Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic.c @ 7877:d96ddef458cd quic
Added sending of extra CONNECTION_CLOSE frames.
According to quic-transport draft 28 section 10.3.1:
When sending CONNECTION_CLOSE, the goal is to ensure that the peer
will process the frame. Generally, this means sending the frame in a
packet with the highest level of packet protection to avoid the
packet being discarded. After the handshake is confirmed (see
Section 4.1.2 of [QUIC-TLS]), an endpoint MUST send any
CONNECTION_CLOSE frames in a 1-RTT packet. However, prior to
confirming the handshake, it is possible that more advanced packet
protection keys are not available to the peer, so another
CONNECTION_CLOSE frame MAY be sent in a packet that uses a lower
packet protection level.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Fri, 22 May 2020 18:14:35 +0300 |
parents | ffd362e87eb2 |
children | d3aa54242c37 |
comparison
equal
deleted
inserted
replaced
7876:ffd362e87eb2 | 7877:d96ddef458cd |
---|---|
1187 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { | 1187 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
1188 ctx = ngx_quic_get_send_ctx(qc, i); | 1188 ctx = ngx_quic_get_send_ctx(qc, i); |
1189 ngx_quic_free_frames(c, &ctx->sent); | 1189 ngx_quic_free_frames(c, &ctx->sent); |
1190 } | 1190 } |
1191 | 1191 |
1192 level = (qc->state == ssl_encryption_early_data) | 1192 if (rc == NGX_DONE) { |
1193 ? ssl_encryption_application | |
1194 : qc->state; | |
1195 | |
1196 if (rc == NGX_OK) { | |
1197 | |
1198 /* | |
1199 * 10.3. Immediate Close | |
1200 * | |
1201 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) to | |
1202 * terminate the connection immediately. | |
1203 */ | |
1204 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1205 "quic immediate close, drain = %d", qc->draining); | |
1206 | |
1207 if (ngx_quic_send_cc(c, level, NGX_QUIC_ERR_NO_ERROR, 0, NULL) | |
1208 == NGX_OK) | |
1209 { | |
1210 | |
1211 qc->close.log = c->log; | |
1212 qc->close.data = c; | |
1213 qc->close.handler = ngx_quic_close_timer_handler; | |
1214 qc->close.cancelable = 1; | |
1215 | |
1216 ngx_add_timer(&qc->close, 3 * NGX_QUIC_HARDCODED_PTO); | |
1217 } | |
1218 | |
1219 } else if (rc == NGX_DONE) { | |
1220 | 1193 |
1221 /* | 1194 /* |
1222 * 10.2. Idle Timeout | 1195 * 10.2. Idle Timeout |
1223 * | 1196 * |
1224 * If the idle timeout is enabled by either peer, a connection is | 1197 * If the idle timeout is enabled by either peer, a connection is |
1228 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1201 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1229 "quic closing %s connection", | 1202 "quic closing %s connection", |
1230 qc->draining ? "drained" : "idle"); | 1203 qc->draining ? "drained" : "idle"); |
1231 | 1204 |
1232 } else { | 1205 } else { |
1233 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1206 |
1234 "quic immediate close due to fatal error: %ui", | 1207 /* |
1235 qc->error); | 1208 * 10.3. Immediate Close |
1236 | 1209 * |
1237 err = qc->error ? qc->error : NGX_QUIC_ERR_INTERNAL_ERROR; | 1210 * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) |
1211 * to terminate the connection immediately. | |
1212 */ | |
1213 | |
1214 if (rc == NGX_OK) { | |
1215 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1216 "quic immediate close, drain = %d", | |
1217 qc->draining); | |
1218 | |
1219 qc->close.log = c->log; | |
1220 qc->close.data = c; | |
1221 qc->close.handler = ngx_quic_close_timer_handler; | |
1222 qc->close.cancelable = 1; | |
1223 | |
1224 ngx_add_timer(&qc->close, 3 * NGX_QUIC_HARDCODED_PTO); | |
1225 | |
1226 err = NGX_QUIC_ERR_NO_ERROR; | |
1227 | |
1228 } else { | |
1229 err = qc->error ? qc->error : NGX_QUIC_ERR_INTERNAL_ERROR; | |
1230 | |
1231 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1232 "quic immediate close due to error: %ui %s", | |
1233 qc->error, | |
1234 qc->error_reason ? qc->error_reason : ""); | |
1235 } | |
1236 | |
1237 level = (qc->state == ssl_encryption_early_data) | |
1238 ? ssl_encryption_handshake | |
1239 : qc->state; | |
1240 | |
1238 (void) ngx_quic_send_cc(c, level, err, qc->error_ftype, | 1241 (void) ngx_quic_send_cc(c, level, err, qc->error_ftype, |
1239 qc->error_reason); | 1242 qc->error_reason); |
1243 | |
1244 if (level == ssl_encryption_handshake) { | |
1245 /* for clients that might not have handshake keys */ | |
1246 (void) ngx_quic_send_cc(c, ssl_encryption_initial, err, | |
1247 qc->error_ftype, qc->error_reason); | |
1248 } | |
1240 } | 1249 } |
1241 | 1250 |
1242 qc->closing = 1; | 1251 qc->closing = 1; |
1243 } | 1252 } |
1244 | 1253 |