Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8285:f85749b60e58 quic
Removed memory allocations from encryption code.
+ ngx_quic_encrypt():
- no longer accepts pool as argument
- pkt is 1st arg
- payload is passed as pkt->payload
- performs encryption to the specified static buffer
+ ngx_quic_create_long/short_packet() functions:
- single buffer for everything, allocated by caller
- buffer layout is: [ ad | payload | TAG ]
the result is in the beginning of buffer with proper length
- nonce is calculated on stack
- log is passed explicitly, pkt is 1st arg
- no more allocations inside
+ ngx_quic_create_long_header():
- args changed: no need to pass str_t
+ added ngx_quic_create_short_header()
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Thu, 26 Mar 2020 12:11:50 +0300 |
| parents | 2935a11c55b6 |
| children | c7185bc5b4d9 |
comparison
equal
deleted
inserted
replaced
| 8284:2935a11c55b6 | 8285:f85749b60e58 |
|---|---|
| 1363 | 1363 |
| 1364 static ngx_int_t | 1364 static ngx_int_t |
| 1365 ngx_quic_send_packet(ngx_connection_t *c, ngx_quic_connection_t *qc, | 1365 ngx_quic_send_packet(ngx_connection_t *c, ngx_quic_connection_t *qc, |
| 1366 enum ssl_encryption_level_t level, ngx_str_t *payload) | 1366 enum ssl_encryption_level_t level, ngx_str_t *payload) |
| 1367 { | 1367 { |
| 1368 ngx_str_t res; | 1368 ngx_str_t res; |
| 1369 ngx_quic_header_t pkt; | 1369 ngx_quic_header_t pkt; |
| 1370 static u_char buf[65535]; | |
| 1370 | 1371 |
| 1371 static ngx_str_t initial_token = ngx_null_string; | 1372 static ngx_str_t initial_token = ngx_null_string; |
| 1372 | 1373 |
| 1373 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | 1374 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
| 1374 ngx_quic_hexdump0(c->log, "payload", payload->data, payload->len); | 1375 ngx_quic_hexdump0(c->log, "payload", payload->data, payload->len); |
| 1375 | 1376 |
| 1376 pkt.log = c->log; | 1377 pkt.log = c->log; |
| 1377 pkt.level = level; | 1378 pkt.level = level; |
| 1378 pkt.dcid = qc->dcid; | 1379 pkt.dcid = qc->dcid; |
| 1379 pkt.scid = qc->scid; | 1380 pkt.scid = qc->scid; |
| 1381 pkt.payload = *payload; | |
| 1380 | 1382 |
| 1381 if (level == ssl_encryption_initial) { | 1383 if (level == ssl_encryption_initial) { |
| 1382 pkt.number = &qc->initial_pn; | 1384 pkt.number = &qc->initial_pn; |
| 1383 pkt.flags = NGX_QUIC_PKT_INITIAL; | 1385 pkt.flags = NGX_QUIC_PKT_INITIAL; |
| 1384 pkt.secret = &qc->secrets.server.in; | 1386 pkt.secret = &qc->secrets.server.in; |
| 1392 } else { | 1394 } else { |
| 1393 pkt.number = &qc->appdata_pn; | 1395 pkt.number = &qc->appdata_pn; |
| 1394 pkt.secret = &qc->secrets.server.ad; | 1396 pkt.secret = &qc->secrets.server.ad; |
| 1395 } | 1397 } |
| 1396 | 1398 |
| 1397 if (ngx_quic_encrypt(c->pool, c->ssl->connection, &pkt, payload, &res) | 1399 // TODO: ensure header size + payload.len + crypto tail fits into packet |
| 1398 != NGX_OK) | 1400 // (i.e. limit payload while pushing frames to < 65k) |
| 1399 { | 1401 |
| 1402 res.data = buf; | |
| 1403 | |
| 1404 if (ngx_quic_encrypt(&pkt, c->ssl->connection, &res) != NGX_OK) { | |
| 1400 return NGX_ERROR; | 1405 return NGX_ERROR; |
| 1401 } | 1406 } |
| 1402 | 1407 |
| 1403 ngx_quic_hexdump0(c->log, "packet to send", res.data, res.len); | 1408 ngx_quic_hexdump0(c->log, "packet to send", res.data, res.len); |
| 1404 | 1409 |