nginx: src/event/quic/ngx_event_quic

annotate src/event/quic/ngx_event_quic_migration.c @ 8946:56dec0d4e5b1 quic

QUIC: avoid excessive buffer allocations in stream output. Previously, when a few bytes were send to a QUIC stream by the application, a 4K buffer was allocated for these bytes. Then a STREAM frame was created and that entire buffer was used as data for that frame. The frame with the buffer were in use up until the frame was acked by client. Meanwhile, when more bytes were send to the stream, more buffers were allocated and assigned as data to newer STREAM frames. In this scenario most buffer memory is unused. Now the unused part of the stream output buffer is available for further stream output while earlier parts of the buffer are waiting to be acked. This is achieved by splitting the output buffer.

author	Roman Arutyunyan <arut@nginx.com>
date	Fri, 24 Dec 2021 18:13:51 +0300
parents	b7284807b4fa
children	1e2f4e9c8195

rev	line source
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	1
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	2 /*
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	3 * Copyright (C) Nginx, Inc.
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	4 */
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	5
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	6
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	7 #include <ngx_config.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	8 #include <ngx_core.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	9 #include <ngx_event.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	10 #include <ngx_event_quic_connection.h>
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	11
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	12
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	13 static void ngx_quic_set_connection_path(ngx_connection_t *c,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	14 ngx_quic_path_t *path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	15 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c,
8944 b7284807b4fa QUIC: refactored ngx_quic_validate_path(). Vladimir Homutov <vl@nginx.com> parents: 8943 diff changeset	16 ngx_quic_path_t *path);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	17 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	18 ngx_quic_path_t *path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	19 static ngx_int_t ngx_quic_path_restore(ngx_connection_t *c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	20 static ngx_quic_path_t ngx_quic_alloc_path(ngx_connection_t c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	21
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	22
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	23 ngx_int_t
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	24 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c,
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	25 ngx_quic_path_challenge_frame_t *f)
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	26 {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	27 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	28 ngx_quic_frame_t frame, *fp;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	29 ngx_quic_socket_t *qsock;
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	30 ngx_quic_connection_t *qc;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	31
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	32 qc = ngx_quic_get_connection(c);
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	33
8933 02a9ad88e2df QUIC: added missing frame initialization. Vladimir Homutov <vl@nginx.com> parents: 8932 diff changeset	34 ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
02a9ad88e2df QUIC: added missing frame initialization. Vladimir Homutov <vl@nginx.com> parents: 8932 diff changeset	35
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	36 frame.level = ssl_encryption_application;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	37 frame.type = NGX_QUIC_FT_PATH_RESPONSE;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	38 frame.u.path_response = *f;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	39
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	40 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	41 * RFC 9000, 8.2.2. Path Validation Responses
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	42 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	43 * A PATH_RESPONSE frame MUST be sent on the network path where the
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	44 * PATH_CHALLENGE frame was received.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	45 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	46 qsock = ngx_quic_get_socket(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	47 path = qsock->path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	48
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	49 /*
8901 a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	50 * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame
a951e0809044 QUIC: fixed PATH_RESPONSE frame expansion. Vladimir Homutov <vl@nginx.com> parents: 8822 diff changeset	51 * to at least the smallest allowed maximum datagram size of 1200 bytes.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	52 */
8932 501f28679d56 QUIC: refactored ngx_quic_frame_sendto() function. Vladimir Homutov <vl@nginx.com> parents: 8917 diff changeset	53 if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) {
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	54 return NGX_ERROR;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	55 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	56
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	57 if (qsock == qc->socket) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	58 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	59 * RFC 9000, 9.3.3. Off-Path Packet Forwarding
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	60 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	61 * An endpoint that receives a PATH_CHALLENGE on an active path SHOULD
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	62 * send a non-probing packet in response.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	63 */
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	64
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	65 fp = ngx_quic_alloc_frame(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	66 if (fp == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	67 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	68 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	69
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	70 fp->level = ssl_encryption_application;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	71 fp->type = NGX_QUIC_FT_PING;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	72
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	73 ngx_quic_queue_frame(qc, fp);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	74 }
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	75
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	76 return NGX_OK;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	77 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	78
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	79
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	80 ngx_int_t
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	81 ngx_quic_handle_path_response_frame(ngx_connection_t *c,
8778 5186ee5a94b9 QUIC: simplified sending 1-RTT only frames. Sergey Kandaurov <pluknet@nginx.com> parents: 8777 diff changeset	82 ngx_quic_path_challenge_frame_t *f)
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	83 {
8943 118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	84 ngx_uint_t rst;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	85 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	86 ngx_quic_path_t path, prev;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	87 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	88
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	89 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	90
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	91 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	92 * RFC 9000, 8.2.3. Successful Path Validation
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	93 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	94 * A PATH_RESPONSE frame received on any network path validates the path
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	95 * on which the PATH_CHALLENGE was sent.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	96 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	97
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	98 for (q = ngx_queue_head(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	99 q != ngx_queue_sentinel(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	100 q = ngx_queue_next(q))
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	101 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	102 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	103
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	104 if (path->state != NGX_QUIC_PATH_VALIDATING) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	105 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	106 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	107
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	108 if (ngx_memcmp(path->challenge1, f->data, sizeof(f->data)) == 0
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	109 \|\| ngx_memcmp(path->challenge2, f->data, sizeof(f->data)) == 0)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	110 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	111 goto valid;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	112 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	113 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	114
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	115 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	116 "quic stale PATH_RESPONSE ignored");
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	117
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	118 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	119
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	120 valid:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	121
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	122 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	123 * RFC 9000, 9.4. Loss Detection and Congestion Control
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	124 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	125 * On confirming a peer's ownership of its new address,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	126 * an endpoint MUST immediately reset the congestion controller
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	127 * and round-trip time estimator for the new path to initial values
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	128 * unless the only change in the peer's address is its port number.
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	129 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	130
8943 118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	131 rst = 1;
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	132
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	133 if (qc->backup) {
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	134 prev = qc->backup->path;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	135
8943 118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	136 if (ngx_cmp_sockaddr(prev->sockaddr, prev->socklen,
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	137 path->sockaddr, path->socklen, 0)
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	138 == NGX_OK)
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	139 {
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	140 /* address did not change */
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	141 rst = 0;
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	142 }
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	143 }
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	144
118a34e32121 QUIC: added missing check for backup path existence. Vladimir Homutov <vl@nginx.com> parents: 8940 diff changeset	145 if (rst) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	146 ngx_memzero(&qc->congestion, sizeof(ngx_quic_congestion_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	147
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	148 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	149 ngx_max(2 * qc->tp.max_udp_payload_size,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	150 14720));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	151 qc->congestion.ssthresh = (size_t) -1;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	152 qc->congestion.recovery_start = ngx_current_msec;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	153 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	154
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	155 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	156 * RFC 9000, 9.3. Responding to Connection Migration
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	157 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	158 * After verifying a new client address, the server SHOULD
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	159 * send new address validation tokens (Section 8) to the client.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	160 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	161
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	162 if (ngx_quic_send_new_token(c, path) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	163 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	164 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	165
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	166 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	167 "quic path #%uL successfully validated", path->seqnum);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	168
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	169 path->state = NGX_QUIC_PATH_VALIDATED;
8940 fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	170 path->limited = 0;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	171
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	172 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	173 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	174
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	175
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	176 static ngx_quic_path_t *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	177 ngx_quic_alloc_path(ngx_connection_t *c)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	178 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	179 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	180 struct sockaddr *sa;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	181 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	182 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	183
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	184 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	185
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	186 if (!ngx_queue_empty(&qc->free_paths)) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	187
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	188 q = ngx_queue_head(&qc->free_paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	189 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	190
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	191 ngx_queue_remove(&path->queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	192
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	193 sa = path->sockaddr;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	194 ngx_memzero(path, sizeof(ngx_quic_path_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	195 path->sockaddr = sa;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	196
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	197 } else {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	198
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	199 path = ngx_pcalloc(c->pool, sizeof(ngx_quic_path_t));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	200 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	201 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	202 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	203
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	204 path->sockaddr = ngx_palloc(c->pool, NGX_SOCKADDRLEN);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	205 if (path->sockaddr == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	206 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	207 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	208 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	209
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	210 return path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	211 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	212
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	213
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	214 ngx_quic_path_t *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	215 ngx_quic_add_path(ngx_connection_t c, struct sockaddr sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	216 socklen_t socklen)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	217 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	218 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	219 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	220
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	221 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	222
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	223 path = ngx_quic_alloc_path(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	224 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	225 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	226 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	227
8940 fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	228 path->state = NGX_QUIC_PATH_NEW;
fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	229 path->limited = 1;
fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	230
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	231 path->seqnum = qc->path_seqnum++;
8939 ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	232 path->last_seen = ngx_current_msec;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	233
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	234 path->socklen = socklen;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	235 ngx_memcpy(path->sockaddr, sockaddr, socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	236
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	237 path->addr_text.data = path->text;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	238 path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	239 NGX_SOCKADDR_STRLEN, 1);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	240
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	241 ngx_queue_insert_tail(&qc->paths, &path->queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	242
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	243 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	244 "quic path #%uL created src:%V",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	245 path->seqnum, &path->addr_text);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	246
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	247 return path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	248 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	249
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	250
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	251 ngx_quic_path_t *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	252 ngx_quic_find_path(ngx_connection_t c, struct sockaddr sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	253 socklen_t socklen)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	254 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	255 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	256 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	257 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	258
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	259 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	260
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	261 for (q = ngx_queue_head(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	262 q != ngx_queue_sentinel(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	263 q = ngx_queue_next(q))
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	264 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	265 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	266
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	267 if (ngx_cmp_sockaddr(sockaddr, socklen,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	268 path->sockaddr, path->socklen, 1)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	269 == NGX_OK)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	270 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	271 return path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	272 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	273 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	274
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	275 return NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	276 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	277
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	278
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	279 ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	280 ngx_quic_update_paths(ngx_connection_t c, ngx_quic_header_t pkt)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	281 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	282 off_t len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	283 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	284 ngx_quic_socket_t *qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	285 ngx_quic_client_id_t *cid;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	286 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	287
8939 ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	288 qc = ngx_quic_get_connection(c);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	289 qsock = ngx_quic_get_socket(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	290
8917 bb1d1d9d76e2 QUIC: removed excessive check. Vladimir Homutov <vl@nginx.com> parents: 8913 diff changeset	291 if (c->udp->dgram == NULL) {
8913 40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	292 /* 1st ever packet in connection, path already exists */
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	293 path = qsock->path;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	294 goto update;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	295 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	296
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	297 path = ngx_quic_find_path(c, c->udp->dgram->sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	298 c->udp->dgram->socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	299
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	300 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	301 path = ngx_quic_add_path(c, c->udp->dgram->sockaddr,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	302 c->udp->dgram->socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	303 if (path == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	304 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	305 }
8913 40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	306
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	307 if (qsock->path) {
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	308 /* NAT rebinding case: packet to same CID, but from new address */
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	309
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	310 ngx_quic_unref_path(c, qsock->path);
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	311
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	312 qsock->path = path;
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	313 path->refcnt++;
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	314
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	315 goto update;
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	316 }
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	317
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	318 } else if (qsock->path) {
40445fc7c403 QUIC: fixed migration during NAT rebinding. Vladimir Homutov <vl@nginx.com> parents: 8912 diff changeset	319 goto update;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	320 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	321
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	322 /* prefer unused client IDs if available */
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	323 cid = ngx_quic_next_client_id(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	324 if (cid == NULL) {
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	325
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	326 /* try to reuse connection ID used on the same path */
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	327 cid = ngx_quic_used_client_id(c, path);
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	328 if (cid == NULL) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	329
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	330 qc->error = NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR;
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	331 qc->error_reason = "no available client ids for new path";
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	332
8777 d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	333 ngx_log_error(NGX_LOG_ERR, c->log, 0,
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	334 "no available client ids for new path");
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	335
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	336 return NGX_ERROR;
d5f93733c17d QUIC: relaxed client id requirements. Vladimir Homutov <vl@nginx.com> parents: 8763 diff changeset	337 }
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	338 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	339
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	340 ngx_quic_connect(c, qsock, path, cid);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	341
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	342 update:
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	343
8939 ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	344 if (path->state != NGX_QUIC_PATH_NEW) {
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	345 /* force limits/revalidation for paths that were not seen recently */
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	346 if (ngx_current_msec - path->last_seen > qc->tp.max_idle_timeout) {
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	347 path->state = NGX_QUIC_PATH_NEW;
8940 fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	348 path->limited = 1;
8939 ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	349 path->sent = 0;
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	350 path->received = 0;
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	351 }
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	352 }
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	353
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	354 path->last_seen = ngx_current_msec;
ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	355
8912 50d73bf20e73 QUIC: refactored multiple QUIC packets handling. Vladimir Homutov <vl@nginx.com> parents: 8901 diff changeset	356 len = pkt->raw->last - pkt->raw->start;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	357
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	358 /* TODO: this may be too late in some cases;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	359 * for example, if error happens during decrypt(), we cannot
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	360 * send CC, if error happens in 1st packet, due to amplification
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	361 * limit, because path->received = 0
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	362 *
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	363 * should we account garbage as received or only decrypting packets?
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	364 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	365 path->received += len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	366
8940 fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	367 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, c->log, 0,
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	368 "quic packet via #%uL:%uL:%uL"
8940 fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	369 " size:%O path recvd:%O sent:%O limited:%ui",
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	370 qsock->sid.seqnum, qsock->cid->seqnum, path->seqnum,
8940 fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	371 len, path->received, path->sent, path->limited);
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	372
8737 76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	373 return NGX_OK;
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	374 }
76f476ce4d31 QUIC: distinct files for connection migration. Vladimir Homutov <vl@nginx.com> parents: diff changeset	375
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	376
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	377 static void
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	378 ngx_quic_set_connection_path(ngx_connection_t c, ngx_quic_path_t path)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	379 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	380 size_t len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	381
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	382 ngx_memcpy(c->sockaddr, path->sockaddr, path->socklen);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	383 c->socklen = path->socklen;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	384
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	385 if (c->addr_text.data) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	386 len = ngx_min(c->addr_text.len, path->addr_text.len);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	387
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	388 ngx_memcpy(c->addr_text.data, path->addr_text.data, len);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	389 c->addr_text.len = len;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	390 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	391
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	392 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	393 "quic send path set to #%uL addr:%V",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	394 path->seqnum, &path->addr_text);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	395 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	396
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	397
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	398 ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	399 ngx_quic_handle_migration(ngx_connection_t c, ngx_quic_header_t pkt)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	400 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	401 ngx_quic_path_t *next;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	402 ngx_quic_socket_t *qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	403 ngx_quic_send_ctx_t *ctx;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	404 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	405
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	406 /* got non-probing packet via non-active socket with different path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	407
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	408 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	409
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	410 /* current socket, different from active */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	411 qsock = ngx_quic_get_socket(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	412
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	413 next = qsock->path; /* going to migrate to this path... */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	414
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	415 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	416 "quic migration from #%uL:%uL:%uL (%s)"
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	417 " to #%uL:%uL:%uL (%s)",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	418 qc->socket->sid.seqnum, qc->socket->cid->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	419 qc->socket->path->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	420 ngx_quic_path_state_str(qc->socket->path),
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	421 qsock->sid.seqnum, qsock->cid->seqnum, next->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	422 ngx_quic_path_state_str(next));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	423
8939 ddd5e5c0f87d QUIC: improved path validation. Vladimir Homutov <vl@nginx.com> parents: 8933 diff changeset	424 if (next->state == NGX_QUIC_PATH_NEW) {
8944 b7284807b4fa QUIC: refactored ngx_quic_validate_path(). Vladimir Homutov <vl@nginx.com> parents: 8943 diff changeset	425 if (ngx_quic_validate_path(c, qsock->path) != NGX_OK) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	426 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	427 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	428 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	429
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	430 ctx = ngx_quic_get_send_ctx(qc, pkt->level);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	431
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	432 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	433 * RFC 9000, 9.3. Responding to Connection Migration
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	434 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	435 * An endpoint only changes the address to which it sends packets in
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	436 * response to the highest-numbered non-probing packet.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	437 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	438 if (pkt->pn != ctx->largest_pn) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	439 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	440 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	441
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	442 /* switching connection to new path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	443
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	444 ngx_quic_set_connection_path(c, next);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	445
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	446 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	447 * RFC 9000, 9.5. Privacy Implications of Connection Migration
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	448 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	449 * An endpoint MUST NOT reuse a connection ID when sending to
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	450 * more than one destination address.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	451 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	452
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	453 /* preserve valid path we are migrating from */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	454 if (qc->socket->path->state == NGX_QUIC_PATH_VALIDATED) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	455
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	456 if (qc->backup) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	457 ngx_quic_close_socket(c, qc->backup);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	458 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	459
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	460 qc->backup = qc->socket;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	461
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	462 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	463 "quic backup socket is now #%uL:%uL:%uL (%s)",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	464 qc->backup->sid.seqnum, qc->backup->cid->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	465 qc->backup->path->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	466 ngx_quic_path_state_str(qc->backup->path));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	467 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	468
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	469 qc->socket = qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	470
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	471 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	472 "quic active socket is now #%uL:%uL:%uL (%s)",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	473 qsock->sid.seqnum, qsock->cid->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	474 qsock->path->seqnum, ngx_quic_path_state_str(qsock->path));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	475
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	476 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	477 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	478
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	479
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	480 static ngx_int_t
8944 b7284807b4fa QUIC: refactored ngx_quic_validate_path(). Vladimir Homutov <vl@nginx.com> parents: 8943 diff changeset	481 ngx_quic_validate_path(ngx_connection_t c, ngx_quic_path_t path)
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	482 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	483 ngx_msec_t pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	484 ngx_quic_send_ctx_t *ctx;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	485 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	486
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	487 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	488
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	489 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	490 "quic initiated validation of new path #%uL",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	491 path->seqnum);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	492
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	493 path->state = NGX_QUIC_PATH_VALIDATING;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	494
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	495 if (RAND_bytes(path->challenge1, 8) != 1) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	496 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	497 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	498
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	499 if (RAND_bytes(path->challenge2, 8) != 1) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	500 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	501 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	502
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	503 if (ngx_quic_send_path_challenge(c, path) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	504 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	505 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	506
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	507 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	508 pto = ngx_quic_pto(c, ctx);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	509
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	510 path->expires = ngx_current_msec + pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	511 path->tries = NGX_QUIC_PATH_RETRIES;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	512
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	513 if (!qc->path_validation.timer_set) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	514 ngx_add_timer(&qc->path_validation, pto);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	515 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	516
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	517 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	518 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	519
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	520
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	521 static ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	522 ngx_quic_send_path_challenge(ngx_connection_t c, ngx_quic_path_t path)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	523 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	524 ngx_quic_frame_t frame;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	525
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	526 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	527 "quic path #%uL send path challenge tries:%ui",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	528 path->seqnum, path->tries);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	529
8933 02a9ad88e2df QUIC: added missing frame initialization. Vladimir Homutov <vl@nginx.com> parents: 8932 diff changeset	530 ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
02a9ad88e2df QUIC: added missing frame initialization. Vladimir Homutov <vl@nginx.com> parents: 8932 diff changeset	531
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	532 frame.level = ssl_encryption_application;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	533 frame.type = NGX_QUIC_FT_PATH_CHALLENGE;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	534
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	535 ngx_memcpy(frame.u.path_challenge.data, path->challenge1, 8);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	536
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	537 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	538 * RFC 9000, 8.2.1. Initiating Path Validation
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	539 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	540 * An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	541 * to at least the smallest allowed maximum datagram size of 1200 bytes,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	542 * unless the anti-amplification limit for the path does not permit
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	543 * sending a datagram of this size.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	544 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	545
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	546 /* same applies to PATH_RESPONSE frames */
8932 501f28679d56 QUIC: refactored ngx_quic_frame_sendto() function. Vladimir Homutov <vl@nginx.com> parents: 8917 diff changeset	547 if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	548 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	549 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	550
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	551 ngx_memcpy(frame.u.path_challenge.data, path->challenge2, 8);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	552
8932 501f28679d56 QUIC: refactored ngx_quic_frame_sendto() function. Vladimir Homutov <vl@nginx.com> parents: 8917 diff changeset	553 if (ngx_quic_frame_sendto(c, &frame, 1200, path) != NGX_OK) {
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	554 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	555 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	556
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	557 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	558 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	559
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	560
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	561 void
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	562 ngx_quic_path_validation_handler(ngx_event_t *ev)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	563 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	564 ngx_msec_t now;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	565 ngx_queue_t *q;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	566 ngx_msec_int_t left, next, pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	567 ngx_quic_path_t *path;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	568 ngx_connection_t *c;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	569 ngx_quic_send_ctx_t *ctx;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	570 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	571
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	572 c = ev->data;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	573 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	574
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	575 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	576 pto = ngx_quic_pto(c, ctx);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	577
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	578 next = -1;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	579 now = ngx_current_msec;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	580
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	581 for (q = ngx_queue_head(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	582 q != ngx_queue_sentinel(&qc->paths);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	583 q = ngx_queue_next(q))
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	584 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	585 path = ngx_queue_data(q, ngx_quic_path_t, queue);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	586
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	587 if (path->state != NGX_QUIC_PATH_VALIDATING) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	588 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	589 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	590
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	591 left = path->expires - now;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	592
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	593 if (left > 0) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	594
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	595 if (next == -1 \|\| left < next) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	596 next = path->expires;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	597 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	598
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	599 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	600 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	601
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	602 if (--path->tries) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	603 path->expires = ngx_current_msec + pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	604
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	605 if (next == -1 \|\| pto < next) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	606 next = pto;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	607 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	608
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	609 /* retransmit */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	610 (void) ngx_quic_send_path_challenge(c, path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	611
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	612 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	613 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	614
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	615 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	616 "quic path #%uL validation failed", path->seqnum);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	617
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	618 /* found expired path */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	619
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	620 path->state = NGX_QUIC_PATH_NEW;
8940 fb41e37ddeb0 QUIC: decoupled path state and limitation status. Vladimir Homutov <vl@nginx.com> parents: 8939 diff changeset	621 path->limited = 1;
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	622
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	623 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	624 * RFC 9000, 9.4. Loss Detection and Congestion Control
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	625 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	626 * If the timer fires before the PATH_RESPONSE is received, the
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	627 * endpoint might send a new PATH_CHALLENGE and restart the timer for
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	628 * a longer period of time. This timer SHOULD be set as described in
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	629 * Section 6.2.1 of [QUIC-RECOVERY] and MUST NOT be more aggressive.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	630 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	631
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	632 if (qc->socket->path != path) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	633 /* the path was not actually used */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	634 continue;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	635 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	636
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	637 if (ngx_quic_path_restore(c) != NGX_OK) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	638 qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	639 qc->error_reason = "no viable path";
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	640 ngx_quic_close_connection(c, NGX_ERROR);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	641 return;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	642 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	643 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	644
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	645 if (next != -1) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	646 ngx_add_timer(&qc->path_validation, next);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	647 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	648 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	649
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	650
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	651 static ngx_int_t
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	652 ngx_quic_path_restore(ngx_connection_t *c)
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	653 {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	654 ngx_quic_socket_t *qsock;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	655 ngx_quic_connection_t *qc;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	656
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	657 qc = ngx_quic_get_connection(c);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	658
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	659 /*
8797 4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	660 * RFC 9000, 9.1. Probing a New Path
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	661 *
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	662 * Failure to validate a path does not cause the connection to end
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	663 *
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	664 * RFC 9000, 9.3.2. On-Path Address Spoofing
4715f3e669f1 QUIC: updated specification references. Sergey Kandaurov <pluknet@nginx.com> parents: 8778 diff changeset	665 *
8763 4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	666 * To protect the connection from failing due to such a spurious
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	667 * migration, an endpoint MUST revert to using the last validated
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	668 * peer address when validation of a new peer address fails.
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	669 */
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	670
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	671 if (qc->backup == NULL) {
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	672 return NGX_ERROR;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	673 }
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	674
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	675 qc->socket = qc->backup;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	676 qc->backup = NULL;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	677
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	678 qsock = qc->socket;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	679
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	680 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	681 "quic active socket is restored to #%uL:%uL:%uL"
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	682 " (%s), no backup",
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	683 qsock->sid.seqnum, qsock->cid->seqnum, qsock->path->seqnum,
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	684 ngx_quic_path_state_str(qsock->path));
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	685
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	686 ngx_quic_set_connection_path(c, qsock->path);
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	687
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	688 return NGX_OK;
4117aa7fa38e QUIC: connection migration. Vladimir Homutov <vl@nginx.com> parents: 8747 diff changeset	689 }

Mercurial > hg > nginx

annotate src/event/quic/ngx_event_quic_migration.c @ 8946:56dec0d4e5b1 quic