Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8563:bed310672f39 quic
QUIC: moved ssl configuration pointer to quic configuration.
The ssl configuration is obtained at config time and saved for future use.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Thu, 01 Oct 2020 10:04:35 +0300 |
parents | b31c02454539 |
children | b52b2a33b0e5 |
comparison
equal
deleted
inserted
replaced
8562:b31c02454539 | 8563:bed310672f39 |
---|---|
117 ngx_quic_secrets_t keys[NGX_QUIC_ENCRYPTION_LAST]; | 117 ngx_quic_secrets_t keys[NGX_QUIC_ENCRYPTION_LAST]; |
118 ngx_quic_secrets_t next_key; | 118 ngx_quic_secrets_t next_key; |
119 ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST]; | 119 ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST]; |
120 | 120 |
121 ngx_quic_conf_t *conf; | 121 ngx_quic_conf_t *conf; |
122 | |
123 ngx_ssl_t *ssl; | |
124 | 122 |
125 ngx_event_t push; | 123 ngx_event_t push; |
126 ngx_event_t pto; | 124 ngx_event_t pto; |
127 ngx_event_t close; | 125 ngx_event_t close; |
128 ngx_queue_t free_frames; | 126 ngx_queue_t free_frames; |
191 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, | 189 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, |
192 enum ssl_encryption_level_t level, uint8_t alert); | 190 enum ssl_encryption_level_t level, uint8_t alert); |
193 | 191 |
194 | 192 |
195 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, | 193 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, |
196 ngx_ssl_t *ssl, ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); | 194 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
197 static ngx_int_t ngx_quic_send_stateless_reset(ngx_connection_t *c, | 195 static ngx_int_t ngx_quic_send_stateless_reset(ngx_connection_t *c, |
198 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); | 196 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
199 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, | 197 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, |
200 ngx_quic_header_t *pkt); | 198 ngx_quic_header_t *pkt); |
201 static ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c, | 199 static ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c, |
215 static void ngx_quic_close_timer_handler(ngx_event_t *ev); | 213 static void ngx_quic_close_timer_handler(ngx_event_t *ev); |
216 static ngx_int_t ngx_quic_close_streams(ngx_connection_t *c, | 214 static ngx_int_t ngx_quic_close_streams(ngx_connection_t *c, |
217 ngx_quic_connection_t *qc); | 215 ngx_quic_connection_t *qc); |
218 | 216 |
219 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, | 217 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, |
220 ngx_ssl_t *ssl, ngx_quic_conf_t *conf); | 218 ngx_quic_conf_t *conf); |
221 static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, ngx_ssl_t *ssl, | 219 static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, |
222 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); | 220 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
223 static ngx_int_t ngx_quic_init_secrets(ngx_connection_t *c); | 221 static ngx_int_t ngx_quic_init_secrets(ngx_connection_t *c); |
224 static void ngx_quic_discard_ctx(ngx_connection_t *c, | 222 static void ngx_quic_discard_ctx(ngx_connection_t *c, |
225 enum ssl_encryption_level_t level); | 223 enum ssl_encryption_level_t level); |
226 static ngx_int_t ngx_quic_check_peer(ngx_quic_connection_t *qc, | 224 static ngx_int_t ngx_quic_check_peer(ngx_quic_connection_t *qc, |
637 return 1; | 635 return 1; |
638 } | 636 } |
639 | 637 |
640 | 638 |
641 void | 639 void |
642 ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_conf_t *conf) | 640 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) |
643 { | 641 { |
644 ngx_int_t rc; | 642 ngx_int_t rc; |
645 | 643 |
646 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); | 644 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
647 | 645 |
648 c->log->action = "QUIC initialization"; | 646 c->log->action = "QUIC initialization"; |
649 | 647 |
650 rc = ngx_quic_input(c, c->buffer, ssl, conf); | 648 rc = ngx_quic_input(c, c->buffer, conf); |
651 if (rc != NGX_OK) { | 649 if (rc != NGX_OK) { |
652 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); | 650 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); |
653 return; | 651 return; |
654 } | 652 } |
655 | 653 |
661 return; | 659 return; |
662 } | 660 } |
663 | 661 |
664 | 662 |
665 static ngx_quic_connection_t * | 663 static ngx_quic_connection_t * |
666 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, | 664 ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, |
667 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt) | 665 ngx_quic_header_t *pkt) |
668 { | 666 { |
669 ngx_uint_t i; | 667 ngx_uint_t i; |
670 ngx_quic_tp_t *ctp; | 668 ngx_quic_tp_t *ctp; |
671 ngx_quic_client_id_t *cid; | 669 ngx_quic_client_id_t *cid; |
672 ngx_quic_connection_t *qc; | 670 ngx_quic_connection_t *qc; |
716 qc->push.log = c->log; | 714 qc->push.log = c->log; |
717 qc->push.data = c; | 715 qc->push.data = c; |
718 qc->push.handler = ngx_quic_push_handler; | 716 qc->push.handler = ngx_quic_push_handler; |
719 qc->push.cancelable = 1; | 717 qc->push.cancelable = 1; |
720 | 718 |
721 qc->ssl = ssl; | |
722 qc->conf = conf; | 719 qc->conf = conf; |
723 qc->tp = conf->tp; | 720 qc->tp = conf->tp; |
724 | 721 |
725 ctp = &qc->ctp; | 722 ctp = &qc->ctp; |
726 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); | 723 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
1209 ngx_ssl_conn_t *ssl_conn; | 1206 ngx_ssl_conn_t *ssl_conn; |
1210 ngx_quic_connection_t *qc; | 1207 ngx_quic_connection_t *qc; |
1211 | 1208 |
1212 qc = c->quic; | 1209 qc = c->quic; |
1213 | 1210 |
1214 if (ngx_ssl_create_connection(qc->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { | 1211 if (ngx_ssl_create_connection(qc->conf->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { |
1215 return NGX_ERROR; | 1212 return NGX_ERROR; |
1216 } | 1213 } |
1217 | 1214 |
1218 ssl_conn = c->ssl->connection; | 1215 ssl_conn = c->ssl->connection; |
1219 | 1216 |
1343 } | 1340 } |
1344 | 1341 |
1345 b.last += n; | 1342 b.last += n; |
1346 qc->received += n; | 1343 qc->received += n; |
1347 | 1344 |
1348 rc = ngx_quic_input(c, &b, NULL, NULL); | 1345 rc = ngx_quic_input(c, &b, NULL); |
1349 | 1346 |
1350 if (rc == NGX_ERROR) { | 1347 if (rc == NGX_ERROR) { |
1351 ngx_quic_close_connection(c, NGX_ERROR); | 1348 ngx_quic_close_connection(c, NGX_ERROR); |
1352 return; | 1349 return; |
1353 } | 1350 } |
1607 return NGX_AGAIN; | 1604 return NGX_AGAIN; |
1608 } | 1605 } |
1609 | 1606 |
1610 | 1607 |
1611 static ngx_int_t | 1608 static ngx_int_t |
1612 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_ssl_t *ssl, | 1609 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) |
1613 ngx_quic_conf_t *conf) | |
1614 { | 1610 { |
1615 u_char *p; | 1611 u_char *p; |
1616 ngx_int_t rc; | 1612 ngx_int_t rc; |
1617 ngx_uint_t good; | 1613 ngx_uint_t good; |
1618 ngx_quic_header_t pkt; | 1614 ngx_quic_header_t pkt; |
1630 pkt.len = b->last - p; | 1626 pkt.len = b->last - p; |
1631 pkt.log = c->log; | 1627 pkt.log = c->log; |
1632 pkt.flags = p[0]; | 1628 pkt.flags = p[0]; |
1633 pkt.raw->pos++; | 1629 pkt.raw->pos++; |
1634 | 1630 |
1635 rc = ngx_quic_process_packet(c, ssl, conf, &pkt); | 1631 rc = ngx_quic_process_packet(c, conf, &pkt); |
1636 | 1632 |
1637 if (rc == NGX_ERROR) { | 1633 if (rc == NGX_ERROR) { |
1638 return NGX_ERROR; | 1634 return NGX_ERROR; |
1639 } | 1635 } |
1640 | 1636 |
1675 return good ? NGX_OK : NGX_DECLINED; | 1671 return good ? NGX_OK : NGX_DECLINED; |
1676 } | 1672 } |
1677 | 1673 |
1678 | 1674 |
1679 static ngx_int_t | 1675 static ngx_int_t |
1680 ngx_quic_process_packet(ngx_connection_t *c, ngx_ssl_t *ssl, | 1676 ngx_quic_process_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, |
1681 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt) | 1677 ngx_quic_header_t *pkt) |
1682 { | 1678 { |
1683 ngx_int_t rc; | 1679 ngx_int_t rc; |
1684 ngx_ssl_conn_t *ssl_conn; | 1680 ngx_ssl_conn_t *ssl_conn; |
1685 ngx_quic_secrets_t *keys, *next, tmp; | 1681 ngx_quic_secrets_t *keys, *next, tmp; |
1686 ngx_quic_send_ctx_t *ctx; | 1682 ngx_quic_send_ctx_t *ctx; |
1769 "quic too short dcid in initial" | 1765 "quic too short dcid in initial" |
1770 " packet: length %i", pkt->dcid.len); | 1766 " packet: length %i", pkt->dcid.len); |
1771 return NGX_ERROR; | 1767 return NGX_ERROR; |
1772 } | 1768 } |
1773 | 1769 |
1774 qc = ngx_quic_new_connection(c, ssl, conf, pkt); | 1770 qc = ngx_quic_new_connection(c, conf, pkt); |
1775 if (qc == NULL) { | 1771 if (qc == NULL) { |
1776 return NGX_ERROR; | 1772 return NGX_ERROR; |
1777 } | 1773 } |
1778 | 1774 |
1779 c->quic = qc; | 1775 c->quic = qc; |