Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8563:bed310672f39 quic
QUIC: moved ssl configuration pointer to quic configuration.
The ssl configuration is obtained at config time and saved for future use.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Thu, 01 Oct 2020 10:04:35 +0300 |
| parents | b31c02454539 |
| children | b52b2a33b0e5 |
comparison
equal
deleted
inserted
replaced
| 8562:b31c02454539 | 8563:bed310672f39 |
|---|---|
| 117 ngx_quic_secrets_t keys[NGX_QUIC_ENCRYPTION_LAST]; | 117 ngx_quic_secrets_t keys[NGX_QUIC_ENCRYPTION_LAST]; |
| 118 ngx_quic_secrets_t next_key; | 118 ngx_quic_secrets_t next_key; |
| 119 ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST]; | 119 ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST]; |
| 120 | 120 |
| 121 ngx_quic_conf_t *conf; | 121 ngx_quic_conf_t *conf; |
| 122 | |
| 123 ngx_ssl_t *ssl; | |
| 124 | 122 |
| 125 ngx_event_t push; | 123 ngx_event_t push; |
| 126 ngx_event_t pto; | 124 ngx_event_t pto; |
| 127 ngx_event_t close; | 125 ngx_event_t close; |
| 128 ngx_queue_t free_frames; | 126 ngx_queue_t free_frames; |
| 191 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, | 189 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, |
| 192 enum ssl_encryption_level_t level, uint8_t alert); | 190 enum ssl_encryption_level_t level, uint8_t alert); |
| 193 | 191 |
| 194 | 192 |
| 195 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, | 193 static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, |
| 196 ngx_ssl_t *ssl, ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); | 194 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
| 197 static ngx_int_t ngx_quic_send_stateless_reset(ngx_connection_t *c, | 195 static ngx_int_t ngx_quic_send_stateless_reset(ngx_connection_t *c, |
| 198 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); | 196 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
| 199 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, | 197 static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, |
| 200 ngx_quic_header_t *pkt); | 198 ngx_quic_header_t *pkt); |
| 201 static ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c, | 199 static ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c, |
| 215 static void ngx_quic_close_timer_handler(ngx_event_t *ev); | 213 static void ngx_quic_close_timer_handler(ngx_event_t *ev); |
| 216 static ngx_int_t ngx_quic_close_streams(ngx_connection_t *c, | 214 static ngx_int_t ngx_quic_close_streams(ngx_connection_t *c, |
| 217 ngx_quic_connection_t *qc); | 215 ngx_quic_connection_t *qc); |
| 218 | 216 |
| 219 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, | 217 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, |
| 220 ngx_ssl_t *ssl, ngx_quic_conf_t *conf); | 218 ngx_quic_conf_t *conf); |
| 221 static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, ngx_ssl_t *ssl, | 219 static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, |
| 222 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); | 220 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); |
| 223 static ngx_int_t ngx_quic_init_secrets(ngx_connection_t *c); | 221 static ngx_int_t ngx_quic_init_secrets(ngx_connection_t *c); |
| 224 static void ngx_quic_discard_ctx(ngx_connection_t *c, | 222 static void ngx_quic_discard_ctx(ngx_connection_t *c, |
| 225 enum ssl_encryption_level_t level); | 223 enum ssl_encryption_level_t level); |
| 226 static ngx_int_t ngx_quic_check_peer(ngx_quic_connection_t *qc, | 224 static ngx_int_t ngx_quic_check_peer(ngx_quic_connection_t *qc, |
| 637 return 1; | 635 return 1; |
| 638 } | 636 } |
| 639 | 637 |
| 640 | 638 |
| 641 void | 639 void |
| 642 ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_conf_t *conf) | 640 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) |
| 643 { | 641 { |
| 644 ngx_int_t rc; | 642 ngx_int_t rc; |
| 645 | 643 |
| 646 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); | 644 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
| 647 | 645 |
| 648 c->log->action = "QUIC initialization"; | 646 c->log->action = "QUIC initialization"; |
| 649 | 647 |
| 650 rc = ngx_quic_input(c, c->buffer, ssl, conf); | 648 rc = ngx_quic_input(c, c->buffer, conf); |
| 651 if (rc != NGX_OK) { | 649 if (rc != NGX_OK) { |
| 652 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); | 650 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); |
| 653 return; | 651 return; |
| 654 } | 652 } |
| 655 | 653 |
| 661 return; | 659 return; |
| 662 } | 660 } |
| 663 | 661 |
| 664 | 662 |
| 665 static ngx_quic_connection_t * | 663 static ngx_quic_connection_t * |
| 666 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, | 664 ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, |
| 667 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt) | 665 ngx_quic_header_t *pkt) |
| 668 { | 666 { |
| 669 ngx_uint_t i; | 667 ngx_uint_t i; |
| 670 ngx_quic_tp_t *ctp; | 668 ngx_quic_tp_t *ctp; |
| 671 ngx_quic_client_id_t *cid; | 669 ngx_quic_client_id_t *cid; |
| 672 ngx_quic_connection_t *qc; | 670 ngx_quic_connection_t *qc; |
| 716 qc->push.log = c->log; | 714 qc->push.log = c->log; |
| 717 qc->push.data = c; | 715 qc->push.data = c; |
| 718 qc->push.handler = ngx_quic_push_handler; | 716 qc->push.handler = ngx_quic_push_handler; |
| 719 qc->push.cancelable = 1; | 717 qc->push.cancelable = 1; |
| 720 | 718 |
| 721 qc->ssl = ssl; | |
| 722 qc->conf = conf; | 719 qc->conf = conf; |
| 723 qc->tp = conf->tp; | 720 qc->tp = conf->tp; |
| 724 | 721 |
| 725 ctp = &qc->ctp; | 722 ctp = &qc->ctp; |
| 726 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); | 723 ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); |
| 1209 ngx_ssl_conn_t *ssl_conn; | 1206 ngx_ssl_conn_t *ssl_conn; |
| 1210 ngx_quic_connection_t *qc; | 1207 ngx_quic_connection_t *qc; |
| 1211 | 1208 |
| 1212 qc = c->quic; | 1209 qc = c->quic; |
| 1213 | 1210 |
| 1214 if (ngx_ssl_create_connection(qc->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { | 1211 if (ngx_ssl_create_connection(qc->conf->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { |
| 1215 return NGX_ERROR; | 1212 return NGX_ERROR; |
| 1216 } | 1213 } |
| 1217 | 1214 |
| 1218 ssl_conn = c->ssl->connection; | 1215 ssl_conn = c->ssl->connection; |
| 1219 | 1216 |
| 1343 } | 1340 } |
| 1344 | 1341 |
| 1345 b.last += n; | 1342 b.last += n; |
| 1346 qc->received += n; | 1343 qc->received += n; |
| 1347 | 1344 |
| 1348 rc = ngx_quic_input(c, &b, NULL, NULL); | 1345 rc = ngx_quic_input(c, &b, NULL); |
| 1349 | 1346 |
| 1350 if (rc == NGX_ERROR) { | 1347 if (rc == NGX_ERROR) { |
| 1351 ngx_quic_close_connection(c, NGX_ERROR); | 1348 ngx_quic_close_connection(c, NGX_ERROR); |
| 1352 return; | 1349 return; |
| 1353 } | 1350 } |
| 1607 return NGX_AGAIN; | 1604 return NGX_AGAIN; |
| 1608 } | 1605 } |
| 1609 | 1606 |
| 1610 | 1607 |
| 1611 static ngx_int_t | 1608 static ngx_int_t |
| 1612 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_ssl_t *ssl, | 1609 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) |
| 1613 ngx_quic_conf_t *conf) | |
| 1614 { | 1610 { |
| 1615 u_char *p; | 1611 u_char *p; |
| 1616 ngx_int_t rc; | 1612 ngx_int_t rc; |
| 1617 ngx_uint_t good; | 1613 ngx_uint_t good; |
| 1618 ngx_quic_header_t pkt; | 1614 ngx_quic_header_t pkt; |
| 1630 pkt.len = b->last - p; | 1626 pkt.len = b->last - p; |
| 1631 pkt.log = c->log; | 1627 pkt.log = c->log; |
| 1632 pkt.flags = p[0]; | 1628 pkt.flags = p[0]; |
| 1633 pkt.raw->pos++; | 1629 pkt.raw->pos++; |
| 1634 | 1630 |
| 1635 rc = ngx_quic_process_packet(c, ssl, conf, &pkt); | 1631 rc = ngx_quic_process_packet(c, conf, &pkt); |
| 1636 | 1632 |
| 1637 if (rc == NGX_ERROR) { | 1633 if (rc == NGX_ERROR) { |
| 1638 return NGX_ERROR; | 1634 return NGX_ERROR; |
| 1639 } | 1635 } |
| 1640 | 1636 |
| 1675 return good ? NGX_OK : NGX_DECLINED; | 1671 return good ? NGX_OK : NGX_DECLINED; |
| 1676 } | 1672 } |
| 1677 | 1673 |
| 1678 | 1674 |
| 1679 static ngx_int_t | 1675 static ngx_int_t |
| 1680 ngx_quic_process_packet(ngx_connection_t *c, ngx_ssl_t *ssl, | 1676 ngx_quic_process_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, |
| 1681 ngx_quic_conf_t *conf, ngx_quic_header_t *pkt) | 1677 ngx_quic_header_t *pkt) |
| 1682 { | 1678 { |
| 1683 ngx_int_t rc; | 1679 ngx_int_t rc; |
| 1684 ngx_ssl_conn_t *ssl_conn; | 1680 ngx_ssl_conn_t *ssl_conn; |
| 1685 ngx_quic_secrets_t *keys, *next, tmp; | 1681 ngx_quic_secrets_t *keys, *next, tmp; |
| 1686 ngx_quic_send_ctx_t *ctx; | 1682 ngx_quic_send_ctx_t *ctx; |
| 1769 "quic too short dcid in initial" | 1765 "quic too short dcid in initial" |
| 1770 " packet: length %i", pkt->dcid.len); | 1766 " packet: length %i", pkt->dcid.len); |
| 1771 return NGX_ERROR; | 1767 return NGX_ERROR; |
| 1772 } | 1768 } |
| 1773 | 1769 |
| 1774 qc = ngx_quic_new_connection(c, ssl, conf, pkt); | 1770 qc = ngx_quic_new_connection(c, conf, pkt); |
| 1775 if (qc == NULL) { | 1771 if (qc == NULL) { |
| 1776 return NGX_ERROR; | 1772 return NGX_ERROR; |
| 1777 } | 1773 } |
| 1778 | 1774 |
| 1779 c->quic = qc; | 1775 c->quic = qc; |