in logs.
Vladimir Homutov <vl@nginx.com>
parents:
8167
diff
changeset
|
701 "quic packet done parse failed rc:%i", rc); |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
702 } |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
703 #endif |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
704 |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
705 if (rc == NGX_ERROR) { |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
706 return NGX_ERROR; |
7691 | 707 } |
7672
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
7671
diff
changeset
|
708 |
8279 | 709 if (rc == NGX_DONE) { |
710 /* stop further processing */ | |
711 return NGX_DECLINED; | |
712 } | |
713 | |
8083
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
714 if (rc == NGX_OK) { |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
715 good = 1; |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
716 } |
702f1d2581a4
QUIC: eliminated idle timeout restart for dropped packets.
Roman Arutyunyan <arut@nginx.com>
parents:
8079
diff
changeset
|
717 |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
718 /* NGX_OK || NGX_DECLINED */ |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
719 |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
720 /* |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
721 * we get NGX_DECLINED when there are no keys [yet] available |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
722 * to decrypt packet. |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
723 * Instead of queueing it, we ignore it and rely on the sender's |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
724 * retransmission: |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
725 * |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
726 * RFC 9000, 12.2. Coalescing Packets |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
727 * |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
728 * For example, if decryption fails (because the keys are |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
729 * not available or for any other reason), the receiver MAY either |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
730 * discard or buffer the packet for later processing and MUST |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
731 * attempt to process the remaining packets. |
8073
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
732 * |
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
733 * We also skip packets that don't match connection state |
eb5aa85294e9
QUIC: discard unrecognized long packes.
Vladimir Homutov <vl@nginx.com>
parents:
8071
diff
changeset
|
734 * or cannot be parsed properly. |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
735 */ |
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
736 |
7691 | 737 /* b->pos is at header end, adjust by actual packet length */ |
8096
0f37b4ef3cd9
QUIC: keep the entire packet size in pkt->len.
Roman Arutyunyan <arut@nginx.com>
parents:
8095
diff
changeset
|
738 b->pos = pkt.data + pkt.len; |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
739 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
740 p = b->pos; |
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
741 } |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
742 |
8644
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
743 if (!good) { |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
744 return NGX_DECLINED; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
745 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
746 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
747 qc = ngx_quic_get_connection(c); |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
748 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
749 if (qc) { |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
750 qc->received += size; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
751 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
752 if ((uint64_t) (c->sent + qc->received) / 8 > |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
753 (qc->streams.sent + qc->streams.recv_last) + 1048576) |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
754 { |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
755 ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic flood detected"); |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
756 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
757 qc->error = NGX_QUIC_ERR_NO_ERROR; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
758 qc->error_reason = "QUIC flood detected"; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
759 return NGX_ERROR; |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
760 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
761 } |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
762 |
6204120cf37f
QUIC: traffic-based flood detection.
Roman Arutyunyan <arut@nginx.com>
parents:
8640
diff
changeset
|
763 return NGX_OK; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
764 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
765 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
766 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
767 static ngx_int_t |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
768 ngx_quic_process_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, |
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8100
diff
changeset
|
769 ngx_quic_header_t *pkt) |
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
770 { |
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
771 ngx_int_t rc; |
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
772 ngx_quic_connection_t *qc; |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
773 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
774 c->log->action = "parsing quic packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
775 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
776 rc = ngx_quic_parse_packet(pkt); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
777 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
778 if (rc == NGX_DECLINED || rc == NGX_ERROR) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
779 return rc; |
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
780 } |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
781 |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
782 pkt->parsed = 1; |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
783 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
784 c->log->action = "processing quic packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
785 |
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
786 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
787 "quic packet rx dcid len:%uz %xV", |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
788 pkt->dcid.len, &pkt->dcid); |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
789 |
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
790 #if (NGX_DEBUG) |
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
791 if (pkt->level != ssl_encryption_application) { |
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
792 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
793 "quic packet rx scid len:%uz %xV", |
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
794 pkt->scid.len, &pkt->scid); |
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
795 } |
8211
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
796 |
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
797 if (pkt->level == ssl_encryption_initial) { |
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
798 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
799 "quic address validation token len:%uz %xV", |
8235
dbad2d6d1898
QUIC: removed ngx_quic_hexdump() macro.
Vladimir Homutov <vl@nginx.com>
parents:
8212
diff
changeset
|
800 pkt->token.len, &pkt->token); |
8211
fe53def49945
QUIC: refactored long header parsing.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8209
diff
changeset
|
801 } |
8137
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
802 #endif |
52ad697f9d1c
QUIC: enabled more key-related debug by default.
Vladimir Homutov <vl@nginx.com>
parents:
8136
diff
changeset
|
803 |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
804 qc = ngx_quic_get_connection(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
805 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
806 if (qc) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
807 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
808 if (rc == NGX_ABORT) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
809 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
810 "quic unsupported version: 0x%xD", pkt->version); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
811 return NGX_DECLINED; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
812 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
813 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
814 rc = ngx_quic_check_migration(c, pkt); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
815 if (rc != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
816 return rc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
817 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
818 |
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
819 if (pkt->level != ssl_encryption_application) { |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
820 |
8194
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
821 if (pkt->version != qc->version) { |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
822 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
823 "quic version mismatch: 0x%xD", pkt->version); |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
824 return NGX_DECLINED; |
340cd26158fb
QUIC: preparatory changes for multiple QUIC versions support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8193
diff
changeset
|
825 } |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
826 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
827 if (ngx_quic_check_csid(qc, pkt) != NGX_OK) { |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
828 return NGX_DECLINED; |
8100
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
829 } |
b31c02454539
QUIC: added stateless reset support.
Vladimir Homutov <vl@nginx.com>
parents:
8099
diff
changeset
|
830 |
8640
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8639
diff
changeset
|
831 } |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
832 |
8640
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8639
diff
changeset
|
833 rc = ngx_quic_process_payload(c, pkt); |
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8639
diff
changeset
|
834 |
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8639
diff
changeset
|
835 if (rc == NGX_DECLINED && pkt->level == ssl_encryption_application) { |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
836 if (ngx_quic_process_stateless_reset(c, pkt) == NGX_OK) { |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
837 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
838 "quic stateless reset packet detected"); |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
839 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
840 qc->draining = 1; |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
841 ngx_quic_close_connection(c, NGX_OK); |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
842 |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
843 return NGX_OK; |
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
844 } |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
845 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
846 |
8640
c4f249d485e3
QUIC: attempt decrypt before checking for stateless reset.
Martin Duke <m.duke@f5.com>
parents:
8639
diff
changeset
|
847 return rc; |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
848 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
849 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
850 /* packet does not belong to a connection */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
851 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
852 if (rc == NGX_ABORT) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
853 return ngx_quic_negotiate_version(c, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
854 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
855 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
856 if (pkt->level == ssl_encryption_application) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
857 return ngx_quic_send_stateless_reset(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
858 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
859 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
860 if (pkt->level != ssl_encryption_initial) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
861 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
862 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
863 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
864 c->log->action = "processing initial packet"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
865 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
866 if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
867 /* RFC 9000, 7.2. Negotiating Connection IDs */ |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
868 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
869 "quic too short dcid in initial" |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
870 " packet: len:%i", pkt->dcid.len); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
871 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
872 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
873 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
874 /* process retry and initialize connection IDs */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
875 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
876 if (pkt->token.len) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
877 |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
878 rc = ngx_quic_validate_token(c, conf->av_token_key, pkt); |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
879 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
880 if (rc == NGX_ERROR) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
881 /* internal error */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
882 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
883 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
884 } else if (rc == NGX_ABORT) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
885 /* token cannot be decrypted */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
886 return ngx_quic_send_early_cc(c, pkt, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
887 NGX_QUIC_ERR_INVALID_TOKEN, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
888 "cannot decrypt token"); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
889 } else if (rc == NGX_DECLINED) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
890 /* token is invalid */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
891 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
892 if (pkt->retried) { |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
893 /* invalid address validation token */ |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
894 return ngx_quic_send_early_cc(c, pkt, |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
895 NGX_QUIC_ERR_INVALID_TOKEN, |
8287
cef042935003
QUIC: the "quic_host_key" directive.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
896 "invalid address validation token"); |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
897 } else if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
898 /* invalid NEW_TOKEN */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
899 return ngx_quic_send_retry(c, conf, pkt); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
900 } |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
901 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
902 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
903 /* NGX_OK */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
904 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
905 } else if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
906 return ngx_quic_send_retry(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
907 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
908 } else { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
909 pkt->odcid = pkt->dcid; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
910 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
911 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
912 if (ngx_terminate || ngx_exiting) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
913 if (conf->retry) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
914 return ngx_quic_send_retry(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
915 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
916 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
917 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
918 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
919 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
920 c->log->action = "creating quic connection"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
921 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
922 qc = ngx_quic_new_connection(c, conf, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
923 if (qc == NULL) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
924 return NGX_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
925 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
926 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
927 return ngx_quic_process_payload(c, pkt); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
928 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
929 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
930 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
931 static ngx_int_t |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
932 ngx_quic_process_payload(ngx_connection_t *c, ngx_quic_header_t *pkt) |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
933 { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
934 ngx_int_t rc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
935 ngx_quic_send_ctx_t *ctx; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
936 ngx_quic_connection_t *qc; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
937 static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
938 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
939 qc = ngx_quic_get_connection(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
940 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
941 qc->error = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
942 qc->error_reason = 0; |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
943 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
944 c->log->action = "decrypting packet"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
945 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
946 if (!ngx_quic_keys_available(qc->keys, pkt->level)) { |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
947 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8494
80d396fd8ee8
QUIC: improved errors readability.
Vladimir Homutov <vl@nginx.com>
parents:
8493
diff
changeset
|
948 "quic no %s keys, ignoring packet", |
80d396fd8ee8
QUIC: improved errors readability.
Vladimir Homutov <vl@nginx.com>
parents:
8493
diff
changeset
|
949 ngx_quic_level_name(pkt->level)); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
950 return NGX_DECLINED; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
951 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
952 |
8541
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
953 #if !defined (OPENSSL_IS_BORINGSSL) |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
954 /* OpenSSL provides read keys for an application level before it's ready */ |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
955 |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
956 if (pkt->level == ssl_encryption_application |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
957 && SSL_quic_read_level(c->ssl->connection) |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
958 < ssl_encryption_application) |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
959 { |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
960 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
961 "quic no %s keys ready, ignoring packet", |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
962 ngx_quic_level_name(pkt->level)); |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
963 return NGX_DECLINED; |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
964 } |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
965 #endif |
7f29db5294bd
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8507
diff
changeset
|
966 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
967 pkt->keys = qc->keys; |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
968 pkt->key_phase = qc->key_phase; |
7860
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
969 pkt->plaintext = buf; |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
970 |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
971 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
7ea34e13937f
Address validation using Retry packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7859
diff
changeset
|
972 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
973 rc = ngx_quic_decrypt(pkt, &ctx->largest_pn); |
8074
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
974 if (rc != NGX_OK) { |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
975 qc->error = pkt->error; |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
976 qc->error_reason = "failed to decrypt packet"; |
c6b963de0c00
QUIC: pass return code from ngx_quic_decrypt() to the caller.
Vladimir Homutov <vl@nginx.com>
parents:
8073
diff
changeset
|
977 return rc; |
7689 | 978 } |
979 | |
8139
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
980 pkt->decrypted = 1; |
07971f870879
QUIC: added debug message with final packet processing status.
Vladimir Homutov <vl@nginx.com>
parents:
8138
diff
changeset
|
981 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
982 if (ngx_quic_update_paths(c, pkt) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
983 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
984 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
985 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
986 if (c->ssl == NULL) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
987 if (ngx_quic_init_connection(c) != NGX_OK) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
988 return NGX_ERROR; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
989 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
990 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
991 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
992 if (pkt->level == ssl_encryption_handshake) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
993 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
994 * RFC 9001, 4.9.1. Discarding Initial Keys |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
995 * |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
996 * The successful use of Handshake packets indicates |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
997 * that no more Initial packets need to be exchanged |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
998 */ |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
999 ngx_quic_discard_ctx(c, ssl_encryption_initial); |
8170
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8169
diff
changeset
|
1000 |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1001 if (qc->socket->path->state != NGX_QUIC_PATH_VALIDATED) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1002 qc->socket->path->state = NGX_QUIC_PATH_VALIDATED; |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1003 ngx_post_event(&qc->push, &ngx_posted_events); |
8170
e2086d8181fa
QUIC: added push event afer the address was validated.
Vladimir Homutov <vl@nginx.com>
parents:
8169
diff
changeset
|
1004 } |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1005 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1006 |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1007 if (qc->closing) { |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1008 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1009 * RFC 9000, 10.2. Immediate Close |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1010 * |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1011 * ... delayed or reordered packets are properly discarded. |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1012 * |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1013 * In the closing state, an endpoint retains only enough information |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1014 * to generate a packet containing a CONNECTION_CLOSE frame and to |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1015 * identify packets as belonging to the connection. |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1016 */ |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1017 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1018 qc->error_level = pkt->level; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1019 qc->error = NGX_QUIC_ERR_NO_ERROR; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1020 qc->error_reason = "connection is closing, packet discarded"; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1021 qc->error_ftype = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1022 qc->error_app = 0; |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1023 |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1024 return ngx_quic_send_cc(c); |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1025 } |
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1026 |
8162
c5ea341f705a
QUIC: optimized acknowledgement generation.
Vladimir Homutov <vl@nginx.com>
parents:
8161
diff
changeset
|
1027 pkt->received = ngx_current_msec; |
8133
1d4417e4f2d0
QUIC: fixed measuring ACK Delay against 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8132
diff
changeset
|
1028 |
8135
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
1029 c->log->action = "handling payload"; |
eacca87c476e
QUIC: updated c->log->action strings to reflect proper state.
Vladimir Homutov <vl@nginx.com>
parents:
8134
diff
changeset
|
1030 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1031 if (pkt->level != ssl_encryption_application) { |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1032 return ngx_quic_handle_frames(c, pkt); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1033 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1034 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1035 if (!pkt->key_update) { |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1036 return ngx_quic_handle_frames(c, pkt); |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1037 } |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1038 |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1039 /* switch keys and generate next on Key Phase change */ |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1040 |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1041 qc->key_phase ^= 1; |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1042 ngx_quic_keys_switch(c, qc->keys); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1043 |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1044 rc = ngx_quic_handle_frames(c, pkt); |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1045 if (rc != NGX_OK) { |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1046 return rc; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1047 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1048 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1049 return ngx_quic_keys_update(c, qc->keys); |
7689 | 1050 } |
1051 | |
1052 | |
8413
46161c610919
QUIC: separate files for SSL library interfaces.
Vladimir Homutov <vl@nginx.com>
parents:
8412
diff
changeset
|
1053 void |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1054 ngx_quic_discard_ctx(ngx_connection_t *c, enum ssl_encryption_level_t level) |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1055 { |
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1056 ngx_queue_t *q; |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1057 ngx_quic_frame_t *f; |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1058 ngx_quic_socket_t *qsock; |
7816
aba84d9ab256
Parsing of truncated packet numbers.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7815
diff
changeset
|
1059 ngx_quic_send_ctx_t *ctx; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1060 ngx_quic_connection_t *qc; |
7729
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
7726
diff
changeset
|
1061 |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1062 qc = ngx_quic_get_connection(c); |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1063 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1064 if (!ngx_quic_keys_available(qc->keys, level)) { |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1065 return; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1066 } |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1067 |
8191
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1068 ngx_quic_keys_discard(qc->keys, level); |
9c3be23ddbe7
QUIC: refactored key handling.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8190
diff
changeset
|
1069 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1070 qc->pto_count = 0; |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1071 |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1072 ctx = ngx_quic_get_send_ctx(qc, level); |
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1073 |
8442
b3f6ad181df4
QUIC: refactored CRYPTO and STREAM buffer ordering.
Roman Arutyunyan <arut@nginx.com>
parents:
8438
diff
changeset
|
1074 ngx_quic_free_bufs(c, ctx->crypto); |
b3f6ad181df4
QUIC: refactored CRYPTO and STREAM buffer ordering.
Roman Arutyunyan <arut@nginx.com>
parents:
8438
diff
changeset
|
1075 |
8025
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1076 while (!ngx_queue_empty(&ctx->sent)) { |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1077 q = ngx_queue_head(&ctx->sent); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1078 ngx_queue_remove(q); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1079 |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1080 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1081 ngx_quic_congestion_ack(c, f); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1082 ngx_quic_free_frame(c, f); |
7f9938cbcd12
QUIC: fixed leak of bytes_in_flight on keys discard.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8024
diff
changeset
|
1083 } |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1084 |
8171
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1085 while (!ngx_queue_empty(&ctx->frames)) { |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1086 q = ngx_queue_head(&ctx->frames); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1087 ngx_queue_remove(q); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1088 |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1089 f = ngx_queue_data(q, ngx_quic_frame_t, queue); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1090 ngx_quic_congestion_ack(c, f); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1091 ngx_quic_free_frame(c, f); |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1092 } |
b1676cd64dc9
QUIC: cleanup send context properly.
Vladimir Homutov <vl@nginx.com>
parents:
8170
diff
changeset
|
1093 |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1094 if (level == ssl_encryption_initial) { |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1095 /* close temporary listener with odcid */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1096 qsock = ngx_quic_find_socket(c, NGX_QUIC_UNSET_PN); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1097 if (qsock) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1098 ngx_quic_close_socket(c, qsock); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1099 } |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1100 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1101 |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1102 ctx->send_ack = 0; |
8290
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8289
diff
changeset
|
1103 |
faa3201ff351
QUIC: improved setting the lost timer.
Roman Arutyunyan <arut@nginx.com>
parents:
8289
diff
changeset
|
1104 ngx_quic_set_lost_timer(c); |
7770
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1105 } |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1106 |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1107 |
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7769
diff
changeset
|
1108 static ngx_int_t |
8281
a346905c359f
QUIC: fixed stateless reset recognition and send.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1109 ngx_quic_check_csid(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) |
7838 | 1110 { |
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1111 ngx_queue_t *q; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1112 ngx_quic_client_id_t *cid; |
7858
6e100d8c138a
Preserve original DCID and unbreak parsing 0-RTT packets.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7857
diff
changeset
|
1113 |
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1114 for (q = ngx_queue_head(&qc->client_ids); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1115 q != ngx_queue_sentinel(&qc->client_ids); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1116 q = ngx_queue_next(q)) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1117 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1118 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1119 |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1120 if (pkt->scid.len == cid->len |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1121 && ngx_memcmp(pkt->scid.data, cid->id, cid->len) == 0) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1122 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1123 return NGX_OK; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1124 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1125 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1126 |
8098
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1127 ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); |
d0d3fc0697a0
QUIC: packet processing refactoring.
Vladimir Homutov <vl@nginx.com>
parents:
8097
diff
changeset
|
1128 return NGX_ERROR; |
7648
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
7646
diff
changeset
|
1129 } |
7637 | 1130 |
1131 | |
7691 | 1132 static ngx_int_t |
8280
1c6343bd7933
QUIC: refactored packet processing.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1133 ngx_quic_handle_frames(ngx_connection_t *c, ngx_quic_header_t *pkt) |
7691 | 1134 { |
1135 u_char *end, *p; | |
1136 ssize_t len; | |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1137 ngx_buf_t buf; |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1138 ngx_uint_t do_close, nonprobing; |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1139 ngx_chain_t chain; |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1140 ngx_quic_frame_t frame; |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1141 ngx_quic_socket_t *qsock; |
7691 | 1142 ngx_quic_connection_t *qc; |
1143 | |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1144 qc = ngx_quic_get_connection(c); |
7691 | 1145 |
1146 p = pkt->payload.data; | |
1147 end = p + pkt->payload.len; | |
1148 | |
1149 do_close = 0; | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1150 nonprobing = 0; |
7691 | 1151 |
1152 while (p < end) { | |
1153 | |
7741 | 1154 c->log->action = "parsing frames"; |
1155 | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1156 ngx_memzero(&frame, sizeof(ngx_quic_frame_t)); |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1157 ngx_memzero(&buf, sizeof(ngx_buf_t)); |
8243
d9f673d18e9b
QUIC: set the temporary flag for input frame buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8242
diff
changeset
|
1158 buf.temporary = 1; |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1159 |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1160 chain.buf = &buf; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1161 chain.next = NULL; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1162 frame.data = &chain; |
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1163 |
7706
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
7705
diff
changeset
|
1164 len = ngx_quic_parse_frame(pkt, p, end, &frame); |
7717
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
7713
diff
changeset
|
1165 |
7691 | 1166 if (len < 0) { |
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1167 qc->error = pkt->error; |
7691 | 1168 return NGX_ERROR; |
1169 } | |
1170 | |
8163
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
1171 ngx_quic_log_frame(c->log, &frame, 0); |
b3d9e57d0f62
QUIC: single function for frame debug logging.
Vladimir Homutov <vl@nginx.com>
parents:
8162
diff
changeset
|
1172 |
7741 | 1173 c->log->action = "handling frames"; |
1174 | |
7691 | 1175 p += len; |
1176 | |
1177 switch (frame.type) { | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1178 /* probing frames */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1179 case NGX_QUIC_FT_PADDING: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1180 case NGX_QUIC_FT_PATH_CHALLENGE: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1181 case NGX_QUIC_FT_PATH_RESPONSE: |
8436
901126931bd5
QUIC: consider NEW_CONNECTION_ID a probing frame.
Vladimir Homutov <vl@nginx.com>
parents:
8423
diff
changeset
|
1182 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1183 break; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1184 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1185 /* non-probing frames */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1186 default: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1187 nonprobing = 1; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1188 break; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1189 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1190 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1191 switch (frame.type) { |
7691 | 1192 |
1193 case NGX_QUIC_FT_ACK: | |
8241
2dfc5ef29973
QUIC: introduced QUIC buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
8240
diff
changeset
|
1194 if (ngx_quic_handle_ack_frame(c, pkt, &frame) != NGX_OK) { |
7691 | 1195 return NGX_ERROR; |
1196 } | |
1197 | |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1198 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1199 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1200 case NGX_QUIC_FT_PADDING: |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1201 /* no action required */ |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1202 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1203 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1204 case NGX_QUIC_FT_CONNECTION_CLOSE: |
7953
e0f92f68e018
QUIC: Introduced ngx_quic_finalize_connection().
Roman Arutyunyan <arut@nginx.com>
parents:
7945
diff
changeset
|
1205 case NGX_QUIC_FT_CONNECTION_CLOSE_APP: |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1206 do_close = 1; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1207 continue; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1208 } |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1209 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1210 /* got there with ack-eliciting packet */ |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1211 pkt->need_ack = 1; |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1212 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1213 switch (frame.type) { |
7691 | 1214 |
1215 case NGX_QUIC_FT_CRYPTO: | |
1216 | |
7810
167d32476737
Crypto buffer frames reordering.
Vladimir Homutov <vl@nginx.com>
parents:
7809
diff
changeset
|
1217 if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { |
7691 | 1218 return NGX_ERROR; |
1219 } | |
1220 | |
1221 break; | |
1222 | |
1223 case NGX_QUIC_FT_PING: | |
1224 break; | |
1225 | |
8545
4009f120cad4
QUIC: eliminated stream type from ngx_quic_stream_frame_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8541
diff
changeset
|
1226 case NGX_QUIC_FT_STREAM: |
7691 | 1227 |
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
1228 if (ngx_quic_handle_stream_frame(c, pkt, &frame) != NGX_OK) { |
7691 | 1229 return NGX_ERROR; |
1230 } | |
1231 | |
1232 break; | |
1233 | |
7703
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1234 case NGX_QUIC_FT_MAX_DATA: |
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1235 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1236 if (ngx_quic_handle_max_data_frame(c, &frame.u.max_data) != NGX_OK) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1237 { |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1238 return NGX_ERROR; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1239 } |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1240 |
7703
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1241 break; |
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7702
diff
changeset
|
1242 |
7702
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1243 case NGX_QUIC_FT_STREAMS_BLOCKED: |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1244 case NGX_QUIC_FT_STREAMS_BLOCKED2: |
7711
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1245 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1246 if (ngx_quic_handle_streams_blocked_frame(c, pkt, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1247 &frame.u.streams_blocked) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1248 != NGX_OK) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1249 { |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1250 return NGX_ERROR; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1251 } |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
7707
diff
changeset
|
1252 |
7702
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1253 break; |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
7701
diff
changeset
|
1254 |
8698
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1255 case NGX_QUIC_FT_DATA_BLOCKED: |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1256 |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1257 if (ngx_quic_handle_data_blocked_frame(c, pkt, |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1258 &frame.u.data_blocked) |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1259 != NGX_OK) |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1260 { |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1261 return NGX_ERROR; |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1262 } |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1263 |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1264 break; |
d041b8d6ab0b
QUIC: handle DATA_BLOCKED frame from client.
Roman Arutyunyan <arut@nginx.com>
parents:
8644
diff
changeset
|
1265 |
7732
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1266 case NGX_QUIC_FT_STREAM_DATA_BLOCKED: |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1267 |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1268 if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1269 &frame.u.stream_data_blocked) |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1270 != NGX_OK) |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1271 { |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1272 return NGX_ERROR; |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1273 } |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1274 |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1275 break; |
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
7731
diff
changeset
|
1276 |
7842
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1277 case NGX_QUIC_FT_MAX_STREAM_DATA: |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1278 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1279 if (ngx_quic_handle_max_stream_data_frame(c, pkt, |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1280 &frame.u.max_stream_data) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1281 != NGX_OK) |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1282 { |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1283 return NGX_ERROR; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1284 } |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1285 |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1286 break; |
fab75acb1f72
Respect MAX_DATA and MAX_STREAM_DATA from QUIC client.
Roman Arutyunyan <arut@nginx.com>
parents:
7841
diff
changeset
|
1287 |
7923
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1288 case NGX_QUIC_FT_RESET_STREAM: |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1289 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1290 if (ngx_quic_handle_reset_stream_frame(c, pkt, |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1291 &frame.u.reset_stream) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1292 != NGX_OK) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1293 { |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1294 return NGX_ERROR; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1295 } |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1296 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1297 break; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1298 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1299 case NGX_QUIC_FT_STOP_SENDING: |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1300 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1301 if (ngx_quic_handle_stop_sending_frame(c, pkt, |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1302 &frame.u.stop_sending) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1303 != NGX_OK) |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1304 { |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1305 return NGX_ERROR; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1306 } |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1307 |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1308 break; |
953cf44708b0
Stream ID handling in RESET_STREAM and STOP_SENDING frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7922
diff
changeset
|
1309 |
8013
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1310 case NGX_QUIC_FT_MAX_STREAMS: |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1311 case NGX_QUIC_FT_MAX_STREAMS2: |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1312 |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1313 if (ngx_quic_handle_max_streams_frame(c, pkt, &frame.u.max_streams) |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1314 != NGX_OK) |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1315 { |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1316 return NGX_ERROR; |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1317 } |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1318 |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1319 break; |
455a8536eaa7
QUIC: limited the number of server-initiated streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8004
diff
changeset
|
1320 |
8069
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1321 case NGX_QUIC_FT_PATH_CHALLENGE: |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1322 |
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1323 if (ngx_quic_handle_path_challenge_frame(c, &frame.u.path_challenge) |
8069
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1324 != NGX_OK) |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1325 { |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1326 return NGX_ERROR; |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1327 } |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1328 |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1329 break; |
4ff2a0b747d1
QUIC: handle PATH_CHALLENGE frame.
Roman Arutyunyan <arut@nginx.com>
parents:
8068
diff
changeset
|
1330 |
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1331 case NGX_QUIC_FT_PATH_RESPONSE: |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1332 |
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1333 if (ngx_quic_handle_path_response_frame(c, &frame.u.path_response) |
8387
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1334 != NGX_OK) |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1335 { |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1336 return NGX_ERROR; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1337 } |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1338 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1339 break; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8386
diff
changeset
|
1340 |
7791
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
1341 case NGX_QUIC_FT_NEW_CONNECTION_ID: |
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1342 |
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1343 if (ngx_quic_handle_new_connection_id_frame(c, &frame.u.ncid) |
8076
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1344 != NGX_OK) |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1345 { |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1346 return NGX_ERROR; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1347 } |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1348 |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1349 break; |
3afaaaa930ab
QUIC: added support for multiple connection IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8074
diff
changeset
|
1350 |
7791
9b9d592c0da3
Ignore non-yet-implemented frames.
Vladimir Homutov <vl@nginx.com>
parents:
7788
diff
changeset
|
1351 case NGX_QUIC_FT_RETIRE_CONNECTION_ID: |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1352 |
8438
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8436
diff
changeset
|
1353 if (ngx_quic_handle_retire_connection_id_frame(c, |
8198
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1354 &frame.u.retire_cid) |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1355 != NGX_OK) |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1356 { |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1357 return NGX_ERROR; |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1358 } |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1359 |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1360 break; |
45db1b5c1706
QUIC: connection multiplexing per port.
Roman Arutyunyan <arut@nginx.com>
parents:
8197
diff
changeset
|
1361 |
7691 | 1362 default: |
7823
4e4485793418
Added MAX_STREAM_DATA stub handler.
Vladimir Homutov <vl@nginx.com>
parents:
7822
diff
changeset
|
1363 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
7836 | 1364 "quic missing frame handler"); |
7691 | 1365 return NGX_ERROR; |
1366 } | |
1367 } | |
1368 | |
1369 if (p != end) { | |
1370 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
8164
eed49b83e18f
QUIC: revised value separators in debug and error messages.
Vladimir Homutov <vl@nginx.com>
parents:
8163
diff
changeset
|
1371 "quic trailing garbage in payload:%ui bytes", end - p); |
7862
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1372 |
fb7422074258
Added generation of CC frames with error on connection termination.
Vladimir Homutov <vl@nginx.com>
parents:
7861
diff
changeset
|
1373 qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; |
7691 | 1374 return NGX_ERROR; |
1375 } | |
1376 | |
1377 if (do_close) { | |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1378 qc->draining = 1; |
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1379 ngx_quic_close_connection(c, NGX_OK); |
7691 | 1380 } |
1381 | |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1382 qsock = ngx_quic_get_socket(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1383 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1384 if (qsock != qc->socket) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1385 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1386 if (qsock->path != qc->socket->path && nonprobing) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1387 /* |
8498
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1388 * RFC 9000, 9.2. Initiating Connection Migration |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8494
diff
changeset
|
1389 * |
8423
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1390 * An endpoint can migrate a connection to a new local |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1391 * address by sending packets containing non-probing frames |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1392 * from that address. |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1393 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1394 if (ngx_quic_handle_migration(c, pkt) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1395 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1396 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1397 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1398 /* |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1399 * else: packet arrived via non-default socket; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1400 * no reason to change active path |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1401 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1402 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8413
diff
changeset
|
1403 |
8155
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1404 if (ngx_quic_ack_packet(c, pkt) != NGX_OK) { |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1405 return NGX_ERROR; |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1406 } |
38c7dd720774
QUIC: added ACK frame range support.
Vladimir Homutov <vl@nginx.com>
parents:
8154
diff
changeset
|
1407 |
7844
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1408 return NGX_OK; |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1409 } |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1410 |
c10e7d48aa85
Factored out sending ACK from payload handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7842
diff
changeset
|
1411 |
7775 | 1412 static void |
1413 ngx_quic_push_handler(ngx_event_t *ev) | |
1414 { | |
7811
72d20158c814
Added reordering support for STREAM frames.
Vladimir Homutov <vl@nginx.com>
parents:
7810
diff
changeset
|
1415 ngx_connection_t *c; |
7775 | 1416 |
7836 | 1417 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic push timer"); |
7775 | 1418 |
1419 c = ev->data; | |
1420 | |
1421 if (ngx_quic_output(c) != NGX_OK) { | |
7832
ad3a6f069498
Added proper handling of connection close phases.
Vladimir Homutov <vl@nginx.com>
parents:
7831
diff
changeset
|
1422 ngx_quic_close_connection(c, NGX_ERROR); |
7775 | 1423 return; |
1424 } | |
8166
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
1425 |
21b7dac9de3b
QUIC: added connection state debug to event handlers.
Vladimir Homutov <vl@nginx.com>
parents:
8165
diff
changeset
|
1426 ngx_quic_connstate_dbg(c); |
7775 | 1427 } |
1428 | |
1429 | |
8410
41807e581de9
QUIC: separate files for stream related processing.
Vladimir Homutov <vl@nginx.com>
parents:
8409
diff
changeset
|
1430 void |
8359
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1431 ngx_quic_shutdown_quic(ngx_connection_t *c) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1432 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1433 ngx_rbtree_t *tree; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1434 ngx_rbtree_node_t *node; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1435 ngx_quic_stream_t *qs; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1436 ngx_quic_connection_t *qc; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1437 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1438 qc = ngx_quic_get_connection(c); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1439 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1440 if (qc->closing) { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1441 return; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1442 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1443 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1444 tree = &qc->streams.tree; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1445 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1446 if (tree->root != tree->sentinel) { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1447 for (node = ngx_rbtree_min(tree->root, tree->sentinel); |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1448 node; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1449 node = ngx_rbtree_next(tree, node)) |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1450 { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1451 qs = (ngx_quic_stream_t *) node; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1452 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1453 if (!qs->cancelable) { |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1454 return; |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1455 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1456 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1457 } |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1458 |
fc64ab301bad
QUIC: connection shutdown.
Roman Arutyunyan <arut@nginx.com>
parents:
8352
diff
changeset
|
1459 ngx_quic_finalize_connection(c, qc->shutdown_code, qc->shutdown_reason); |
7705
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1460 } |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1461 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
7703
diff
changeset
|
1462 |
8196
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1463 uint32_t |
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1464 ngx_quic_version(ngx_connection_t *c) |
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1465 { |
8199
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1466 uint32_t version; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1467 ngx_quic_connection_t *qc; |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1468 |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1469 qc = ngx_quic_get_connection(c); |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1470 |
feec2cc762f6
QUIC: got rid of the c->quic field.
Roman Arutyunyan <arut@nginx.com>
parents:
8198
diff
changeset
|
1471 version = qc->version; |
8196
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1472 |
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1473 return (version & 0xff000000) == 0xff000000 ? version & 0xff : version; |
e0947c952d43
QUIC: multiple versions support in ALPN.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8195
diff
changeset
|
1474 } |