Mercurial > hg > nginx

comparison src/event/ngx_event_quic.c @ 8624:340cd26158fb quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: preparatory changes for multiple QUIC versions support. A negotiated version is decoupled from NGX_QUIC_VERSION and, if supported, now stored in c->quic->version after packets processing. It is then used to create long header packets. Otherwise, the list of supported versions (which may be many now) is sent in the Version Negotiation packet. All packets in the connection are expected to have the same version. Incoming packets with mismatched version are now rejected.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 10 Nov 2020 00:20:44 +0300
parents 8550b91e8e35
children 4416b7ab0a27
comparison
equal deleted inserted replaced
8623:8550b91e8e35 8624:340cd26158fb
113 ngx_uint_t send_ack; 113 ngx_uint_t send_ack;
114 } ngx_quic_send_ctx_t; 114 } ngx_quic_send_ctx_t;
115 115
116 116
117 struct ngx_quic_connection_s { 117 struct ngx_quic_connection_s {
118 uint32_t version;
118 ngx_str_t scid; /* initial client ID */ 119 ngx_str_t scid; /* initial client ID */
119 ngx_str_t dcid; /* server (our own) ID */ 120 ngx_str_t dcid; /* server (our own) ID */
120 ngx_str_t odcid; /* original server ID */ 121 ngx_str_t odcid; /* original server ID */
121 ngx_str_t token; 122 ngx_str_t token;
122 123
956 qc->keys = ngx_quic_keys_new(c->pool); 957 qc->keys = ngx_quic_keys_new(c->pool);
957 if (qc->keys == NULL) { 958 if (qc->keys == NULL) {
958 return NULL; 959 return NULL;
959 } 960 }
960 961
962 qc->version = pkt->version;
963
961 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, 964 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel,
962 ngx_quic_rbtree_insert_stream); 965 ngx_quic_rbtree_insert_stream);
963 966
964 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { 967 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) {
965 ngx_queue_init(&qc->send_ctx[i].frames); 968 ngx_queue_init(&qc->send_ctx[i].frames);
1222 return NGX_ERROR; 1225 return NGX_ERROR;
1223 } 1226 }
1224 1227
1225 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); 1228 ngx_memzero(&pkt, sizeof(ngx_quic_header_t));
1226 pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_RETRY; 1229 pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_RETRY;
1230 pkt.version = c->quic->version;
1227 pkt.log = c->log; 1231 pkt.log = c->log;
1228 pkt.odcid = c->quic->odcid; 1232 pkt.odcid = c->quic->odcid;
1229 pkt.dcid = c->quic->scid; 1233 pkt.dcid = c->quic->scid;
1230 pkt.scid = c->quic->dcid; 1234 pkt.scid = c->quic->dcid;
1231 pkt.token = token; 1235 pkt.token = token;
2018 ngx_log_error(NGX_LOG_INFO, c->log, 0, 2022 ngx_log_error(NGX_LOG_INFO, c->log, 0,
2019 "quic unsupported version: 0x%xD", pkt->version); 2023 "quic unsupported version: 0x%xD", pkt->version);
2020 return NGX_DECLINED; 2024 return NGX_DECLINED;
2021 } 2025 }
2022 2026
2027 if (pkt->level != ssl_encryption_application) {
2028 if (pkt->version != qc->version) {
2029 ngx_log_error(NGX_LOG_INFO, c->log, 0,
2030 "quic version mismatch: 0x%xD", pkt->version);
2031 return NGX_DECLINED;
2032 }
2033 }
2034
2023 if (ngx_quic_check_peer(qc, pkt) != NGX_OK) { 2035 if (ngx_quic_check_peer(qc, pkt) != NGX_OK) {
2024 2036
2025 if (pkt->level == ssl_encryption_application) { 2037 if (pkt->level == ssl_encryption_application) {
2026 if (ngx_quic_process_stateless_reset(c, pkt) == NGX_OK) { 2038 if (ngx_quic_process_stateless_reset(c, pkt) == NGX_OK) {
2027 ngx_log_error(NGX_LOG_INFO, c->log, 0, 2039 ngx_log_error(NGX_LOG_INFO, c->log, 0,
4547 } 4559 }
4548 } 4560 }
4549 4561
4550 ngx_quic_set_packet_number(&pkt, ctx); 4562 ngx_quic_set_packet_number(&pkt, ctx);
4551 4563
4564 pkt.version = qc->version;
4552 pkt.log = c->log; 4565 pkt.log = c->log;
4553 pkt.level = start->level; 4566 pkt.level = start->level;
4554 pkt.dcid = qc->scid; 4567 pkt.dcid = qc->scid;
4555 pkt.scid = qc->dcid; 4568 pkt.scid = qc->dcid;
4556 4569