Mercurial > hg > nginx
annotate src/event/ngx_event_quic.c @ 8305:e35f824f644d quic
Added missing debug description.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Wed, 01 Apr 2020 17:21:52 +0300 |
| parents | 90f94413177e |
| children | 058a5af7ddfc |
| rev | line source |
|---|---|
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2 /* |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
4 */ |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
5 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
6 |
| 8171 | 7 #include <ngx_config.h> |
| 8 #include <ngx_core.h> | |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
9 #include <ngx_event.h> |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
10 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
11 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
12 typedef enum { |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
13 NGX_QUIC_ST_INITIAL, /* connection just created */ |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
14 NGX_QUIC_ST_HANDSHAKE, /* handshake started */ |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
15 NGX_QUIC_ST_EARLY_DATA, /* handshake in progress */ |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
16 NGX_QUIC_ST_APPLICATION /* handshake complete */ |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
17 } ngx_quic_state_t; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
18 |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
19 |
| 8225 | 20 typedef struct { |
| 21 ngx_rbtree_t tree; | |
| 22 ngx_rbtree_node_t sentinel; | |
| 23 ngx_connection_handler_pt handler; | |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
24 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
25 ngx_uint_t id_counter; |
| 8225 | 26 } ngx_quic_streams_t; |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
27 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
28 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
29 struct ngx_quic_connection_s { |
| 8225 | 30 ngx_str_t scid; |
| 31 ngx_str_t dcid; | |
| 32 ngx_str_t token; | |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
33 |
|
8260
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
34 ngx_uint_t client_tp_done; |
|
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
35 ngx_quic_tp_t tp; |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
36 ngx_quic_tp_t ctp; |
|
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
37 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
38 ngx_quic_state_t state; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
39 |
| 8225 | 40 /* current packet numbers for each namespace */ |
| 41 ngx_uint_t initial_pn; | |
| 42 ngx_uint_t handshake_pn; | |
| 43 ngx_uint_t appdata_pn; | |
|
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
44 |
| 8225 | 45 ngx_quic_secrets_t secrets; |
| 46 ngx_ssl_t *ssl; | |
| 47 ngx_quic_frame_t *frames; | |
| 8286 | 48 ngx_quic_frame_t *free_frames; |
| 49 | |
| 50 #if (NGX_DEBUG) | |
| 51 ngx_uint_t nframes; | |
| 52 #endif | |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
53 |
| 8225 | 54 ngx_quic_streams_t streams; |
|
8237
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
55 ngx_uint_t max_data; |
|
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
56 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
57 unsigned send_timer_set:1; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
58 unsigned closing:1; |
|
8259
9e9eab876964
Fixed CRYPTO offset generation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8258
diff
changeset
|
59 |
|
9e9eab876964
Fixed CRYPTO offset generation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8258
diff
changeset
|
60 #define SSL_ECRYPTION_LAST ((ssl_encryption_application) + 1) |
|
9e9eab876964
Fixed CRYPTO offset generation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8258
diff
changeset
|
61 uint64_t crypto_offset[SSL_ECRYPTION_LAST]; |
| 8225 | 62 }; |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
63 |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
64 |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
65 #if BORINGSSL_API_VERSION >= 10 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
66 static int ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
67 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
68 const uint8_t *secret, size_t secret_len); |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
69 static int ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
70 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
71 const uint8_t *secret, size_t secret_len); |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
72 #else |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
73 static int ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
74 enum ssl_encryption_level_t level, const uint8_t *read_secret, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
75 const uint8_t *write_secret, size_t secret_len); |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
76 #endif |
| 8225 | 77 |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
78 static int ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
79 enum ssl_encryption_level_t level, const uint8_t *data, size_t len); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
80 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
81 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
82 enum ssl_encryption_level_t level, uint8_t alert); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
83 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
84 |
| 8225 | 85 static ngx_int_t ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
86 ngx_quic_tp_t *tp, ngx_quic_header_t *pkt, |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
87 ngx_connection_handler_pt handler); |
| 8225 | 88 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
89 static void ngx_quic_input_handler(ngx_event_t *rev); |
| 8225 | 90 static void ngx_quic_close_connection(ngx_connection_t *c); |
| 91 | |
| 92 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b); | |
| 93 static ngx_int_t ngx_quic_initial_input(ngx_connection_t *c, | |
| 94 ngx_quic_header_t *pkt); | |
| 95 static ngx_int_t ngx_quic_handshake_input(ngx_connection_t *c, | |
| 96 ngx_quic_header_t *pkt); | |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
97 static ngx_int_t ngx_quic_early_input(ngx_connection_t *c, |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
98 ngx_quic_header_t *pkt); |
| 8225 | 99 static ngx_int_t ngx_quic_app_input(ngx_connection_t *c, |
| 100 ngx_quic_header_t *pkt); | |
| 101 static ngx_int_t ngx_quic_payload_handler(ngx_connection_t *c, | |
| 102 ngx_quic_header_t *pkt); | |
| 103 | |
| 104 static ngx_int_t ngx_quic_handle_ack_frame(ngx_connection_t *c, | |
| 105 ngx_quic_header_t *pkt, ngx_quic_ack_frame_t *f); | |
| 106 static ngx_int_t ngx_quic_handle_crypto_frame(ngx_connection_t *c, | |
| 107 ngx_quic_header_t *pkt, ngx_quic_crypto_frame_t *frame); | |
| 108 static ngx_int_t ngx_quic_handle_stream_frame(ngx_connection_t *c, | |
| 109 ngx_quic_header_t *pkt, ngx_quic_stream_frame_t *frame); | |
|
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
110 static ngx_int_t ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
111 ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f); |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
112 static ngx_int_t ngx_quic_handle_stream_data_blocked_frame(ngx_connection_t *c, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
113 ngx_quic_header_t *pkt, ngx_quic_stream_data_blocked_frame_t *f); |
| 8225 | 114 |
| 115 static void ngx_quic_queue_frame(ngx_quic_connection_t *qc, | |
| 116 ngx_quic_frame_t *frame); | |
| 117 | |
| 118 static ngx_int_t ngx_quic_output(ngx_connection_t *c); | |
| 119 ngx_int_t ngx_quic_frames_send(ngx_connection_t *c, ngx_quic_frame_t *start, | |
| 120 ngx_quic_frame_t *end, size_t total); | |
| 121 | |
| 122 static void ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, | |
| 123 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); | |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
124 static ngx_quic_stream_t *ngx_quic_find_stream(ngx_rbtree_t *rbtree, |
|
8284
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
125 uint64_t id); |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
126 static ngx_quic_stream_t *ngx_quic_create_stream(ngx_connection_t *c, |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
127 uint64_t id, size_t rcvbuf_size); |
|
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
128 static ssize_t ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, |
|
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
129 size_t size); |
|
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
130 static ssize_t ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, |
|
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
131 size_t size); |
|
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
132 static void ngx_quic_stream_cleanup_handler(void *data); |
|
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
133 static ngx_chain_t *ngx_quic_stream_send_chain(ngx_connection_t *c, |
|
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
134 ngx_chain_t *in, off_t limit); |
| 8286 | 135 static ngx_quic_frame_t *ngx_quic_alloc_frame(ngx_connection_t *c, size_t size); |
| 136 static void ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame); | |
|
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
137 |
| 8225 | 138 |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
139 static SSL_QUIC_METHOD quic_method = { |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
140 #if BORINGSSL_API_VERSION >= 10 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
141 ngx_quic_set_read_secret, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
142 ngx_quic_set_write_secret, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
143 #else |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
144 ngx_quic_set_encryption_secrets, |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
145 #endif |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
146 ngx_quic_add_handshake_data, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
147 ngx_quic_flush_flight, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
148 ngx_quic_send_alert, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
149 }; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
150 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
151 |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
152 #if BORINGSSL_API_VERSION >= 10 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
153 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
154 static int |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
155 ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
156 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
157 const uint8_t *rsecret, size_t secret_len) |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
158 { |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
159 ngx_connection_t *c; |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
160 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
161 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
162 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
163 ngx_quic_hexdump(c->log, "level:%d read secret", |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
164 rsecret, secret_len, level); |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
165 |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
166 if (level == ssl_encryption_early_data) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
167 c->quic->state = NGX_QUIC_ST_EARLY_DATA; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
168 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
169 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
170 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
171 rsecret, secret_len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
172 &c->quic->secrets.client); |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
173 } |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
174 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
175 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
176 static int |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
177 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
178 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
179 const uint8_t *wsecret, size_t secret_len) |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
180 { |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
181 ngx_connection_t *c; |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
182 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
183 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
184 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
185 ngx_quic_hexdump(c->log, "level:%d write secret", |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
186 wsecret, secret_len, level); |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
187 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
188 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
189 wsecret, secret_len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
190 &c->quic->secrets.server); |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
191 } |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
192 |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
193 #else |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
194 |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
195 static int |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
196 ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
197 enum ssl_encryption_level_t level, const uint8_t *rsecret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
198 const uint8_t *wsecret, size_t secret_len) |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
199 { |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
200 ngx_int_t rc; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
201 ngx_connection_t *c; |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
202 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
203 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
204 |
|
8222
bec4cd55361e
Fixed a typo with OpenSSL.
Vladimir Homutov <vl@nginx.com>
parents:
8221
diff
changeset
|
205 ngx_quic_hexdump(c->log, "level:%d read", rsecret, secret_len, level); |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
206 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
207 rc = ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
208 rsecret, secret_len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
209 &c->quic->secrets.client); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
210 if (rc != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
211 return rc; |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
212 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
213 |
|
8303
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8302
diff
changeset
|
214 if (level == ssl_encryption_early_data) { |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
215 c->quic->state = NGX_QUIC_ST_EARLY_DATA; |
|
8303
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8302
diff
changeset
|
216 return 1; |
|
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8302
diff
changeset
|
217 } |
|
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8302
diff
changeset
|
218 |
|
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8302
diff
changeset
|
219 ngx_quic_hexdump(c->log, "level:%d write", wsecret, secret_len, level); |
|
2ac03e80d013
TLS Early Data key derivation support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8302
diff
changeset
|
220 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
221 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
222 wsecret, secret_len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
223 &c->quic->secrets.server); |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
224 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
225 |
|
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
226 #endif |
|
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
227 |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
228 |
|
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
229 static int |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
230 ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
231 enum ssl_encryption_level_t level, const uint8_t *data, size_t len) |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
232 { |
|
8260
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
233 u_char *p, *end; |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
234 size_t client_params_len; |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
235 const uint8_t *client_params; |
| 8225 | 236 ngx_quic_frame_t *frame; |
| 237 ngx_connection_t *c; | |
| 238 ngx_quic_connection_t *qc; | |
|
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
239 |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
240 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
241 qc = c->quic; |
|
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
242 |
|
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
243 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
244 "ngx_quic_add_handshake_data"); |
|
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
245 |
|
8260
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
246 /* XXX: obtain client parameters after the handshake? */ |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
247 if (!qc->client_tp_done) { |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
248 |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
249 SSL_get_peer_quic_transport_params(ssl_conn, &client_params, |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
250 &client_params_len); |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
251 |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
252 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
253 "SSL_get_peer_quic_transport_params(): params_len %ui", |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
254 client_params_len); |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
255 |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
256 if (client_params_len != 0) { |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
257 p = (u_char *) client_params; |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
258 end = p + client_params_len; |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
259 |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
260 if (ngx_quic_parse_transport_params(p, end, &qc->ctp, c->log) |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
261 != NGX_OK) |
|
8260
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
262 { |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
263 return NGX_ERROR; |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
264 } |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
265 |
|
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
266 if (qc->ctp.max_idle_timeout > 0 |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
267 && qc->ctp.max_idle_timeout < qc->tp.max_idle_timeout) |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
268 { |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
269 qc->tp.max_idle_timeout = qc->ctp.max_idle_timeout; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
270 } |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
271 |
|
8260
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
272 qc->client_tp_done = 1; |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
273 } |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
274 } |
|
f388c0ad3477
Added processing of client transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8259
diff
changeset
|
275 |
| 8286 | 276 frame = ngx_quic_alloc_frame(c, len); |
|
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
277 if (frame == NULL) { |
|
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
278 return 0; |
|
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
279 } |
|
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
280 |
| 8286 | 281 ngx_memcpy(frame->data, data, len); |
|
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
282 |
|
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
283 frame->level = level; |
|
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
284 frame->type = NGX_QUIC_FT_CRYPTO; |
|
8259
9e9eab876964
Fixed CRYPTO offset generation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8258
diff
changeset
|
285 frame->u.crypto.offset += qc->crypto_offset[level]; |
|
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
286 frame->u.crypto.len = len; |
| 8286 | 287 frame->u.crypto.data = frame->data; |
|
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
288 |
|
8259
9e9eab876964
Fixed CRYPTO offset generation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8258
diff
changeset
|
289 qc->crypto_offset[level] += len; |
|
9e9eab876964
Fixed CRYPTO offset generation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8258
diff
changeset
|
290 |
|
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
291 ngx_sprintf(frame->info, "crypto, generated by SSL len=%ui level=%d", len, level); |
|
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
292 |
|
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
293 ngx_quic_queue_frame(qc, frame); |
|
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
294 |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
295 return 1; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
296 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
297 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
298 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
299 static int |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
300 ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn) |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
301 { |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
302 ngx_connection_t *c; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
303 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
304 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
305 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
306 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "ngx_quic_flush_flight()"); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
307 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
308 return 1; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
309 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
310 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
311 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
312 static int |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
313 ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
314 uint8_t alert) |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
315 { |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
316 ngx_connection_t *c; |
|
8235
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
317 ngx_quic_frame_t *frame; |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
318 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
319 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
320 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
321 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
322 "ngx_quic_send_alert(), lvl=%d, alert=%d", |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
323 (int) level, (int) alert); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
324 |
| 8286 | 325 frame = ngx_quic_alloc_frame(c, 0); |
|
8235
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
326 if (frame == NULL) { |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
327 return 0; |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
328 } |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
329 |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
330 frame->level = level; |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
331 frame->type = NGX_QUIC_FT_CONNECTION_CLOSE; |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
332 frame->u.close.error_code = 0x100 + alert; |
|
8305
e35f824f644d
Added missing debug description.
Vladimir Homutov <vl@nginx.com>
parents:
8304
diff
changeset
|
333 ngx_sprintf(frame->info, "cc from send_alert level=%d", frame->level); |
|
8235
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
334 |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
335 ngx_quic_queue_frame(c->quic, frame); |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
336 |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
337 if (ngx_quic_output(c) != NGX_OK) { |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
338 return 0; |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
339 } |
|
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
340 |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
341 return 1; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
342 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
343 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
344 |
| 8225 | 345 void |
|
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
346 ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp, |
|
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
347 ngx_connection_handler_pt handler) |
| 8225 | 348 { |
| 349 ngx_buf_t *b; | |
| 350 ngx_quic_header_t pkt; | |
| 351 | |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
352 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
| 8225 | 353 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
354 c->log->action = "QUIC initialization"; |
| 8225 | 355 |
| 356 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | |
| 357 | |
| 358 b = c->buffer; | |
| 359 | |
| 360 pkt.log = c->log; | |
| 361 pkt.raw = b; | |
| 362 pkt.data = b->start; | |
| 363 pkt.len = b->last - b->start; | |
| 364 | |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
365 if (ngx_quic_new_connection(c, ssl, tp, &pkt, handler) != NGX_OK) { |
| 8225 | 366 ngx_quic_close_connection(c); |
| 367 return; | |
| 368 } | |
| 369 | |
|
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
370 ngx_add_timer(c->read, c->quic->tp.max_idle_timeout); |
| 8225 | 371 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
372 c->read->handler = ngx_quic_input_handler; |
| 8225 | 373 |
| 374 return; | |
| 375 } | |
| 376 | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
377 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
378 static ngx_int_t |
|
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
379 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp, |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
380 ngx_quic_header_t *pkt, ngx_connection_handler_pt handler) |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
381 { |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
382 ngx_quic_tp_t *ctp; |
| 8225 | 383 ngx_quic_connection_t *qc; |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
384 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
385 |
| 8225 | 386 if (ngx_buf_size(pkt->raw) < 1200) { |
| 387 ngx_log_error(NGX_LOG_INFO, c->log, 0, "too small UDP datagram"); | |
| 388 return NGX_ERROR; | |
| 389 } | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
390 |
| 8225 | 391 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
392 return NGX_ERROR; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
393 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
394 |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
395 if (!ngx_quic_pkt_in(pkt->flags)) { |
| 8225 | 396 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 397 "invalid initial packet: 0x%xi", pkt->flags); | |
| 398 return NGX_ERROR; | |
| 399 } | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
400 |
| 8225 | 401 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
| 402 return NGX_ERROR; | |
| 403 } | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
404 |
| 8275 | 405 c->log->action = "creating new quic connection"; |
| 406 | |
| 8225 | 407 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
| 408 if (qc == NULL) { | |
| 409 return NGX_ERROR; | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
410 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
411 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
412 qc->state = NGX_QUIC_ST_INITIAL; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
413 |
| 8225 | 414 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
| 415 ngx_quic_rbtree_insert_stream); | |
| 416 | |
| 417 c->quic = qc; | |
| 418 qc->ssl = ssl; | |
|
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
419 qc->tp = *tp; |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
420 qc->streams.handler = handler; |
| 8225 | 421 |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
422 ctp = &qc->ctp; |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
423 ctp->max_packet_size = NGX_QUIC_DEFAULT_MAX_PACKET_SIZE; |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
424 ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
425 ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
426 |
| 8225 | 427 qc->dcid.len = pkt->dcid.len; |
| 428 qc->dcid.data = ngx_pnalloc(c->pool, pkt->dcid.len); | |
| 429 if (qc->dcid.data == NULL) { | |
| 430 return NGX_ERROR; | |
| 431 } | |
| 432 ngx_memcpy(qc->dcid.data, pkt->dcid.data, qc->dcid.len); | |
| 433 | |
| 434 qc->scid.len = pkt->scid.len; | |
| 435 qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len); | |
| 436 if (qc->scid.data == NULL) { | |
| 437 return NGX_ERROR; | |
| 438 } | |
| 439 ngx_memcpy(qc->scid.data, pkt->scid.data, qc->scid.len); | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
440 |
| 8225 | 441 qc->token.len = pkt->token.len; |
| 442 qc->token.data = ngx_pnalloc(c->pool, qc->token.len); | |
| 443 if (qc->token.data == NULL) { | |
| 444 return NGX_ERROR; | |
| 445 } | |
| 446 ngx_memcpy(qc->token.data, pkt->token.data, qc->token.len); | |
| 447 | |
| 448 | |
| 449 if (ngx_quic_set_initial_secret(c->pool, &qc->secrets, &qc->dcid) | |
| 450 != NGX_OK) | |
| 451 { | |
| 452 return NGX_ERROR; | |
| 453 } | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
454 |
| 8225 | 455 pkt->secret = &qc->secrets.client.in; |
| 456 pkt->level = ssl_encryption_initial; | |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
457 pkt->plaintext = buf; |
| 8225 | 458 |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
459 if (ngx_quic_decrypt(pkt, NULL) != NGX_OK) { |
| 8225 | 460 return NGX_ERROR; |
| 461 } | |
| 462 | |
| 463 if (ngx_quic_init_connection(c) != NGX_OK) { | |
| 464 return NGX_ERROR; | |
| 465 } | |
| 466 | |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
467 if (ngx_quic_payload_handler(c, pkt) != NGX_OK) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
468 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
469 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
470 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
471 /* pos is at header end, adjust by actual packet length */ |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
472 pkt->raw->pos += pkt->len; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
473 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
474 return ngx_quic_input(c, pkt->raw); |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
475 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
476 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
477 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
478 static ngx_int_t |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
479 ngx_quic_init_connection(ngx_connection_t *c) |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
480 { |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
481 int n, sslerr; |
|
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
482 u_char *p; |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
483 ssize_t len; |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
484 ngx_ssl_conn_t *ssl_conn; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
485 ngx_quic_connection_t *qc; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
486 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
487 qc = c->quic; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
488 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
489 if (ngx_ssl_create_connection(qc->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
490 return NGX_ERROR; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
491 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
492 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
493 ssl_conn = c->ssl->connection; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
494 |
|
8232
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
495 if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { |
|
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
496 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
497 "SSL_set_quic_method() failed"); |
|
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
498 return NGX_ERROR; |
|
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
499 } |
|
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
500 |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
501 #ifdef SSL_READ_EARLY_DATA_SUCCESS |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
502 if (SSL_CTX_get_max_early_data(qc->ssl->ctx)) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
503 SSL_set_quic_early_data_enabled(ssl_conn, 1); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
504 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
505 #endif |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
506 |
|
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
507 len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp); |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
508 /* always succeeds */ |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
509 |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
510 p = ngx_pnalloc(c->pool, len); |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
511 if (p == NULL) { |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
512 return NGX_ERROR; |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
513 } |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
514 |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
515 len = ngx_quic_create_transport_params(p, p + len, &qc->tp); |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
516 if (len < 0) { |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
517 return NGX_ERROR; |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
518 } |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
519 |
|
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
520 if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
521 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
522 "SSL_set_quic_transport_params() failed"); |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
523 return NGX_ERROR; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
524 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
525 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
526 qc->state = NGX_QUIC_ST_HANDSHAKE; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
527 |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
528 n = SSL_do_handshake(ssl_conn); |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
529 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
530 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
531 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
532 if (n == -1) { |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
533 sslerr = SSL_get_error(ssl_conn, n); |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
534 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
535 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
536 sslerr); |
|
8300
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8299
diff
changeset
|
537 |
|
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8299
diff
changeset
|
538 if (sslerr != SSL_ERROR_WANT_READ) { |
|
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8299
diff
changeset
|
539 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); |
|
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8299
diff
changeset
|
540 return NGX_ERROR; |
|
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8299
diff
changeset
|
541 } |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
542 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
543 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
544 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
545 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
546 (int) SSL_quic_read_level(ssl_conn), |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
547 (int) SSL_quic_write_level(ssl_conn)); |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
548 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
549 return NGX_OK; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
550 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
551 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
552 |
| 8225 | 553 static void |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
554 ngx_quic_input_handler(ngx_event_t *rev) |
|
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
555 { |
|
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
556 ssize_t n; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
557 ngx_buf_t b; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
558 ngx_connection_t *c; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
559 ngx_quic_connection_t *qc; |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
560 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
|
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
561 |
| 8225 | 562 b.start = buf; |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
563 b.end = buf + sizeof(buf); |
| 8225 | 564 b.pos = b.last = b.start; |
|
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
565 |
| 8225 | 566 c = rev->data; |
|
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
567 qc = c->quic; |
|
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
568 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
569 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); |
|
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
570 |
|
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
571 if (qc->closing) { |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
572 ngx_quic_close_connection(c); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
573 return; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
574 } |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
575 |
| 8225 | 576 if (rev->timedout) { |
| 577 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); | |
| 578 ngx_quic_close_connection(c); | |
| 579 return; | |
|
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
580 } |
|
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
581 |
| 8225 | 582 if (c->close) { |
| 583 ngx_quic_close_connection(c); | |
| 584 return; | |
| 585 } | |
|
8220
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8218
diff
changeset
|
586 |
| 8225 | 587 n = c->recv(c, b.start, b.end - b.start); |
| 8215 | 588 |
| 8225 | 589 if (n == NGX_AGAIN) { |
| 590 return; | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
591 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
592 |
| 8225 | 593 if (n == NGX_ERROR) { |
| 594 c->read->eof = 1; | |
| 595 ngx_quic_close_connection(c); | |
| 596 return; | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
597 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
598 |
| 8225 | 599 b.last += n; |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
600 |
| 8225 | 601 if (ngx_quic_input(c, &b) != NGX_OK) { |
| 602 ngx_quic_close_connection(c); | |
| 603 return; | |
| 604 } | |
|
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
605 |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
606 qc->send_timer_set = 0; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
607 ngx_add_timer(rev, qc->tp.max_idle_timeout); |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
608 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
609 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
610 |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
611 static void |
| 8225 | 612 ngx_quic_close_connection(ngx_connection_t *c) |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
613 { |
|
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
614 #if (NGX_DEBUG) |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
615 ngx_uint_t ns; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
616 #endif |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
617 ngx_pool_t *pool; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
618 ngx_event_t *rev; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
619 ngx_rbtree_t *tree; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
620 ngx_rbtree_node_t *node; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
621 ngx_quic_stream_t *qs; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
622 ngx_quic_connection_t *qc; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
623 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
624 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "close quic connection"); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
625 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
626 qc = c->quic; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
627 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
628 if (qc) { |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
629 tree = &qc->streams.tree; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
630 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
631 if (tree->root != tree->sentinel) { |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
632 if (c->read->timer_set) { |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
633 ngx_del_timer(c->read); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
634 } |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
635 |
|
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
636 #if (NGX_DEBUG) |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
637 ns = 0; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
638 #endif |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
639 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
640 for (node = ngx_rbtree_min(tree->root, tree->sentinel); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
641 node; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
642 node = ngx_rbtree_next(tree, node)) |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
643 { |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
644 qs = (ngx_quic_stream_t *) node; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
645 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
646 rev = qs->c->read; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
647 rev->ready = 1; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
648 rev->pending_eof = 1; |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
649 |
|
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
650 ngx_post_event(rev, &ngx_posted_events); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
651 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
652 #if (NGX_DEBUG) |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
653 ns++; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
654 #endif |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
655 } |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
656 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
657 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
658 "quic connection has %ui active streams", ns); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
659 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
660 qc->closing = 1; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
661 return; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
662 } |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
663 } |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
664 |
| 8225 | 665 if (c->ssl) { |
| 666 (void) ngx_ssl_shutdown(c); | |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
667 } |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
668 |
| 8225 | 669 #if (NGX_STAT_STUB) |
| 670 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); | |
| 671 #endif | |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
672 |
| 8225 | 673 c->destroyed = 1; |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
674 |
| 8225 | 675 pool = c->pool; |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
676 |
| 8225 | 677 ngx_close_connection(c); |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
678 |
| 8225 | 679 ngx_destroy_pool(pool); |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
680 } |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
681 |
|
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
682 |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
683 static ngx_int_t |
| 8225 | 684 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b) |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
685 { |
| 8225 | 686 u_char *p; |
| 687 ngx_int_t rc; | |
| 688 ngx_quic_header_t pkt; | |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
689 |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
690 p = b->pos; |
|
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
691 |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
692 while (p < b->last) { |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
693 c->log->action = "processing quic packet"; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
694 |
| 8225 | 695 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
| 696 pkt.raw = b; | |
| 697 pkt.data = p; | |
| 698 pkt.len = b->last - p; | |
| 699 pkt.log = c->log; | |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
700 pkt.flags = p[0]; |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
701 |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
702 if (pkt.flags == 0) { |
| 8225 | 703 /* XXX: no idea WTF is this, just ignore */ |
| 704 ngx_log_error(NGX_LOG_ALERT, c->log, 0, "FIREFOX: ZEROES"); | |
| 705 break; | |
| 706 } | |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
707 |
| 8225 | 708 // TODO: check current state |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
709 if (ngx_quic_long_pkt(pkt.flags)) { |
| 8225 | 710 |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
711 if (ngx_quic_pkt_in(pkt.flags)) { |
| 8225 | 712 rc = ngx_quic_initial_input(c, &pkt); |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
713 |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
714 } else if (ngx_quic_pkt_hs(pkt.flags)) { |
| 8225 | 715 rc = ngx_quic_handshake_input(c, &pkt); |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
716 |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
717 } else if (ngx_quic_pkt_zrtt(pkt.flags)) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
718 rc = ngx_quic_early_input(c, &pkt); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
719 |
| 8225 | 720 } else { |
| 721 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 722 "BUG: unknown quic state"); | |
| 723 return NGX_ERROR; | |
| 724 } | |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
725 |
| 8225 | 726 } else { |
| 727 rc = ngx_quic_app_input(c, &pkt); | |
| 728 } | |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
729 |
|
8267
a8349cc72c64
Avoid using QUIC connection after CONNECTION_CLOSE.
Roman Arutyunyan <arut@nginx.com>
parents:
8266
diff
changeset
|
730 if (rc != NGX_OK) { |
|
a8349cc72c64
Avoid using QUIC connection after CONNECTION_CLOSE.
Roman Arutyunyan <arut@nginx.com>
parents:
8266
diff
changeset
|
731 return rc; |
| 8225 | 732 } |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
733 |
| 8225 | 734 /* b->pos is at header end, adjust by actual packet length */ |
| 735 p = b->pos + pkt.len; | |
| 736 b->pos = p; /* reset b->pos to the next packet start */ | |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
737 } |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
738 |
| 8225 | 739 return NGX_OK; |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
740 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
741 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
742 |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
743 static ngx_int_t |
| 8223 | 744 ngx_quic_initial_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
| 745 { | |
| 746 ngx_ssl_conn_t *ssl_conn; | |
| 747 ngx_quic_connection_t *qc; | |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
748 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
| 8223 | 749 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
750 c->log->action = "processing initial quic packet"; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
751 |
| 8223 | 752 qc = c->quic; |
| 753 ssl_conn = c->ssl->connection; | |
| 754 | |
|
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
755 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
| 8223 | 756 return NGX_ERROR; |
| 757 } | |
| 758 | |
|
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
759 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
| 8223 | 760 return NGX_ERROR; |
| 761 } | |
| 762 | |
| 763 pkt->secret = &qc->secrets.client.in; | |
| 764 pkt->level = ssl_encryption_initial; | |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
765 pkt->plaintext = buf; |
| 8223 | 766 |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
767 if (ngx_quic_decrypt(pkt, ssl_conn) != NGX_OK) { |
| 8223 | 768 return NGX_ERROR; |
| 769 } | |
| 770 | |
| 771 return ngx_quic_payload_handler(c, pkt); | |
| 772 } | |
| 773 | |
| 774 | |
| 775 static ngx_int_t | |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
776 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
777 { |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
778 ngx_quic_connection_t *qc; |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
779 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
780 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
781 c->log->action = "processing handshake quic packet"; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
782 |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
783 qc = c->quic; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
784 |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
785 /* extract cleartext data into pkt */ |
|
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
786 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
787 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
788 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
789 |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
790 if (pkt->dcid.len != qc->dcid.len) { |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
791 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcidl"); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
792 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
793 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
794 |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
795 if (ngx_memcmp(pkt->dcid.data, qc->dcid.data, qc->dcid.len) != 0) { |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
796 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcid"); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
797 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
798 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
799 |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
800 if (pkt->scid.len != qc->scid.len) { |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
801 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scidl"); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
802 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
803 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
804 |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
805 if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
806 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scid"); |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
807 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
808 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
809 |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
810 if (!ngx_quic_pkt_hs(pkt->flags)) { |
|
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
811 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
812 "invalid packet type: 0x%xi", pkt->flags); |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
813 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
814 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
815 |
|
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
816 if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) { |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
817 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
818 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
819 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
820 pkt->secret = &qc->secrets.client.hs; |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
821 pkt->level = ssl_encryption_handshake; |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
822 pkt->plaintext = buf; |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
823 |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
824 if (ngx_quic_decrypt(pkt, c->ssl->connection) != NGX_OK) { |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
825 return NGX_ERROR; |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
826 } |
|
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
827 |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
828 return ngx_quic_payload_handler(c, pkt); |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
829 } |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
830 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
831 |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
832 static ngx_int_t |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
833 ngx_quic_early_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
834 { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
835 ngx_quic_connection_t *qc; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
836 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
837 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
838 c->log->action = "processing early data quic packet"; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
839 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
840 qc = c->quic; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
841 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
842 /* extract cleartext data into pkt */ |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
843 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
844 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
845 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
846 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
847 if (pkt->dcid.len != qc->dcid.len) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
848 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcidl"); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
849 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
850 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
851 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
852 if (ngx_memcmp(pkt->dcid.data, qc->dcid.data, qc->dcid.len) != 0) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
853 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcid"); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
854 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
855 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
856 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
857 if (pkt->scid.len != qc->scid.len) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
858 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scidl"); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
859 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
860 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
861 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
862 if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
863 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scid"); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
864 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
865 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
866 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
867 if (!ngx_quic_pkt_zrtt(pkt->flags)) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
868 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
869 "invalid packet type: 0x%xi", pkt->flags); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
870 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
871 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
872 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
873 if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
874 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
875 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
876 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
877 if (c->quic->state != NGX_QUIC_ST_EARLY_DATA) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
878 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected 0-RTT packet"); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
879 return NGX_OK; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
880 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
881 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
882 pkt->secret = &qc->secrets.client.ed; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
883 pkt->level = ssl_encryption_early_data; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
884 pkt->plaintext = buf; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
885 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
886 if (ngx_quic_decrypt(pkt, c->ssl->connection) != NGX_OK) { |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
887 return NGX_ERROR; |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
888 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
889 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
890 return ngx_quic_payload_handler(c, pkt); |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
891 } |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
892 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
893 |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
894 static ngx_int_t |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
895 ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
896 { |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
897 ngx_quic_connection_t *qc; |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
898 static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
899 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
900 c->log->action = "processing application data quic packet"; |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
901 |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
902 qc = c->quic; |
|
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
903 |
| 8223 | 904 if (qc->secrets.client.ad.key.len == 0) { |
| 905 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 906 "no read keys yet, packet ignored"); | |
| 907 return NGX_DECLINED; | |
| 908 } | |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
909 |
|
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
910 if (ngx_quic_parse_short_header(pkt, &qc->dcid) != NGX_OK) { |
|
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
911 return NGX_ERROR; |
|
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
912 } |
|
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
913 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
914 pkt->secret = &qc->secrets.client.ad; |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
915 pkt->level = ssl_encryption_application; |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
916 pkt->plaintext = buf; |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
917 |
|
8288
ebd5c71b9f02
Got rid of memory allocation in decryption.
Vladimir Homutov <vl@nginx.com>
parents:
8286
diff
changeset
|
918 if (ngx_quic_decrypt(pkt, c->ssl->connection) != NGX_OK) { |
|
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
919 return NGX_ERROR; |
|
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
920 } |
|
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
921 |
|
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
922 return ngx_quic_payload_handler(c, pkt); |
|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
923 } |
| 8171 | 924 |
| 925 | |
| 8225 | 926 static ngx_int_t |
| 927 ngx_quic_payload_handler(ngx_connection_t *c, ngx_quic_header_t *pkt) | |
| 928 { | |
| 929 u_char *end, *p; | |
| 930 ssize_t len; | |
| 931 ngx_uint_t ack_this, do_close; | |
| 932 ngx_quic_frame_t frame, *ack_frame; | |
| 933 ngx_quic_connection_t *qc; | |
| 934 | |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
935 |
| 8225 | 936 qc = c->quic; |
| 937 | |
| 938 p = pkt->payload.data; | |
| 939 end = p + pkt->payload.len; | |
| 940 | |
| 941 ack_this = 0; | |
| 942 do_close = 0; | |
| 943 | |
| 944 while (p < end) { | |
| 945 | |
| 8275 | 946 c->log->action = "parsing frames"; |
| 947 | |
|
8240
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
8239
diff
changeset
|
948 len = ngx_quic_parse_frame(pkt, p, end, &frame); |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
949 |
|
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
950 if (len == NGX_DECLINED) { |
|
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
951 /* TODO: handle protocol violation: |
|
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
952 * such frame not allowed in this packet |
|
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
953 */ |
|
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
954 return NGX_ERROR; |
|
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
955 } |
|
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8247
diff
changeset
|
956 |
| 8225 | 957 if (len < 0) { |
| 958 return NGX_ERROR; | |
| 959 } | |
| 960 | |
| 8275 | 961 c->log->action = "handling frames"; |
| 962 | |
| 8225 | 963 p += len; |
| 964 | |
| 965 switch (frame.type) { | |
| 966 | |
| 967 case NGX_QUIC_FT_ACK: | |
| 968 if (ngx_quic_handle_ack_frame(c, pkt, &frame.u.ack) != NGX_OK) { | |
| 969 return NGX_ERROR; | |
| 970 } | |
| 971 | |
| 972 break; | |
| 973 | |
| 974 case NGX_QUIC_FT_CRYPTO: | |
| 975 | |
| 976 if (ngx_quic_handle_crypto_frame(c, pkt, &frame.u.crypto) | |
| 977 != NGX_OK) | |
| 978 { | |
| 979 return NGX_ERROR; | |
| 980 } | |
| 981 | |
| 982 ack_this = 1; | |
| 983 break; | |
| 984 | |
| 985 case NGX_QUIC_FT_PADDING: | |
| 986 break; | |
| 987 | |
| 988 case NGX_QUIC_FT_PING: | |
| 989 ack_this = 1; | |
| 990 break; | |
| 991 | |
| 992 case NGX_QUIC_FT_NEW_CONNECTION_ID: | |
| 993 ack_this = 1; | |
| 994 break; | |
| 995 | |
| 996 case NGX_QUIC_FT_CONNECTION_CLOSE: | |
|
8258
80d7144b1c38
Closing connection on NGX_QUIC_FT_CONNECTION_CLOSE.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8252
diff
changeset
|
997 case NGX_QUIC_FT_CONNECTION_CLOSE2: |
| 8225 | 998 |
| 999 do_close = 1; | |
| 1000 break; | |
| 1001 | |
| 1002 case NGX_QUIC_FT_STREAM0: | |
| 1003 case NGX_QUIC_FT_STREAM1: | |
| 1004 case NGX_QUIC_FT_STREAM2: | |
| 1005 case NGX_QUIC_FT_STREAM3: | |
| 1006 case NGX_QUIC_FT_STREAM4: | |
| 1007 case NGX_QUIC_FT_STREAM5: | |
| 1008 case NGX_QUIC_FT_STREAM6: | |
| 1009 case NGX_QUIC_FT_STREAM7: | |
| 1010 | |
| 1011 if (ngx_quic_handle_stream_frame(c, pkt, &frame.u.stream) | |
| 1012 != NGX_OK) | |
| 1013 { | |
| 1014 return NGX_ERROR; | |
| 1015 } | |
| 1016 | |
| 1017 ack_this = 1; | |
| 1018 break; | |
| 1019 | |
|
8237
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1020 case NGX_QUIC_FT_MAX_DATA: |
|
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1021 c->quic->max_data = frame.u.max_data.max_data; |
|
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1022 ack_this = 1; |
|
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1023 break; |
|
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
1024 |
|
8231
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
1025 case NGX_QUIC_FT_RESET_STREAM: |
|
8240
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
8239
diff
changeset
|
1026 /* TODO: handle */ |
|
8231
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
1027 break; |
|
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
1028 |
|
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
1029 case NGX_QUIC_FT_STOP_SENDING: |
|
8240
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
8239
diff
changeset
|
1030 /* TODO: handle; need ack ? */ |
|
8231
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
1031 break; |
|
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
1032 |
|
8236
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1033 case NGX_QUIC_FT_STREAMS_BLOCKED: |
|
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1034 case NGX_QUIC_FT_STREAMS_BLOCKED2: |
|
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1035 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1036 if (ngx_quic_handle_streams_blocked_frame(c, pkt, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1037 &frame.u.streams_blocked) |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1038 != NGX_OK) |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1039 { |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1040 return NGX_ERROR; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1041 } |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1042 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1043 ack_this = 1; |
|
8236
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1044 break; |
|
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
1045 |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1046 case NGX_QUIC_FT_STREAM_DATA_BLOCKED: |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1047 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1048 if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1049 &frame.u.stream_data_blocked) |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1050 != NGX_OK) |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1051 { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1052 return NGX_ERROR; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1053 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1054 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1055 ack_this = 1; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1056 break; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1057 |
| 8225 | 1058 default: |
| 1059 return NGX_ERROR; | |
| 1060 } | |
| 1061 } | |
| 1062 | |
| 1063 if (p != end) { | |
| 1064 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 1065 "trailing garbage in payload: %ui bytes", end - p); | |
| 1066 return NGX_ERROR; | |
| 1067 } | |
| 1068 | |
| 1069 if (do_close) { | |
|
8267
a8349cc72c64
Avoid using QUIC connection after CONNECTION_CLOSE.
Roman Arutyunyan <arut@nginx.com>
parents:
8266
diff
changeset
|
1070 return NGX_DONE; |
| 8225 | 1071 } |
| 1072 | |
| 1073 if (ack_this == 0) { | |
| 1074 /* do not ack packets with ACKs and PADDING */ | |
| 1075 return NGX_OK; | |
| 1076 } | |
| 1077 | |
| 8275 | 1078 c->log->action = "generating acknowledgment"; |
| 1079 | |
| 8225 | 1080 // packet processed, ACK it now if required |
| 1081 // TODO: if (ack_required) ... - currently just ack each packet | |
| 1082 | |
| 8286 | 1083 ack_frame = ngx_quic_alloc_frame(c, 0); |
| 8225 | 1084 if (ack_frame == NULL) { |
| 1085 return NGX_ERROR; | |
| 1086 } | |
| 1087 | |
|
8304
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1088 ack_frame->level = (pkt->level == ssl_encryption_early_data) |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1089 ? ssl_encryption_application |
|
90f94413177e
TLS Early Data support.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8303
diff
changeset
|
1090 : pkt->level; |
| 8225 | 1091 ack_frame->type = NGX_QUIC_FT_ACK; |
| 1092 ack_frame->u.ack.pn = pkt->pn; | |
| 1093 | |
| 1094 ngx_sprintf(ack_frame->info, "ACK for PN=%d from frame handler level=%d", pkt->pn, pkt->level); | |
| 1095 ngx_quic_queue_frame(qc, ack_frame); | |
| 1096 | |
| 1097 return ngx_quic_output(c); | |
| 1098 } | |
| 1099 | |
| 1100 | |
| 1101 static ngx_int_t | |
| 1102 ngx_quic_handle_ack_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, | |
| 1103 ngx_quic_ack_frame_t *f) | |
| 1104 { | |
| 1105 /* TODO: handle ACK here */ | |
| 1106 return NGX_OK; | |
| 1107 } | |
| 1108 | |
| 1109 | |
| 1110 static ngx_int_t | |
| 1111 ngx_quic_handle_crypto_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, | |
| 1112 ngx_quic_crypto_frame_t *f) | |
| 1113 { | |
|
8273
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1114 int sslerr; |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1115 ssize_t n; |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1116 ngx_ssl_conn_t *ssl_conn; |
| 8225 | 1117 |
| 1118 if (f->offset != 0x0) { | |
| 1119 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 1120 "crypto frame with non-zero offset"); | |
| 1121 // TODO: add support for crypto frames spanning packets | |
| 1122 return NGX_ERROR; | |
| 1123 } | |
| 1124 | |
| 1125 ssl_conn = c->ssl->connection; | |
| 1126 | |
| 1127 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
| 1128 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", | |
| 1129 (int) SSL_quic_read_level(ssl_conn), | |
| 1130 (int) SSL_quic_write_level(ssl_conn)); | |
| 1131 | |
| 1132 if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn), | |
| 1133 f->data, f->len)) | |
| 1134 { | |
| 1135 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, | |
| 1136 "SSL_provide_quic_data() failed"); | |
| 1137 return NGX_ERROR; | |
| 1138 } | |
| 1139 | |
| 1140 n = SSL_do_handshake(ssl_conn); | |
| 1141 | |
| 1142 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); | |
| 1143 | |
| 1144 if (n == -1) { | |
| 1145 sslerr = SSL_get_error(ssl_conn, n); | |
| 1146 | |
| 1147 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", | |
| 1148 sslerr); | |
| 1149 | |
|
8300
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8299
diff
changeset
|
1150 if (sslerr != SSL_ERROR_WANT_READ) { |
| 8225 | 1151 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); |
|
8300
23a2b5e7acc8
Improved SSL_do_handshake() error handling in QUIC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8299
diff
changeset
|
1152 return NGX_ERROR; |
| 8225 | 1153 } |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
1154 |
|
8302
76818c9cdd6f
Sending HANDSHAKE_DONE just once with BoringSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8301
diff
changeset
|
1155 } else if (n == 1 && !SSL_in_init(ssl_conn)) { |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
1156 c->quic->state = NGX_QUIC_ST_APPLICATION; |
| 8225 | 1157 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
1158 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 8299 | 1159 "quic ssl cipher: %s", SSL_get_cipher(ssl_conn)); |
| 8225 | 1160 |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
1161 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 8299 | 1162 "handshake completed successfully"); |
|
8273
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1163 |
|
8274
ee53bfd8f9ed
Added QUIC version check for sending HANDSHAKE_DONE frame.
Vladimir Homutov <vl@nginx.com>
parents:
8273
diff
changeset
|
1164 #if (NGX_QUIC_DRAFT_VERSION >= 27) |
|
ee53bfd8f9ed
Added QUIC version check for sending HANDSHAKE_DONE frame.
Vladimir Homutov <vl@nginx.com>
parents:
8273
diff
changeset
|
1165 { |
|
ee53bfd8f9ed
Added QUIC version check for sending HANDSHAKE_DONE frame.
Vladimir Homutov <vl@nginx.com>
parents:
8273
diff
changeset
|
1166 ngx_quic_frame_t *frame; |
|
ee53bfd8f9ed
Added QUIC version check for sending HANDSHAKE_DONE frame.
Vladimir Homutov <vl@nginx.com>
parents:
8273
diff
changeset
|
1167 |
| 8286 | 1168 frame = ngx_quic_alloc_frame(c, 0); |
|
8273
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1169 if (frame == NULL) { |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1170 return NGX_ERROR; |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1171 } |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1172 |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1173 /* 12.4 Frames and frame types, figure 8 */ |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1174 frame->level = ssl_encryption_application; |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1175 frame->type = NGX_QUIC_FT_HANDSHAKE_DONE; |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1176 ngx_sprintf(frame->info, "HANDSHAKE DONE on handshake completed"); |
|
cb75f194f1f0
Implemented sending HANDSHAKE_DONE frame after handshake.
Vladimir Homutov <vl@nginx.com>
parents:
8272
diff
changeset
|
1177 ngx_quic_queue_frame(c->quic, frame); |
|
8274
ee53bfd8f9ed
Added QUIC version check for sending HANDSHAKE_DONE frame.
Vladimir Homutov <vl@nginx.com>
parents:
8273
diff
changeset
|
1178 } |
|
ee53bfd8f9ed
Added QUIC version check for sending HANDSHAKE_DONE frame.
Vladimir Homutov <vl@nginx.com>
parents:
8273
diff
changeset
|
1179 #endif |
|
8263
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
1180 } |
|
1295b293d09a
Connection states code cleanup.
Vladimir Homutov <vl@nginx.com>
parents:
8260
diff
changeset
|
1181 |
| 8225 | 1182 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 1183 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", | |
| 1184 (int) SSL_quic_read_level(ssl_conn), | |
| 1185 (int) SSL_quic_write_level(ssl_conn)); | |
| 1186 | |
| 1187 return NGX_OK; | |
| 1188 } | |
| 1189 | |
| 1190 | |
| 1191 static ngx_int_t | |
| 1192 ngx_quic_handle_stream_frame(ngx_connection_t *c, | |
| 1193 ngx_quic_header_t *pkt, ngx_quic_stream_frame_t *f) | |
| 1194 { | |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1195 size_t n; |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1196 ngx_buf_t *b; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1197 ngx_event_t *rev; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1198 ngx_quic_stream_t *sn; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1199 ngx_quic_connection_t *qc; |
| 8225 | 1200 |
| 1201 qc = c->quic; | |
| 1202 | |
| 1203 sn = ngx_quic_find_stream(&qc->streams.tree, f->stream_id); | |
| 1204 | |
| 1205 if (sn) { | |
| 1206 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "existing stream"); | |
| 1207 b = sn->b; | |
| 1208 | |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1209 if ((size_t) ((b->pos - b->start) + (b->end - b->last)) < f->length) { |
| 8225 | 1210 ngx_log_error(NGX_LOG_INFO, c->log, 0, "no space in stream buffer"); |
| 1211 return NGX_ERROR; | |
| 1212 } | |
| 1213 | |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1214 if ((size_t) (b->end - b->last) < f->length) { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1215 b->last = ngx_movemem(b->start, b->pos, b->last - b->pos); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1216 b->pos = b->start; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1217 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1218 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1219 b->last = ngx_cpymem(b->last, f->data, f->length); |
| 8225 | 1220 |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1221 rev = sn->c->read; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1222 rev->ready = 1; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1223 |
|
8279
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1224 if (f->fin) { |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1225 rev->pending_eof = 1; |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1226 } |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1227 |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1228 if (rev->active) { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1229 rev->handler(rev); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1230 } |
| 8225 | 1231 |
| 1232 return NGX_OK; | |
| 1233 } | |
| 1234 | |
| 1235 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "stream is new"); | |
| 1236 | |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1237 n = (f->stream_id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1238 ? qc->tp.initial_max_stream_data_uni |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1239 : qc->tp.initial_max_stream_data_bidi_remote; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1240 |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1241 if (n < NGX_QUIC_STREAM_BUFSIZE) { |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1242 n = NGX_QUIC_STREAM_BUFSIZE; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1243 } |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1244 |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1245 if (n < f->length) { |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1246 ngx_log_error(NGX_LOG_INFO, c->log, 0, "no space in stream buffer"); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1247 return NGX_ERROR; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1248 } |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1249 |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1250 sn = ngx_quic_create_stream(c, f->stream_id, n); |
| 8225 | 1251 if (sn == NULL) { |
| 1252 return NGX_ERROR; | |
| 1253 } | |
| 1254 | |
| 1255 b = sn->b; | |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1256 b->last = ngx_cpymem(b->last, f->data, f->length); |
| 8225 | 1257 |
|
8294
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
8293
diff
changeset
|
1258 rev = sn->c->read; |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
8293
diff
changeset
|
1259 rev->ready = 1; |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
8293
diff
changeset
|
1260 |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
8293
diff
changeset
|
1261 if (f->fin) { |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
8293
diff
changeset
|
1262 rev->pending_eof = 1; |
|
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
8293
diff
changeset
|
1263 } |
| 8225 | 1264 |
| 1265 qc->streams.handler(sn->c); | |
| 1266 | |
| 1267 return NGX_OK; | |
| 1268 } | |
| 1269 | |
| 1270 | |
|
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1271 static ngx_int_t |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1272 ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1273 ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f) |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1274 { |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1275 ngx_quic_frame_t *frame; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1276 |
| 8286 | 1277 frame = ngx_quic_alloc_frame(c, 0); |
|
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1278 if (frame == NULL) { |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1279 return NGX_ERROR; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1280 } |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1281 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1282 frame->level = pkt->level; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1283 frame->type = NGX_QUIC_FT_MAX_STREAMS; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1284 frame->u.max_streams.limit = f->limit * 2; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1285 frame->u.max_streams.bidi = f->bidi; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1286 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1287 ngx_sprintf(frame->info, "MAX_STREAMS limit:%d bidi:%d level=%d", |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1288 (int) frame->u.max_streams.limit, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1289 (int) frame->u.max_streams.bidi, |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1290 frame->level); |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1291 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1292 ngx_quic_queue_frame(c->quic, frame); |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1293 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1294 return NGX_OK; |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1295 } |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1296 |
|
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1297 |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1298 static ngx_int_t |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1299 ngx_quic_handle_stream_data_blocked_frame(ngx_connection_t *c, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1300 ngx_quic_header_t *pkt, ngx_quic_stream_data_blocked_frame_t *f) |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1301 { |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1302 size_t n; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1303 ngx_buf_t *b; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1304 ngx_quic_frame_t *frame; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1305 ngx_quic_stream_t *sn; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1306 ngx_quic_connection_t *qc; |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1307 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1308 qc = c->quic; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1309 sn = ngx_quic_find_stream(&qc->streams.tree, f->id); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1310 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1311 if (sn == NULL) { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1312 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unknown stream id:%uL", f->id); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1313 return NGX_ERROR; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1314 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1315 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1316 b = sn->b; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1317 n = (b->pos - b->start) + (b->end - b->last); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1318 |
| 8286 | 1319 frame = ngx_quic_alloc_frame(c, 0); |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1320 if (frame == NULL) { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1321 return NGX_ERROR; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1322 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1323 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1324 frame->level = pkt->level; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1325 frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1326 frame->u.max_stream_data.id = f->id; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1327 frame->u.max_stream_data.limit = n; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1328 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1329 ngx_sprintf(frame->info, "MAX_STREAM_DATA id:%d limit:%d level=%d", |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1330 (int) frame->u.max_stream_data.id, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1331 (int) frame->u.max_stream_data.limit, |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1332 frame->level); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1333 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1334 ngx_quic_queue_frame(c->quic, frame); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1335 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1336 return NGX_OK; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1337 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1338 |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1339 |
| 8225 | 1340 static void |
| 1341 ngx_quic_queue_frame(ngx_quic_connection_t *qc, ngx_quic_frame_t *frame) | |
| 1342 { | |
|
8270
c87a13514abc
Allow ngx_queue_frame() to insert frame in the front.
Roman Arutyunyan <arut@nginx.com>
parents:
8267
diff
changeset
|
1343 ngx_quic_frame_t **f; |
| 8225 | 1344 |
|
8270
c87a13514abc
Allow ngx_queue_frame() to insert frame in the front.
Roman Arutyunyan <arut@nginx.com>
parents:
8267
diff
changeset
|
1345 for (f = &qc->frames; *f; f = &(*f)->next) { |
|
c87a13514abc
Allow ngx_queue_frame() to insert frame in the front.
Roman Arutyunyan <arut@nginx.com>
parents:
8267
diff
changeset
|
1346 if ((*f)->level > frame->level) { |
| 8225 | 1347 break; |
| 1348 } | |
| 1349 } | |
| 1350 | |
|
8270
c87a13514abc
Allow ngx_queue_frame() to insert frame in the front.
Roman Arutyunyan <arut@nginx.com>
parents:
8267
diff
changeset
|
1351 frame->next = *f; |
|
c87a13514abc
Allow ngx_queue_frame() to insert frame in the front.
Roman Arutyunyan <arut@nginx.com>
parents:
8267
diff
changeset
|
1352 *f = frame; |
| 8225 | 1353 } |
| 1354 | |
| 1355 | |
| 1356 static ngx_int_t | |
| 1357 ngx_quic_output(ngx_connection_t *c) | |
| 1358 { | |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1359 size_t len, hlen, n; |
| 8225 | 1360 ngx_uint_t lvl; |
| 8286 | 1361 ngx_quic_frame_t *f, *start, *next; |
| 8225 | 1362 ngx_quic_connection_t *qc; |
| 1363 | |
| 1364 qc = c->quic; | |
| 1365 | |
| 1366 if (qc->frames == NULL) { | |
| 1367 return NGX_OK; | |
| 1368 } | |
| 1369 | |
| 8275 | 1370 c->log->action = "sending frames"; |
| 1371 | |
| 8225 | 1372 lvl = qc->frames->level; |
| 1373 start = qc->frames; | |
| 1374 f = start; | |
| 1375 | |
| 1376 do { | |
| 1377 len = 0; | |
| 1378 | |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1379 hlen = (lvl == ssl_encryption_application) ? NGX_QUIC_MAX_SHORT_HEADER |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1380 : NGX_QUIC_MAX_LONG_HEADER; |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1381 hlen += EVP_GCM_TLS_TAG_LEN; |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1382 |
| 8225 | 1383 do { |
| 1384 /* process same-level group of frames */ | |
| 1385 | |
|
8265
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1386 n = ngx_quic_create_frame(NULL, NULL, f); |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1387 |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1388 if (len && hlen + len + n > qc->ctp.max_packet_size) { |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1389 break; |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1390 } |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1391 |
|
d45325e90221
Limit output QUIC packets with client max_packet_size.
Roman Arutyunyan <arut@nginx.com>
parents:
8263
diff
changeset
|
1392 len += n; |
| 8225 | 1393 |
| 1394 f = f->next; | |
| 1395 } while (f && f->level == lvl); | |
| 1396 | |
| 1397 | |
| 1398 if (ngx_quic_frames_send(c, start, f, len) != NGX_OK) { | |
| 1399 return NGX_ERROR; | |
| 1400 } | |
| 1401 | |
| 8286 | 1402 while (start != f) { |
| 1403 next = start->next; | |
| 1404 ngx_quic_free_frame(c, start); | |
| 1405 start = next; | |
| 1406 } | |
| 1407 | |
| 8225 | 1408 if (f == NULL) { |
| 1409 break; | |
| 1410 } | |
| 1411 | |
| 1412 lvl = f->level; // TODO: must not decrease (ever, also between calls) | |
| 1413 | |
| 1414 } while (1); | |
| 1415 | |
| 1416 qc->frames = NULL; | |
| 1417 | |
|
8271
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
1418 if (!qc->send_timer_set) { |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
1419 qc->send_timer_set = 1; |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
1420 ngx_add_timer(c->read, qc->tp.max_idle_timeout); |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
1421 } |
|
8e54a17dabee
Respect QUIC max_idle_timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
8270
diff
changeset
|
1422 |
| 8225 | 1423 return NGX_OK; |
| 1424 } | |
| 1425 | |
| 1426 | |
| 1427 /* pack a group of frames [start; end) into memory p and send as single packet */ | |
| 1428 ngx_int_t | |
| 1429 ngx_quic_frames_send(ngx_connection_t *c, ngx_quic_frame_t *start, | |
| 1430 ngx_quic_frame_t *end, size_t total) | |
| 1431 { | |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1432 ssize_t len; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1433 u_char *p; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1434 ngx_str_t out, res; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1435 ngx_quic_frame_t *f; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1436 ngx_quic_header_t pkt; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1437 ngx_quic_connection_t *qc; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1438 static ngx_str_t initial_token = ngx_null_string; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1439 static u_char src[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1440 static u_char dst[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; |
| 8225 | 1441 |
| 1442 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
| 1443 "sending frames %p...%p", start, end); | |
| 1444 | |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1445 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
| 8225 | 1446 |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1447 p = src; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1448 out.data = src; |
| 8225 | 1449 |
| 1450 for (f = start; f != end; f = f->next) { | |
| 1451 | |
| 1452 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "frame: %s", f->info); | |
| 1453 | |
| 1454 len = ngx_quic_create_frame(p, p + total, f); | |
| 1455 if (len == -1) { | |
| 1456 return NGX_ERROR; | |
| 1457 } | |
| 1458 | |
| 1459 p += len; | |
| 1460 } | |
| 1461 | |
| 1462 out.len = p - out.data; | |
| 1463 | |
|
8301
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8300
diff
changeset
|
1464 while (out.len < 4) { |
|
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8300
diff
changeset
|
1465 *p++ = NGX_QUIC_FT_PADDING; |
|
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8300
diff
changeset
|
1466 out.len++; |
|
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8300
diff
changeset
|
1467 } |
|
c9fbe9508e1f
QUIC packet padding to fulfil header protection sample demands.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8300
diff
changeset
|
1468 |
| 8225 | 1469 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
| 1470 "packet ready: %ui bytes at level %d", | |
| 1471 out.len, start->level); | |
| 1472 | |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1473 qc = c->quic; |
| 8225 | 1474 |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1475 if (start->level == ssl_encryption_initial) { |
| 8225 | 1476 pkt.number = &qc->initial_pn; |
| 1477 pkt.flags = NGX_QUIC_PKT_INITIAL; | |
| 1478 pkt.secret = &qc->secrets.server.in; | |
| 1479 pkt.token = initial_token; | |
| 1480 | |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1481 } else if (start->level == ssl_encryption_handshake) { |
| 8225 | 1482 pkt.number = &qc->handshake_pn; |
| 1483 pkt.flags = NGX_QUIC_PKT_HANDSHAKE; | |
| 1484 pkt.secret = &qc->secrets.server.hs; | |
| 1485 | |
| 1486 } else { | |
| 1487 pkt.number = &qc->appdata_pn; | |
| 1488 pkt.secret = &qc->secrets.server.ad; | |
| 1489 } | |
| 1490 | |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1491 pkt.log = c->log; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1492 pkt.level = start->level; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1493 pkt.dcid = qc->dcid; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1494 pkt.scid = qc->scid; |
|
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1495 pkt.payload = out; |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8284
diff
changeset
|
1496 |
|
8289
949b95e4d504
Merged ngx_quic_send_packet() into ngx_quic_send_frames().
Vladimir Homutov <vl@nginx.com>
parents:
8288
diff
changeset
|
1497 res.data = dst; |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8284
diff
changeset
|
1498 |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8284
diff
changeset
|
1499 if (ngx_quic_encrypt(&pkt, c->ssl->connection, &res) != NGX_OK) { |
| 8225 | 1500 return NGX_ERROR; |
| 1501 } | |
| 1502 | |
| 1503 ngx_quic_hexdump0(c->log, "packet to send", res.data, res.len); | |
| 1504 | |
| 1505 c->send(c, res.data, res.len); // TODO: err handling | |
| 1506 | |
| 1507 (*pkt.number)++; | |
| 1508 | |
| 1509 return NGX_OK; | |
| 1510 } | |
| 1511 | |
| 1512 | |
| 1513 ngx_connection_t * | |
| 1514 ngx_quic_create_uni_stream(ngx_connection_t *c) | |
| 1515 { | |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1516 ngx_uint_t id; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1517 ngx_quic_stream_t *qs, *sn; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1518 ngx_quic_connection_t *qc; |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1519 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1520 qs = c->qs; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1521 qc = qs->parent->quic; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1522 |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1523 id = (qc->streams.id_counter << 2) |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1524 | NGX_QUIC_STREAM_SERVER_INITIATED |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1525 | NGX_QUIC_STREAM_UNIDIRECTIONAL; |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1526 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1527 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1528 "creating server uni stream #%ui id %ui", |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1529 qc->streams.id_counter, id); |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1530 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1531 qc->streams.id_counter++; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1532 |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1533 sn = ngx_quic_create_stream(qs->parent, id, 0); |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1534 if (sn == NULL) { |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1535 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1536 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1537 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1538 return sn->c; |
| 8225 | 1539 } |
| 1540 | |
| 1541 | |
| 1542 static void | |
| 1543 ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, | |
| 1544 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel) | |
| 1545 { | |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1546 ngx_rbtree_node_t **p; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1547 ngx_quic_stream_t *qn, *qnt; |
| 8225 | 1548 |
| 1549 for ( ;; ) { | |
|
8284
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1550 qn = (ngx_quic_stream_t *) node; |
|
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1551 qnt = (ngx_quic_stream_t *) temp; |
| 8225 | 1552 |
|
8284
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1553 p = (qn->id < qnt->id) ? &temp->left : &temp->right; |
| 8225 | 1554 |
| 1555 if (*p == sentinel) { | |
| 1556 break; | |
| 1557 } | |
| 1558 | |
| 1559 temp = *p; | |
| 1560 } | |
| 1561 | |
| 1562 *p = node; | |
| 1563 node->parent = temp; | |
| 1564 node->left = sentinel; | |
| 1565 node->right = sentinel; | |
| 1566 ngx_rbt_red(node); | |
| 1567 } | |
| 1568 | |
| 1569 | |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1570 static ngx_quic_stream_t * |
|
8284
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1571 ngx_quic_find_stream(ngx_rbtree_t *rbtree, uint64_t id) |
| 8225 | 1572 { |
| 1573 ngx_rbtree_node_t *node, *sentinel; | |
|
8284
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1574 ngx_quic_stream_t *qn; |
| 8225 | 1575 |
| 1576 node = rbtree->root; | |
| 1577 sentinel = rbtree->sentinel; | |
| 1578 | |
| 1579 while (node != sentinel) { | |
|
8284
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1580 qn = (ngx_quic_stream_t *) node; |
| 8225 | 1581 |
|
8284
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1582 if (id == qn->id) { |
|
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1583 return qn; |
| 8225 | 1584 } |
| 1585 | |
|
8284
2935a11c55b6
Fixed QUIC stream insert and find.
Roman Arutyunyan <arut@nginx.com>
parents:
8282
diff
changeset
|
1586 node = (id < qn->id) ? node->left : node->right; |
| 8225 | 1587 } |
| 1588 | |
| 1589 return NULL; | |
| 1590 } | |
| 1591 | |
| 1592 | |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1593 static ngx_quic_stream_t * |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1594 ngx_quic_create_stream(ngx_connection_t *c, uint64_t id, size_t rcvbuf_size) |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1595 { |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1596 ngx_log_t *log; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1597 ngx_pool_t *pool; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1598 ngx_quic_stream_t *sn; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1599 ngx_pool_cleanup_t *cln; |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1600 |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1601 pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1602 if (pool == NULL) { |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1603 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1604 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1605 |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1606 sn = ngx_pcalloc(pool, sizeof(ngx_quic_stream_t)); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1607 if (sn == NULL) { |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1608 ngx_destroy_pool(pool); |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1609 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1610 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1611 |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1612 sn->node.key = id; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1613 sn->parent = c; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1614 sn->id = id; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1615 |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1616 sn->b = ngx_create_temp_buf(pool, rcvbuf_size); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1617 if (sn->b == NULL) { |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1618 ngx_destroy_pool(pool); |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1619 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1620 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1621 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1622 log = ngx_palloc(pool, sizeof(ngx_log_t)); |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1623 if (log == NULL) { |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1624 ngx_destroy_pool(pool); |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1625 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1626 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1627 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1628 *log = *c->log; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1629 pool->log = log; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1630 |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1631 sn->c = ngx_get_connection(-1, log); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1632 if (sn->c == NULL) { |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1633 ngx_destroy_pool(pool); |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1634 return NULL; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1635 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1636 |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1637 sn->c->qs = sn; |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1638 sn->c->pool = pool; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1639 sn->c->ssl = c->ssl; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1640 sn->c->sockaddr = c->sockaddr; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1641 sn->c->listening = c->listening; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1642 sn->c->addr_text = c->addr_text; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1643 sn->c->local_sockaddr = c->local_sockaddr; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1644 sn->c->number = ngx_atomic_fetch_add(ngx_connection_counter, 1); |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1645 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1646 sn->c->recv = ngx_quic_stream_recv; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1647 sn->c->send = ngx_quic_stream_send; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1648 sn->c->send_chain = ngx_quic_stream_send_chain; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1649 |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1650 sn->c->read->log = c->log; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1651 sn->c->write->log = c->log; |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1652 |
|
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1653 cln = ngx_pool_cleanup_add(pool, 0); |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1654 if (cln == NULL) { |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1655 ngx_close_connection(sn->c); |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1656 ngx_destroy_pool(pool); |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1657 return NULL; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1658 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1659 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1660 cln->handler = ngx_quic_stream_cleanup_handler; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1661 cln->data = sn->c; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1662 |
|
8282
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1663 ngx_rbtree_insert(&c->quic->streams.tree, &sn->node); |
|
4cf00c14f11a
Safe QUIC stream creation.
Roman Arutyunyan <arut@nginx.com>
parents:
8281
diff
changeset
|
1664 |
|
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1665 return sn; |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1666 } |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1667 |
|
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1668 |
| 8225 | 1669 static ssize_t |
| 1670 ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, size_t size) | |
| 1671 { | |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1672 ssize_t len; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1673 ngx_buf_t *b; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1674 ngx_event_t *rev; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1675 ngx_quic_stream_t *qs; |
| 8225 | 1676 |
| 1677 qs = c->qs; | |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1678 b = qs->b; |
|
8279
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1679 rev = c->read; |
| 8225 | 1680 |
|
8279
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1681 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1682 "quic recv: eof:%d, avail:%z", |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1683 rev->pending_eof, b->last - b->pos); |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1684 |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1685 if (b->pos == b->last) { |
|
8279
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1686 rev->ready = 0; |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1687 |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1688 if (rev->pending_eof) { |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1689 rev->eof = 1; |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1690 return 0; |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1691 } |
|
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1692 |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1693 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic recv() not ready"); |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1694 return NGX_AGAIN; |
| 8225 | 1695 } |
| 1696 | |
| 1697 len = ngx_min(b->last - b->pos, (ssize_t) size); | |
| 1698 | |
| 1699 ngx_memcpy(buf, b->pos, len); | |
| 1700 | |
| 1701 b->pos += len; | |
| 1702 | |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1703 if (b->pos == b->last) { |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1704 b->pos = b->start; |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1705 b->last = b->start; |
|
8294
32db41d603cd
Fixed handling QUIC stream eof.
Roman Arutyunyan <arut@nginx.com>
parents:
8293
diff
changeset
|
1706 rev->ready = rev->pending_eof; |
|
8266
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1707 } |
|
f92e583fc256
Better flow control and buffering for QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8265
diff
changeset
|
1708 |
| 8225 | 1709 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
|
8279
5f223cdad40e
Implemented eof in QUIC streams.
Roman Arutyunyan <arut@nginx.com>
parents:
8278
diff
changeset
|
1710 "quic recv: %z of %uz", len, size); |
| 8225 | 1711 |
| 1712 return len; | |
| 1713 } | |
| 1714 | |
| 1715 | |
| 1716 static ssize_t | |
| 1717 ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, size_t size) | |
| 1718 { | |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1719 ngx_connection_t *pc; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1720 ngx_quic_frame_t *frame; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1721 ngx_quic_stream_t *qs; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1722 ngx_quic_connection_t *qc; |
| 8225 | 1723 |
| 1724 qs = c->qs; | |
| 1725 pc = qs->parent; | |
| 1726 qc = pc->quic; | |
| 1727 | |
|
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1728 if (qc->closing) { |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1729 return NGX_ERROR; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1730 } |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1731 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1732 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic send: %uz", size); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1733 |
| 8286 | 1734 frame = ngx_quic_alloc_frame(pc, size); |
| 8225 | 1735 if (frame == NULL) { |
| 1736 return 0; | |
| 1737 } | |
| 1738 | |
| 8286 | 1739 ngx_memcpy(frame->data, buf, size); |
| 8225 | 1740 |
| 1741 frame->level = ssl_encryption_application; | |
| 1742 frame->type = NGX_QUIC_FT_STREAM6; /* OFF=1 LEN=1 FIN=0 */ | |
| 1743 frame->u.stream.off = 1; | |
| 1744 frame->u.stream.len = 1; | |
| 1745 frame->u.stream.fin = 0; | |
| 1746 | |
| 1747 frame->u.stream.type = frame->type; | |
| 1748 frame->u.stream.stream_id = qs->id; | |
| 1749 frame->u.stream.offset = c->sent; | |
| 1750 frame->u.stream.length = size; | |
| 8286 | 1751 frame->u.stream.data = frame->data; |
| 8225 | 1752 |
| 1753 c->sent += size; | |
| 1754 | |
| 1755 ngx_sprintf(frame->info, "stream %xi len=%ui level=%d", | |
| 1756 qs->id, size, frame->level); | |
| 1757 | |
| 1758 ngx_quic_queue_frame(qc, frame); | |
| 1759 | |
|
8293
1ec905f4d851
Push QUIC stream frames in send() and cleanup handler.
Roman Arutyunyan <arut@nginx.com>
parents:
8290
diff
changeset
|
1760 ngx_quic_output(pc); |
|
1ec905f4d851
Push QUIC stream frames in send() and cleanup handler.
Roman Arutyunyan <arut@nginx.com>
parents:
8290
diff
changeset
|
1761 |
| 8225 | 1762 return size; |
| 1763 } | |
| 1764 | |
| 1765 | |
|
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1766 static void |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1767 ngx_quic_stream_cleanup_handler(void *data) |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1768 { |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1769 ngx_connection_t *c = data; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1770 |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1771 ngx_connection_t *pc; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1772 ngx_quic_frame_t *frame; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1773 ngx_quic_stream_t *qs; |
|
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1774 ngx_quic_connection_t *qc; |
|
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1775 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1776 qs = c->qs; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1777 pc = qs->parent; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1778 qc = pc->quic; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1779 |
|
8281
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1780 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic stream cleanup"); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1781 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1782 ngx_rbtree_delete(&qc->streams.tree, &qs->node); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1783 |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1784 if (qc->closing) { |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1785 ngx_post_event(pc->read, &ngx_posted_events); |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1786 return; |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1787 } |
|
618a65de08b3
When closing a QUIC connection, wait for all streams to finish.
Roman Arutyunyan <arut@nginx.com>
parents:
8280
diff
changeset
|
1788 |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1789 if ((qs->id & 0x03) == NGX_QUIC_STREAM_UNIDIRECTIONAL) { |
|
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1790 /* do not send fin for client unidirectional streams */ |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1791 return; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1792 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1793 |
|
8280
b364af7f9f3f
Removed ngx_quic_stream_node_t.
Roman Arutyunyan <arut@nginx.com>
parents:
8279
diff
changeset
|
1794 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic send fin"); |
|
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1795 |
| 8286 | 1796 frame = ngx_quic_alloc_frame(pc, 0); |
|
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1797 if (frame == NULL) { |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1798 return; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1799 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1800 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1801 frame->level = ssl_encryption_application; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1802 frame->type = NGX_QUIC_FT_STREAM7; /* OFF=1 LEN=1 FIN=1 */ |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1803 frame->u.stream.off = 1; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1804 frame->u.stream.len = 1; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1805 frame->u.stream.fin = 1; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1806 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1807 frame->u.stream.type = frame->type; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1808 frame->u.stream.stream_id = qs->id; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1809 frame->u.stream.offset = c->sent; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1810 frame->u.stream.length = 0; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1811 frame->u.stream.data = NULL; |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1812 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1813 ngx_sprintf(frame->info, "stream %xi fin=1 level=%d", qs->id, frame->level); |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1814 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1815 ngx_quic_queue_frame(qc, frame); |
|
8293
1ec905f4d851
Push QUIC stream frames in send() and cleanup handler.
Roman Arutyunyan <arut@nginx.com>
parents:
8290
diff
changeset
|
1816 |
|
1ec905f4d851
Push QUIC stream frames in send() and cleanup handler.
Roman Arutyunyan <arut@nginx.com>
parents:
8290
diff
changeset
|
1817 (void) ngx_quic_output(pc); |
|
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1818 } |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1819 |
|
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1820 |
| 8225 | 1821 static ngx_chain_t * |
| 1822 ngx_quic_stream_send_chain(ngx_connection_t *c, ngx_chain_t *in, | |
| 1823 off_t limit) | |
| 1824 { | |
| 1825 size_t len; | |
| 1826 ssize_t n; | |
| 1827 ngx_buf_t *b; | |
| 1828 | |
| 1829 for ( /* void */; in; in = in->next) { | |
| 1830 b = in->buf; | |
| 1831 | |
| 1832 if (!ngx_buf_in_memory(b)) { | |
| 1833 continue; | |
| 1834 } | |
| 1835 | |
| 1836 if (ngx_buf_size(b) == 0) { | |
| 1837 continue; | |
| 1838 } | |
| 1839 | |
| 1840 len = b->last - b->pos; | |
| 1841 | |
| 1842 n = ngx_quic_stream_send(c, b->pos, len); | |
| 1843 | |
| 1844 if (n == NGX_ERROR) { | |
| 1845 return NGX_CHAIN_ERROR; | |
| 1846 } | |
| 1847 | |
| 1848 if (n == NGX_AGAIN) { | |
| 1849 return in; | |
| 1850 } | |
| 1851 | |
| 1852 if (n != (ssize_t) len) { | |
| 1853 b->pos += n; | |
| 1854 return in; | |
| 1855 } | |
| 1856 } | |
| 1857 | |
| 1858 return NULL; | |
| 1859 } | |
| 8286 | 1860 |
| 1861 | |
| 1862 static ngx_quic_frame_t * | |
| 1863 ngx_quic_alloc_frame(ngx_connection_t *c, size_t size) | |
| 1864 { | |
| 1865 u_char *p; | |
| 1866 ngx_quic_frame_t *frame; | |
| 1867 ngx_quic_connection_t *qc; | |
| 1868 | |
| 1869 if (size) { | |
| 1870 p = ngx_alloc(size, c->log); | |
| 1871 if (p == NULL) { | |
| 1872 return NULL; | |
| 1873 } | |
| 1874 | |
| 1875 } else { | |
| 1876 p = NULL; | |
| 1877 } | |
| 1878 | |
| 1879 qc = c->quic; | |
| 1880 frame = qc->free_frames; | |
| 1881 | |
| 1882 if (frame) { | |
| 1883 qc->free_frames = frame->next; | |
| 1884 | |
| 1885 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
| 1886 "reuse quic frame n:%ui", qc->nframes); | |
| 1887 | |
| 1888 } else { | |
| 1889 frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); | |
| 1890 if (frame == NULL) { | |
| 1891 ngx_free(p); | |
| 1892 return NULL; | |
| 1893 } | |
| 1894 | |
| 1895 #if (NGX_DEBUG) | |
| 1896 ++qc->nframes; | |
| 1897 #endif | |
| 1898 | |
| 1899 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
| 1900 "alloc quic frame n:%ui", qc->nframes); | |
| 1901 } | |
| 1902 | |
| 1903 ngx_memzero(frame, sizeof(ngx_quic_frame_t)); | |
| 1904 | |
| 1905 frame->data = p; | |
| 1906 | |
| 1907 return frame; | |
| 1908 } | |
| 1909 | |
| 1910 | |
| 1911 static void | |
| 1912 ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame) | |
| 1913 { | |
| 1914 ngx_quic_connection_t *qc; | |
| 1915 | |
| 1916 qc = c->quic; | |
| 1917 | |
| 1918 if (frame->data) { | |
| 1919 ngx_free(frame->data); | |
| 1920 } | |
| 1921 | |
| 1922 frame->next = qc->free_frames; | |
| 1923 qc->free_frames = frame; | |
| 1924 | |
| 1925 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
| 1926 "free quic frame n:%ui", qc->nframes); | |
| 1927 } |