Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8629:feec2cc762f6 quic
QUIC: got rid of the c->quic field.
Now QUIC connection is accessed via the c->udp field.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Tue, 10 Nov 2020 18:38:42 +0000 |
parents | 45db1b5c1706 |
children | 279ad36f2f4b |
comparison
equal
deleted
inserted
replaced
8628:45db1b5c1706 | 8629:feec2cc762f6 |
---|---|
113 ngx_uint_t send_ack; | 113 ngx_uint_t send_ack; |
114 } ngx_quic_send_ctx_t; | 114 } ngx_quic_send_ctx_t; |
115 | 115 |
116 | 116 |
117 struct ngx_quic_connection_s { | 117 struct ngx_quic_connection_s { |
118 ngx_udp_connection_t udp; | |
119 | |
118 uint32_t version; | 120 uint32_t version; |
119 ngx_str_t scid; /* initial client ID */ | 121 ngx_str_t scid; /* initial client ID */ |
120 ngx_str_t dcid; /* server (our own) ID */ | 122 ngx_str_t dcid; /* server (our own) ID */ |
121 ngx_str_t odcid; /* original server ID */ | 123 ngx_str_t odcid; /* original server ID */ |
122 ngx_str_t token; | 124 ngx_str_t token; |
596 u_char buf[NGX_MAX_ERROR_STR]; | 598 u_char buf[NGX_MAX_ERROR_STR]; |
597 | 599 |
598 p = buf; | 600 p = buf; |
599 last = p + sizeof(buf); | 601 last = p + sizeof(buf); |
600 | 602 |
601 qc = c->quic; | 603 qc = ngx_quic_get_connection(c); |
602 | 604 |
603 p = ngx_slprintf(p, last, "state:"); | 605 p = ngx_slprintf(p, last, "state:"); |
604 | 606 |
605 if (qc) { | 607 if (qc) { |
606 | 608 |
664 static int | 666 static int |
665 ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, | 667 ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
666 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, | 668 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
667 const uint8_t *rsecret, size_t secret_len) | 669 const uint8_t *rsecret, size_t secret_len) |
668 { | 670 { |
669 ngx_connection_t *c; | 671 ngx_connection_t *c; |
672 ngx_quic_connection_t *qc; | |
670 | 673 |
671 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); | 674 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
675 qc = ngx_quic_get_connection(c); | |
672 | 676 |
673 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 677 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
674 "quic ngx_quic_set_read_secret() level:%d", level); | 678 "quic ngx_quic_set_read_secret() level:%d", level); |
675 #ifdef NGX_QUIC_DEBUG_CRYPTO | 679 #ifdef NGX_QUIC_DEBUG_CRYPTO |
676 ngx_quic_hexdump(c->log, "quic read secret", rsecret, secret_len); | 680 ngx_quic_hexdump(c->log, "quic read secret", rsecret, secret_len); |
677 #endif | 681 #endif |
678 | 682 |
679 return ngx_quic_keys_set_encryption_secret(c->pool, 0, c->quic->keys, level, | 683 return ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, |
680 cipher, rsecret, secret_len); | 684 cipher, rsecret, secret_len); |
681 } | 685 } |
682 | 686 |
683 | 687 |
684 static int | 688 static int |
685 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, | 689 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
686 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, | 690 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
687 const uint8_t *wsecret, size_t secret_len) | 691 const uint8_t *wsecret, size_t secret_len) |
688 { | 692 { |
689 ngx_connection_t *c; | 693 ngx_connection_t *c; |
694 ngx_quic_connection_t *qc; | |
690 | 695 |
691 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); | 696 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
697 qc = ngx_quic_get_connection(c); | |
692 | 698 |
693 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 699 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
694 "quic ngx_quic_set_write_secret() level:%d", level); | 700 "quic ngx_quic_set_write_secret() level:%d", level); |
695 #ifdef NGX_QUIC_DEBUG_CRYPTO | 701 #ifdef NGX_QUIC_DEBUG_CRYPTO |
696 ngx_quic_hexdump(c->log, "quic write secret", wsecret, secret_len); | 702 ngx_quic_hexdump(c->log, "quic write secret", wsecret, secret_len); |
697 #endif | 703 #endif |
698 | 704 |
699 return ngx_quic_keys_set_encryption_secret(c->pool, 1, c->quic->keys, level, | 705 return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, |
700 cipher, wsecret, secret_len); | 706 cipher, wsecret, secret_len); |
701 } | 707 } |
702 | 708 |
703 #else | 709 #else |
704 | 710 |
705 static int | 711 static int |
706 ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, | 712 ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
707 enum ssl_encryption_level_t level, const uint8_t *rsecret, | 713 enum ssl_encryption_level_t level, const uint8_t *rsecret, |
708 const uint8_t *wsecret, size_t secret_len) | 714 const uint8_t *wsecret, size_t secret_len) |
709 { | 715 { |
710 ngx_connection_t *c; | 716 ngx_connection_t *c; |
711 const SSL_CIPHER *cipher; | 717 const SSL_CIPHER *cipher; |
718 ngx_quic_connection_t *qc; | |
712 | 719 |
713 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); | 720 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
721 qc = ngx_quic_get_connection(c); | |
714 | 722 |
715 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 723 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
716 "quic ngx_quic_set_encryption_secrets() level:%d", level); | 724 "quic ngx_quic_set_encryption_secrets() level:%d", level); |
717 #ifdef NGX_QUIC_DEBUG_CRYPTO | 725 #ifdef NGX_QUIC_DEBUG_CRYPTO |
718 ngx_quic_hexdump(c->log, "quic read secret", rsecret, secret_len); | 726 ngx_quic_hexdump(c->log, "quic read secret", rsecret, secret_len); |
719 #endif | 727 #endif |
720 | 728 |
721 cipher = SSL_get_current_cipher(ssl_conn); | 729 cipher = SSL_get_current_cipher(ssl_conn); |
722 | 730 |
723 if (ngx_quic_keys_set_encryption_secret(c->pool, 0, c->quic->keys, level, | 731 if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, |
724 cipher, rsecret, secret_len) | 732 cipher, rsecret, secret_len) |
725 != 1) | 733 != 1) |
726 { | 734 { |
727 return 0; | 735 return 0; |
728 } | 736 } |
733 | 741 |
734 #ifdef NGX_QUIC_DEBUG_CRYPTO | 742 #ifdef NGX_QUIC_DEBUG_CRYPTO |
735 ngx_quic_hexdump(c->log, "quic write secret", wsecret, secret_len); | 743 ngx_quic_hexdump(c->log, "quic write secret", wsecret, secret_len); |
736 #endif | 744 #endif |
737 | 745 |
738 return ngx_quic_keys_set_encryption_secret(c->pool, 1, c->quic->keys, level, | 746 return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, |
739 cipher, wsecret, secret_len); | 747 cipher, wsecret, secret_len); |
740 } | 748 } |
741 | 749 |
742 #endif | 750 #endif |
743 | 751 |
753 ngx_connection_t *c; | 761 ngx_connection_t *c; |
754 ngx_quic_connection_t *qc; | 762 ngx_quic_connection_t *qc; |
755 ngx_quic_frames_stream_t *fs; | 763 ngx_quic_frames_stream_t *fs; |
756 | 764 |
757 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); | 765 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
758 qc = c->quic; | 766 qc = ngx_quic_get_connection(c); |
759 | 767 |
760 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 768 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
761 "quic ngx_quic_add_handshake_data"); | 769 "quic ngx_quic_add_handshake_data"); |
762 | 770 |
763 if (!qc->client_tp_done) { | 771 if (!qc->client_tp_done) { |
920 | 928 |
921 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | 929 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
922 "quic ngx_quic_send_alert() lvl:%d alert:%d", | 930 "quic ngx_quic_send_alert() lvl:%d alert:%d", |
923 (int) level, (int) alert); | 931 (int) level, (int) alert); |
924 | 932 |
925 qc = c->quic; | 933 qc = ngx_quic_get_connection(c); |
926 if (qc == NULL) { | 934 if (qc == NULL) { |
927 return 1; | 935 return 1; |
928 } | 936 } |
929 | 937 |
930 qc->error_level = level; | 938 qc->error_level = level; |
942 | 950 |
943 | 951 |
944 void | 952 void |
945 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) | 953 ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) |
946 { | 954 { |
947 ngx_int_t rc; | 955 ngx_int_t rc; |
956 ngx_quic_connection_t *qc; | |
948 | 957 |
949 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); | 958 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); |
950 | 959 |
951 rc = ngx_quic_input(c, c->buffer, conf); | 960 rc = ngx_quic_input(c, c->buffer, conf); |
952 if (rc != NGX_OK) { | 961 if (rc != NGX_OK) { |
953 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); | 962 ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); |
954 return; | 963 return; |
955 } | 964 } |
956 | 965 |
957 ngx_add_timer(c->read, c->quic->in_retry ? NGX_QUIC_RETRY_TIMEOUT | 966 qc = ngx_quic_get_connection(c); |
958 : c->quic->tp.max_idle_timeout); | 967 |
968 ngx_add_timer(c->read, qc->in_retry ? NGX_QUIC_RETRY_TIMEOUT | |
969 : qc->tp.max_idle_timeout); | |
959 | 970 |
960 c->read->handler = ngx_quic_input_handler; | 971 c->read->handler = ngx_quic_input_handler; |
961 | 972 |
962 ngx_quic_connstate_dbg(c); | 973 ngx_quic_connstate_dbg(c); |
963 return; | 974 return; |
1172 ngx_uint_t i; | 1183 ngx_uint_t i; |
1173 ngx_queue_t *q; | 1184 ngx_queue_t *q; |
1174 ngx_quic_client_id_t *cid; | 1185 ngx_quic_client_id_t *cid; |
1175 ngx_quic_connection_t *qc; | 1186 ngx_quic_connection_t *qc; |
1176 | 1187 |
1177 qc = c->quic; | 1188 qc = ngx_quic_get_connection(c); |
1178 | 1189 |
1179 /* A stateless reset uses an entire UDP datagram */ | 1190 /* A stateless reset uses an entire UDP datagram */ |
1180 if (pkt->raw->start != pkt->data) { | 1191 if (pkt->raw->start != pkt->data) { |
1181 return NGX_DECLINED; | 1192 return NGX_DECLINED; |
1182 } | 1193 } |
1251 | 1262 |
1252 | 1263 |
1253 static ngx_int_t | 1264 static ngx_int_t |
1254 ngx_quic_send_retry(ngx_connection_t *c) | 1265 ngx_quic_send_retry(ngx_connection_t *c) |
1255 { | 1266 { |
1256 ssize_t len; | 1267 ssize_t len; |
1257 ngx_str_t res, token; | 1268 ngx_str_t res, token; |
1258 ngx_quic_header_t pkt; | 1269 ngx_quic_header_t pkt; |
1259 u_char buf[NGX_QUIC_RETRY_BUFFER_SIZE]; | 1270 ngx_quic_connection_t *qc; |
1271 u_char buf[NGX_QUIC_RETRY_BUFFER_SIZE]; | |
1272 | |
1273 qc = ngx_quic_get_connection(c); | |
1260 | 1274 |
1261 if (ngx_quic_new_token(c, &token) != NGX_OK) { | 1275 if (ngx_quic_new_token(c, &token) != NGX_OK) { |
1262 return NGX_ERROR; | 1276 return NGX_ERROR; |
1263 } | 1277 } |
1264 | 1278 |
1265 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | 1279 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); |
1266 pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_RETRY; | 1280 pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_RETRY; |
1267 pkt.version = c->quic->version; | 1281 pkt.version = qc->version; |
1268 pkt.log = c->log; | 1282 pkt.log = c->log; |
1269 pkt.odcid = c->quic->odcid; | 1283 pkt.odcid = qc->odcid; |
1270 pkt.dcid = c->quic->scid; | 1284 pkt.dcid = qc->scid; |
1271 pkt.scid = c->quic->dcid; | 1285 pkt.scid = qc->dcid; |
1272 pkt.token = token; | 1286 pkt.token = token; |
1273 | 1287 |
1274 res.data = buf; | 1288 res.data = buf; |
1275 | 1289 |
1276 if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) { | 1290 if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) { |
1284 len = c->send(c, res.data, res.len); | 1298 len = c->send(c, res.data, res.len); |
1285 if (len == NGX_ERROR || (size_t) len != res.len) { | 1299 if (len == NGX_ERROR || (size_t) len != res.len) { |
1286 return NGX_ERROR; | 1300 return NGX_ERROR; |
1287 } | 1301 } |
1288 | 1302 |
1289 c->quic->token = token; | 1303 qc->token = token; |
1290 #if (NGX_QUIC_DRAFT_VERSION < 28) | 1304 #if (NGX_QUIC_DRAFT_VERSION < 28) |
1291 c->quic->tp.original_dcid = c->quic->odcid; | 1305 qc->tp.original_dcid = qc->odcid; |
1292 #endif | 1306 #endif |
1293 c->quic->tp.retry_scid = c->quic->dcid; | 1307 qc->tp.retry_scid = qc->dcid; |
1294 c->quic->in_retry = 1; | 1308 qc->in_retry = 1; |
1295 | 1309 |
1296 if (ngx_quic_insert_server_id(c, &c->quic->dcid) == NULL) { | 1310 if (ngx_quic_insert_server_id(c, &qc->dcid) == NULL) { |
1297 return NGX_ERROR; | 1311 return NGX_ERROR; |
1298 } | 1312 } |
1299 | 1313 |
1300 return NGX_OK; | 1314 return NGX_OK; |
1301 } | 1315 } |
1302 | 1316 |
1303 | 1317 |
1304 static ngx_int_t | 1318 static ngx_int_t |
1305 ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token) | 1319 ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token) |
1306 { | 1320 { |
1307 int len, iv_len; | 1321 int len, iv_len; |
1308 u_char *data, *p, *key, *iv; | 1322 u_char *data, *p, *key, *iv; |
1309 ngx_msec_t now; | 1323 ngx_msec_t now; |
1310 EVP_CIPHER_CTX *ctx; | 1324 EVP_CIPHER_CTX *ctx; |
1311 const EVP_CIPHER *cipher; | 1325 const EVP_CIPHER *cipher; |
1312 struct sockaddr_in *sin; | 1326 struct sockaddr_in *sin; |
1313 #if (NGX_HAVE_INET6) | 1327 #if (NGX_HAVE_INET6) |
1314 struct sockaddr_in6 *sin6; | 1328 struct sockaddr_in6 *sin6; |
1315 #endif | 1329 #endif |
1316 u_char in[NGX_QUIC_MAX_TOKEN_SIZE]; | 1330 ngx_quic_connection_t *qc; |
1331 u_char in[NGX_QUIC_MAX_TOKEN_SIZE]; | |
1317 | 1332 |
1318 switch (c->sockaddr->sa_family) { | 1333 switch (c->sockaddr->sa_family) { |
1319 | 1334 |
1320 #if (NGX_HAVE_INET6) | 1335 #if (NGX_HAVE_INET6) |
1321 case AF_INET6: | 1336 case AF_INET6: |
1363 ctx = EVP_CIPHER_CTX_new(); | 1378 ctx = EVP_CIPHER_CTX_new(); |
1364 if (ctx == NULL) { | 1379 if (ctx == NULL) { |
1365 return NGX_ERROR; | 1380 return NGX_ERROR; |
1366 } | 1381 } |
1367 | 1382 |
1368 key = c->quic->conf->token_key; | 1383 qc = ngx_quic_get_connection(c); |
1384 key = qc->conf->token_key; | |
1369 iv = token->data; | 1385 iv = token->data; |
1370 | 1386 |
1371 if (RAND_bytes(iv, iv_len) <= 0 | 1387 if (RAND_bytes(iv, iv_len) <= 0 |
1372 || !EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv)) | 1388 || !EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv)) |
1373 { | 1389 { |
1414 struct sockaddr_in6 *sin6; | 1430 struct sockaddr_in6 *sin6; |
1415 #endif | 1431 #endif |
1416 ngx_quic_connection_t *qc; | 1432 ngx_quic_connection_t *qc; |
1417 u_char tdec[NGX_QUIC_MAX_TOKEN_SIZE]; | 1433 u_char tdec[NGX_QUIC_MAX_TOKEN_SIZE]; |
1418 | 1434 |
1419 qc = c->quic; | 1435 qc = ngx_quic_get_connection(c); |
1420 | 1436 |
1421 /* Retry token */ | 1437 /* Retry token */ |
1422 | 1438 |
1423 if (qc->token.len) { | 1439 if (qc->token.len) { |
1424 if (pkt->token.len != qc->token.len) { | 1440 if (pkt->token.len != qc->token.len) { |
1433 } | 1449 } |
1434 | 1450 |
1435 /* NEW_TOKEN in a previous connection */ | 1451 /* NEW_TOKEN in a previous connection */ |
1436 | 1452 |
1437 cipher = EVP_aes_256_cbc(); | 1453 cipher = EVP_aes_256_cbc(); |
1438 key = c->quic->conf->token_key; | 1454 key = qc->conf->token_key; |
1439 iv = pkt->token.data; | 1455 iv = pkt->token.data; |
1440 iv_len = EVP_CIPHER_iv_length(cipher); | 1456 iv_len = EVP_CIPHER_iv_length(cipher); |
1441 | 1457 |
1442 /* sanity checks */ | 1458 /* sanity checks */ |
1443 | 1459 |
1535 size_t clen; | 1551 size_t clen; |
1536 ssize_t len; | 1552 ssize_t len; |
1537 ngx_ssl_conn_t *ssl_conn; | 1553 ngx_ssl_conn_t *ssl_conn; |
1538 ngx_quic_connection_t *qc; | 1554 ngx_quic_connection_t *qc; |
1539 | 1555 |
1540 qc = c->quic; | 1556 qc = ngx_quic_get_connection(c); |
1541 | 1557 |
1542 if (ngx_ssl_create_connection(qc->conf->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { | 1558 if (ngx_ssl_create_connection(qc->conf->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { |
1543 return NGX_ERROR; | 1559 return NGX_ERROR; |
1544 } | 1560 } |
1545 | 1561 |
1638 b.end = buf + sizeof(buf); | 1654 b.end = buf + sizeof(buf); |
1639 b.pos = b.last = b.start; | 1655 b.pos = b.last = b.start; |
1640 b.memory = 1; | 1656 b.memory = 1; |
1641 | 1657 |
1642 c = rev->data; | 1658 c = rev->data; |
1643 qc = c->quic; | 1659 qc = ngx_quic_get_connection(c); |
1644 | 1660 |
1645 c->log->action = "handling quic input"; | 1661 c->log->action = "handling quic input"; |
1646 | 1662 |
1647 if (rev->timedout) { | 1663 if (rev->timedout) { |
1648 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, | 1664 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, |
1706 | 1722 |
1707 | 1723 |
1708 static void | 1724 static void |
1709 ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) | 1725 ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) |
1710 { | 1726 { |
1711 ngx_pool_t *pool; | 1727 ngx_pool_t *pool; |
1728 ngx_quic_connection_t *qc; | |
1712 | 1729 |
1713 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1730 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1714 "quic ngx_quic_close_connection rc:%i", rc); | 1731 "quic ngx_quic_close_connection rc:%i", rc); |
1715 | 1732 |
1716 if (!c->quic) { | 1733 qc = ngx_quic_get_connection(c); |
1734 | |
1735 if (qc == NULL) { | |
1717 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1736 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1718 "quic close connection early error"); | 1737 "quic close connection early error"); |
1719 | 1738 |
1720 } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { | 1739 } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { |
1721 return; | 1740 return; |
1750 ngx_queue_t *q; | 1769 ngx_queue_t *q; |
1751 ngx_quic_send_ctx_t *ctx; | 1770 ngx_quic_send_ctx_t *ctx; |
1752 ngx_quic_server_id_t *sid; | 1771 ngx_quic_server_id_t *sid; |
1753 ngx_quic_connection_t *qc; | 1772 ngx_quic_connection_t *qc; |
1754 | 1773 |
1755 qc = c->quic; | 1774 qc = ngx_quic_get_connection(c); |
1756 | 1775 |
1757 if (!qc->closing) { | 1776 if (!qc->closing) { |
1758 | 1777 |
1759 /* drop packets from retransmit queues, no ack is expected */ | 1778 /* drop packets from retransmit queues, no ack is expected */ |
1760 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { | 1779 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
1871 | 1890 |
1872 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1891 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1873 "quic part of connection is terminated"); | 1892 "quic part of connection is terminated"); |
1874 | 1893 |
1875 /* may be tested from SSL callback during SSL shutdown */ | 1894 /* may be tested from SSL callback during SSL shutdown */ |
1876 c->quic = NULL; | 1895 c->udp = NULL; |
1877 | 1896 |
1878 return NGX_OK; | 1897 return NGX_OK; |
1879 } | 1898 } |
1880 | 1899 |
1881 | 1900 |
1883 ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, | 1902 ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, |
1884 const char *reason) | 1903 const char *reason) |
1885 { | 1904 { |
1886 ngx_quic_connection_t *qc; | 1905 ngx_quic_connection_t *qc; |
1887 | 1906 |
1888 qc = c->quic; | 1907 qc = ngx_quic_get_connection(c); |
1889 qc->error = err; | 1908 qc->error = err; |
1890 qc->error_reason = reason; | 1909 qc->error_reason = reason; |
1891 qc->error_app = 1; | 1910 qc->error_app = 1; |
1892 qc->error_ftype = 0; | 1911 qc->error_ftype = 0; |
1893 | 1912 |
1962 | 1981 |
1963 | 1982 |
1964 static ngx_int_t | 1983 static ngx_int_t |
1965 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) | 1984 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) |
1966 { | 1985 { |
1967 u_char *p; | 1986 u_char *p; |
1968 ngx_int_t rc; | 1987 ngx_int_t rc; |
1969 ngx_uint_t good; | 1988 ngx_uint_t good; |
1970 ngx_quic_header_t pkt; | 1989 ngx_quic_header_t pkt; |
1990 ngx_quic_connection_t *qc; | |
1971 | 1991 |
1972 good = 0; | 1992 good = 0; |
1973 | 1993 |
1974 p = b->pos; | 1994 p = b->pos; |
1975 | 1995 |
1981 pkt.len = b->last - p; | 2001 pkt.len = b->last - p; |
1982 pkt.log = c->log; | 2002 pkt.log = c->log; |
1983 pkt.flags = p[0]; | 2003 pkt.flags = p[0]; |
1984 pkt.raw->pos++; | 2004 pkt.raw->pos++; |
1985 | 2005 |
1986 if (c->quic) { | 2006 qc = ngx_quic_get_connection(c); |
1987 c->quic->error = 0; | 2007 if (qc) { |
1988 c->quic->error_reason = 0; | 2008 qc->error = 0; |
2009 qc->error_reason = 0; | |
1989 } | 2010 } |
1990 | 2011 |
1991 rc = ngx_quic_process_packet(c, conf, &pkt); | 2012 rc = ngx_quic_process_packet(c, conf, &pkt); |
1992 | 2013 |
1993 #if (NGX_DEBUG) | 2014 #if (NGX_DEBUG) |
2064 | 2085 |
2065 pkt->parsed = 1; | 2086 pkt->parsed = 1; |
2066 | 2087 |
2067 c->log->action = "processing quic packet"; | 2088 c->log->action = "processing quic packet"; |
2068 | 2089 |
2069 qc = c->quic; | 2090 qc = ngx_quic_get_connection(c); |
2070 | 2091 |
2071 #if (NGX_DEBUG) | 2092 #if (NGX_DEBUG) |
2072 ngx_quic_hexdump(c->log, "quic packet rx dcid", | 2093 ngx_quic_hexdump(c->log, "quic packet rx dcid", |
2073 pkt->dcid.data, pkt->dcid.len); | 2094 pkt->dcid.data, pkt->dcid.len); |
2074 | 2095 |
2182 qc = ngx_quic_new_connection(c, conf, pkt); | 2203 qc = ngx_quic_new_connection(c, conf, pkt); |
2183 if (qc == NULL) { | 2204 if (qc == NULL) { |
2184 return NGX_ERROR; | 2205 return NGX_ERROR; |
2185 } | 2206 } |
2186 | 2207 |
2187 c->quic = qc; | 2208 c->udp = &qc->udp; |
2188 | 2209 |
2189 if (ngx_terminate || ngx_exiting) { | 2210 if (ngx_terminate || ngx_exiting) { |
2190 qc->error = NGX_QUIC_ERR_CONNECTION_REFUSED; | 2211 qc->error = NGX_QUIC_ERR_CONNECTION_REFUSED; |
2191 return NGX_ERROR; | 2212 return NGX_ERROR; |
2192 } | 2213 } |
2269 */ | 2290 */ |
2270 ngx_quic_discard_ctx(c, ssl_encryption_initial); | 2291 ngx_quic_discard_ctx(c, ssl_encryption_initial); |
2271 | 2292 |
2272 if (qc->validated == 0) { | 2293 if (qc->validated == 0) { |
2273 qc->validated = 1; | 2294 qc->validated = 1; |
2274 ngx_post_event(&c->quic->push, &ngx_posted_events); | 2295 ngx_post_event(&qc->push, &ngx_posted_events); |
2275 } | 2296 } |
2276 } | 2297 } |
2277 | 2298 |
2278 pkt->received = ngx_current_msec; | 2299 pkt->received = ngx_current_msec; |
2279 | 2300 |
2304 static ngx_int_t | 2325 static ngx_int_t |
2305 ngx_quic_init_secrets(ngx_connection_t *c) | 2326 ngx_quic_init_secrets(ngx_connection_t *c) |
2306 { | 2327 { |
2307 ngx_quic_connection_t *qc; | 2328 ngx_quic_connection_t *qc; |
2308 | 2329 |
2309 qc = c->quic; | 2330 qc = ngx_quic_get_connection(c); |
2310 | 2331 |
2311 if (ngx_quic_keys_set_initial_secret(c->pool, qc->keys, &qc->odcid) | 2332 if (ngx_quic_keys_set_initial_secret(c->pool, qc->keys, &qc->odcid) |
2312 != NGX_OK) | 2333 != NGX_OK) |
2313 { | 2334 { |
2314 return NGX_ERROR; | 2335 return NGX_ERROR; |
2326 ngx_queue_t *q; | 2347 ngx_queue_t *q; |
2327 ngx_quic_frame_t *f; | 2348 ngx_quic_frame_t *f; |
2328 ngx_quic_send_ctx_t *ctx; | 2349 ngx_quic_send_ctx_t *ctx; |
2329 ngx_quic_connection_t *qc; | 2350 ngx_quic_connection_t *qc; |
2330 | 2351 |
2331 qc = c->quic; | 2352 qc = ngx_quic_get_connection(c); |
2332 | 2353 |
2333 if (!ngx_quic_keys_available(qc->keys, level)) { | 2354 if (!ngx_quic_keys_available(qc->keys, level)) { |
2334 return; | 2355 return; |
2335 } | 2356 } |
2336 | 2357 |
2401 ssize_t len; | 2422 ssize_t len; |
2402 ngx_uint_t do_close; | 2423 ngx_uint_t do_close; |
2403 ngx_quic_frame_t frame; | 2424 ngx_quic_frame_t frame; |
2404 ngx_quic_connection_t *qc; | 2425 ngx_quic_connection_t *qc; |
2405 | 2426 |
2406 qc = c->quic; | 2427 qc = ngx_quic_get_connection(c); |
2407 | 2428 |
2408 if (qc->closing) { | 2429 if (qc->closing) { |
2409 /* | 2430 /* |
2410 * 10.1 Closing and Draining Connection States | 2431 * 10.1 Closing and Draining Connection States |
2411 * ... delayed or reordered packets are properly discarded. | 2432 * ... delayed or reordered packets are properly discarded. |
2640 | 2661 |
2641 | 2662 |
2642 static ngx_int_t | 2663 static ngx_int_t |
2643 ngx_quic_ack_packet(ngx_connection_t *c, ngx_quic_header_t *pkt) | 2664 ngx_quic_ack_packet(ngx_connection_t *c, ngx_quic_header_t *pkt) |
2644 { | 2665 { |
2645 uint64_t base, largest, smallest, gs, ge, gap, range, pn; | 2666 uint64_t base, largest, smallest, gs, ge, gap, range, pn; |
2646 uint64_t prev_pending; | 2667 uint64_t prev_pending; |
2647 ngx_uint_t i, nr; | 2668 ngx_uint_t i, nr; |
2648 ngx_quic_send_ctx_t *ctx; | 2669 ngx_quic_send_ctx_t *ctx; |
2649 ngx_quic_ack_range_t *r; | 2670 ngx_quic_ack_range_t *r; |
2671 ngx_quic_connection_t *qc; | |
2650 | 2672 |
2651 c->log->action = "preparing ack"; | 2673 c->log->action = "preparing ack"; |
2652 | 2674 |
2653 ctx = ngx_quic_get_send_ctx(c->quic, pkt->level); | 2675 qc = ngx_quic_get_connection(c); |
2676 | |
2677 ctx = ngx_quic_get_send_ctx(qc, pkt->level); | |
2654 | 2678 |
2655 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, | 2679 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, |
2656 "quic ngx_quic_ack_packet pn:%uL largest %L fr:%uL" | 2680 "quic ngx_quic_ack_packet pn:%uL largest %L fr:%uL" |
2657 " nranges:%ui", pkt->pn, (int64_t) ctx->largest_range, | 2681 " nranges:%ui", pkt->pn, (int64_t) ctx->largest_range, |
2658 ctx->first_range, ctx->nranges); | 2682 ctx->first_range, ctx->nranges); |
2659 | 2683 |
2660 prev_pending = ctx->pending_ack; | 2684 prev_pending = ctx->pending_ack; |
2661 | 2685 |
2662 if (pkt->need_ack) { | 2686 if (pkt->need_ack) { |
2663 | 2687 |
2664 ngx_post_event(&c->quic->push, &ngx_posted_events); | 2688 ngx_post_event(&qc->push, &ngx_posted_events); |
2665 | 2689 |
2666 if (ctx->send_ack == 0) { | 2690 if (ctx->send_ack == 0) { |
2667 ctx->ack_delay_start = ngx_current_msec; | 2691 ctx->ack_delay_start = ngx_current_msec; |
2668 } | 2692 } |
2669 | 2693 |
2955 | 2979 |
2956 | 2980 |
2957 static ngx_int_t | 2981 static ngx_int_t |
2958 ngx_quic_send_ack(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) | 2982 ngx_quic_send_ack(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) |
2959 { | 2983 { |
2960 u_char *p; | 2984 u_char *p; |
2961 size_t ranges_len; | 2985 size_t ranges_len; |
2962 uint64_t ack_delay; | 2986 uint64_t ack_delay; |
2963 ngx_uint_t i; | 2987 ngx_uint_t i; |
2964 ngx_quic_frame_t *frame; | 2988 ngx_quic_frame_t *frame; |
2989 ngx_quic_connection_t *qc; | |
2990 | |
2991 qc = ngx_quic_get_connection(c); | |
2965 | 2992 |
2966 if (ctx->level == ssl_encryption_application) { | 2993 if (ctx->level == ssl_encryption_application) { |
2967 ack_delay = ngx_current_msec - ctx->largest_received; | 2994 ack_delay = ngx_current_msec - ctx->largest_received; |
2968 ack_delay *= 1000; | 2995 ack_delay *= 1000; |
2969 ack_delay >>= c->quic->ctp.ack_delay_exponent; | 2996 ack_delay >>= qc->ctp.ack_delay_exponent; |
2970 | 2997 |
2971 } else { | 2998 } else { |
2972 ack_delay = 0; | 2999 ack_delay = 0; |
2973 } | 3000 } |
2974 | 3001 |
2998 frame->u.ack.range_count = ctx->nranges; | 3025 frame->u.ack.range_count = ctx->nranges; |
2999 frame->u.ack.first_range = ctx->first_range; | 3026 frame->u.ack.first_range = ctx->first_range; |
3000 frame->u.ack.ranges_start = frame->data; | 3027 frame->u.ack.ranges_start = frame->data; |
3001 frame->u.ack.ranges_end = frame->data + ranges_len; | 3028 frame->u.ack.ranges_end = frame->data + ranges_len; |
3002 | 3029 |
3003 ngx_quic_queue_frame(c->quic, frame); | 3030 ngx_quic_queue_frame(qc, frame); |
3004 | 3031 |
3005 return NGX_OK; | 3032 return NGX_OK; |
3006 } | 3033 } |
3007 | 3034 |
3008 | 3035 |
3010 ngx_quic_send_cc(ngx_connection_t *c) | 3037 ngx_quic_send_cc(ngx_connection_t *c) |
3011 { | 3038 { |
3012 ngx_quic_frame_t *frame; | 3039 ngx_quic_frame_t *frame; |
3013 ngx_quic_connection_t *qc; | 3040 ngx_quic_connection_t *qc; |
3014 | 3041 |
3015 qc = c->quic; | 3042 qc = ngx_quic_get_connection(c); |
3016 | 3043 |
3017 if (qc->draining) { | 3044 if (qc->draining) { |
3018 return NGX_OK; | 3045 return NGX_OK; |
3019 } | 3046 } |
3020 | 3047 |
3046 if (qc->error_reason) { | 3073 if (qc->error_reason) { |
3047 frame->u.close.reason.len = ngx_strlen(qc->error_reason); | 3074 frame->u.close.reason.len = ngx_strlen(qc->error_reason); |
3048 frame->u.close.reason.data = (u_char *) qc->error_reason; | 3075 frame->u.close.reason.data = (u_char *) qc->error_reason; |
3049 } | 3076 } |
3050 | 3077 |
3051 ngx_quic_queue_frame(c->quic, frame); | 3078 ngx_quic_queue_frame(qc, frame); |
3052 | 3079 |
3053 qc->last_cc = ngx_current_msec; | 3080 qc->last_cc = ngx_current_msec; |
3054 | 3081 |
3055 return ngx_quic_output(c); | 3082 return ngx_quic_output(c); |
3056 } | 3083 } |
3057 | 3084 |
3058 | 3085 |
3059 static ngx_int_t | 3086 static ngx_int_t |
3060 ngx_quic_send_new_token(ngx_connection_t *c) | 3087 ngx_quic_send_new_token(ngx_connection_t *c) |
3061 { | 3088 { |
3062 ngx_str_t token; | 3089 ngx_str_t token; |
3063 ngx_quic_frame_t *frame; | 3090 ngx_quic_frame_t *frame; |
3064 | 3091 ngx_quic_connection_t *qc; |
3065 if (!c->quic->conf->retry) { | 3092 |
3093 qc = ngx_quic_get_connection(c); | |
3094 | |
3095 if (!qc->conf->retry) { | |
3066 return NGX_OK; | 3096 return NGX_OK; |
3067 } | 3097 } |
3068 | 3098 |
3069 if (ngx_quic_new_token(c, &token) != NGX_OK) { | 3099 if (ngx_quic_new_token(c, &token) != NGX_OK) { |
3070 return NGX_ERROR; | 3100 return NGX_ERROR; |
3078 frame->level = ssl_encryption_application; | 3108 frame->level = ssl_encryption_application; |
3079 frame->type = NGX_QUIC_FT_NEW_TOKEN; | 3109 frame->type = NGX_QUIC_FT_NEW_TOKEN; |
3080 frame->u.token.length = token.len; | 3110 frame->u.token.length = token.len; |
3081 frame->u.token.data = token.data; | 3111 frame->u.token.data = token.data; |
3082 | 3112 |
3083 ngx_quic_queue_frame(c->quic, frame); | 3113 ngx_quic_queue_frame(qc, frame); |
3084 | 3114 |
3085 return NGX_OK; | 3115 return NGX_OK; |
3086 } | 3116 } |
3087 | 3117 |
3088 | 3118 |
3096 ngx_msec_t send_time; | 3126 ngx_msec_t send_time; |
3097 ngx_uint_t i; | 3127 ngx_uint_t i; |
3098 ngx_quic_send_ctx_t *ctx; | 3128 ngx_quic_send_ctx_t *ctx; |
3099 ngx_quic_connection_t *qc; | 3129 ngx_quic_connection_t *qc; |
3100 | 3130 |
3101 qc = c->quic; | 3131 qc = ngx_quic_get_connection(c); |
3102 | 3132 |
3103 ctx = ngx_quic_get_send_ctx(qc, pkt->level); | 3133 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
3104 | 3134 |
3105 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 3135 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
3106 "quic ngx_quic_handle_ack_frame level:%d", pkt->level); | 3136 "quic ngx_quic_handle_ack_frame level:%d", pkt->level); |
3194 ngx_uint_t found; | 3224 ngx_uint_t found; |
3195 ngx_queue_t *q; | 3225 ngx_queue_t *q; |
3196 ngx_quic_frame_t *f; | 3226 ngx_quic_frame_t *f; |
3197 ngx_quic_connection_t *qc; | 3227 ngx_quic_connection_t *qc; |
3198 | 3228 |
3199 qc = c->quic; | 3229 qc = ngx_quic_get_connection(c); |
3200 | 3230 |
3201 *send_time = NGX_TIMER_INFINITE; | 3231 *send_time = NGX_TIMER_INFINITE; |
3202 found = 0; | 3232 found = 0; |
3203 found_num = 0; | 3233 found_num = 0; |
3204 | 3234 |
3273 enum ssl_encryption_level_t level, ngx_msec_t send_time) | 3303 enum ssl_encryption_level_t level, ngx_msec_t send_time) |
3274 { | 3304 { |
3275 ngx_msec_t latest_rtt, ack_delay, adjusted_rtt, rttvar_sample; | 3305 ngx_msec_t latest_rtt, ack_delay, adjusted_rtt, rttvar_sample; |
3276 ngx_quic_connection_t *qc; | 3306 ngx_quic_connection_t *qc; |
3277 | 3307 |
3278 qc = c->quic; | 3308 qc = ngx_quic_get_connection(c); |
3279 | 3309 |
3280 latest_rtt = ngx_current_msec - send_time; | 3310 latest_rtt = ngx_current_msec - send_time; |
3281 qc->latest_rtt = latest_rtt; | 3311 qc->latest_rtt = latest_rtt; |
3282 | 3312 |
3283 if (qc->min_rtt == NGX_TIMER_INFINITE) { | 3313 if (qc->min_rtt == NGX_TIMER_INFINITE) { |
3318 ngx_quic_pto(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) | 3348 ngx_quic_pto(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) |
3319 { | 3349 { |
3320 ngx_msec_t duration; | 3350 ngx_msec_t duration; |
3321 ngx_quic_connection_t *qc; | 3351 ngx_quic_connection_t *qc; |
3322 | 3352 |
3323 qc = c->quic; | 3353 qc = ngx_quic_get_connection(c); |
3324 | 3354 |
3325 /* PTO calculation: quic-recovery, Appendix 8 */ | 3355 /* PTO calculation: quic-recovery, Appendix 8 */ |
3326 duration = qc->avg_rtt; | 3356 duration = qc->avg_rtt; |
3327 | 3357 |
3328 duration += ngx_max(4 * qc->rttvar, NGX_QUIC_TIME_GRANULARITY); | 3358 duration += ngx_max(4 * qc->rttvar, NGX_QUIC_TIME_GRANULARITY); |
3348 uint64_t sent, unacked; | 3378 uint64_t sent, unacked; |
3349 ngx_event_t *wev; | 3379 ngx_event_t *wev; |
3350 ngx_quic_stream_t *sn; | 3380 ngx_quic_stream_t *sn; |
3351 ngx_quic_connection_t *qc; | 3381 ngx_quic_connection_t *qc; |
3352 | 3382 |
3353 qc = c->quic; | 3383 qc = ngx_quic_get_connection(c); |
3354 | 3384 |
3355 sn = ngx_quic_find_stream(&qc->streams.tree, f->u.stream.stream_id); | 3385 sn = ngx_quic_find_stream(&qc->streams.tree, f->u.stream.stream_id); |
3356 if (sn == NULL) { | 3386 if (sn == NULL) { |
3357 return; | 3387 return; |
3358 } | 3388 } |
3586 ngx_quic_send_ctx_t *ctx; | 3616 ngx_quic_send_ctx_t *ctx; |
3587 ngx_quic_connection_t *qc; | 3617 ngx_quic_connection_t *qc; |
3588 ngx_quic_crypto_frame_t *f; | 3618 ngx_quic_crypto_frame_t *f; |
3589 ngx_quic_frames_stream_t *fs; | 3619 ngx_quic_frames_stream_t *fs; |
3590 | 3620 |
3591 qc = c->quic; | 3621 qc = ngx_quic_get_connection(c); |
3592 fs = &qc->crypto[pkt->level]; | 3622 fs = &qc->crypto[pkt->level]; |
3593 f = &frame->u.crypto; | 3623 f = &frame->u.crypto; |
3594 | 3624 |
3595 /* no overflow since both values are 62-bit */ | 3625 /* no overflow since both values are 62-bit */ |
3596 last = f->offset + f->length; | 3626 last = f->offset + f->length; |
3597 | 3627 |
3598 if (last > fs->received && last - fs->received > NGX_QUIC_MAX_BUFFERED) { | 3628 if (last > fs->received && last - fs->received > NGX_QUIC_MAX_BUFFERED) { |
3599 c->quic->error = NGX_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED; | 3629 qc->error = NGX_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED; |
3600 return NGX_ERROR; | 3630 return NGX_ERROR; |
3601 } | 3631 } |
3602 | 3632 |
3603 rc = ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_crypto_input, | 3633 rc = ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_crypto_input, |
3604 NULL); | 3634 NULL); |
3623 static ngx_int_t | 3653 static ngx_int_t |
3624 ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) | 3654 ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) |
3625 { | 3655 { |
3626 int n, sslerr; | 3656 int n, sslerr; |
3627 ngx_ssl_conn_t *ssl_conn; | 3657 ngx_ssl_conn_t *ssl_conn; |
3658 ngx_quic_connection_t *qc; | |
3628 ngx_quic_crypto_frame_t *f; | 3659 ngx_quic_crypto_frame_t *f; |
3660 | |
3661 qc = ngx_quic_get_connection(c); | |
3629 | 3662 |
3630 f = &frame->u.crypto; | 3663 f = &frame->u.crypto; |
3631 | 3664 |
3632 ssl_conn = c->ssl->connection; | 3665 ssl_conn = c->ssl->connection; |
3633 | 3666 |
3686 } | 3719 } |
3687 | 3720 |
3688 /* 12.4 Frames and frame types, figure 8 */ | 3721 /* 12.4 Frames and frame types, figure 8 */ |
3689 frame->level = ssl_encryption_application; | 3722 frame->level = ssl_encryption_application; |
3690 frame->type = NGX_QUIC_FT_HANDSHAKE_DONE; | 3723 frame->type = NGX_QUIC_FT_HANDSHAKE_DONE; |
3691 ngx_quic_queue_frame(c->quic, frame); | 3724 ngx_quic_queue_frame(qc, frame); |
3692 | 3725 |
3693 if (ngx_quic_send_new_token(c) != NGX_OK) { | 3726 if (ngx_quic_send_new_token(c) != NGX_OK) { |
3694 return NGX_ERROR; | 3727 return NGX_ERROR; |
3695 } | 3728 } |
3696 | 3729 |
3697 /* | 3730 /* |
3698 * Generating next keys before a key update is received. | 3731 * Generating next keys before a key update is received. |
3699 * See quic-tls 9.4 Header Protection Timing Side-Channels. | 3732 * See quic-tls 9.4 Header Protection Timing Side-Channels. |
3700 */ | 3733 */ |
3701 | 3734 |
3702 if (ngx_quic_keys_update(c, c->quic->keys) != NGX_OK) { | 3735 if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) { |
3703 return NGX_ERROR; | 3736 return NGX_ERROR; |
3704 } | 3737 } |
3705 | 3738 |
3706 /* | 3739 /* |
3707 * 4.10.2 An endpoint MUST discard its handshake keys | 3740 * 4.10.2 An endpoint MUST discard its handshake keys |
3729 ngx_quic_stream_t *sn; | 3762 ngx_quic_stream_t *sn; |
3730 ngx_quic_connection_t *qc; | 3763 ngx_quic_connection_t *qc; |
3731 ngx_quic_stream_frame_t *f; | 3764 ngx_quic_stream_frame_t *f; |
3732 ngx_quic_frames_stream_t *fs; | 3765 ngx_quic_frames_stream_t *fs; |
3733 | 3766 |
3734 qc = c->quic; | 3767 qc = ngx_quic_get_connection(c); |
3735 f = &frame->u.stream; | 3768 f = &frame->u.stream; |
3736 | 3769 |
3737 if ((f->stream_id & NGX_QUIC_STREAM_UNIDIRECTIONAL) | 3770 if ((f->stream_id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
3738 && (f->stream_id & NGX_QUIC_STREAM_SERVER_INITIATED)) | 3771 && (f->stream_id & NGX_QUIC_STREAM_SERVER_INITIATED)) |
3739 { | 3772 { |
3761 fs = &sn->fs; | 3794 fs = &sn->fs; |
3762 b = sn->b; | 3795 b = sn->b; |
3763 window = b->end - b->last; | 3796 window = b->end - b->last; |
3764 | 3797 |
3765 if (last > window) { | 3798 if (last > window) { |
3766 c->quic->error = NGX_QUIC_ERR_FLOW_CONTROL_ERROR; | 3799 qc->error = NGX_QUIC_ERR_FLOW_CONTROL_ERROR; |
3767 goto cleanup; | 3800 goto cleanup; |
3768 } | 3801 } |
3769 | 3802 |
3770 if (ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, | 3803 if (ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, |
3771 sn) | 3804 sn) |
3782 fs = &sn->fs; | 3815 fs = &sn->fs; |
3783 b = sn->b; | 3816 b = sn->b; |
3784 window = (b->pos - b->start) + (b->end - b->last); | 3817 window = (b->pos - b->start) + (b->end - b->last); |
3785 | 3818 |
3786 if (last > fs->received && last - fs->received > window) { | 3819 if (last > fs->received && last - fs->received > window) { |
3787 c->quic->error = NGX_QUIC_ERR_FLOW_CONTROL_ERROR; | 3820 qc->error = NGX_QUIC_ERR_FLOW_CONTROL_ERROR; |
3788 return NGX_ERROR; | 3821 return NGX_ERROR; |
3789 } | 3822 } |
3790 | 3823 |
3791 return ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, | 3824 return ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, |
3792 sn); | 3825 sn); |
3810 ngx_event_t *rev; | 3843 ngx_event_t *rev; |
3811 ngx_quic_stream_t *sn; | 3844 ngx_quic_stream_t *sn; |
3812 ngx_quic_connection_t *qc; | 3845 ngx_quic_connection_t *qc; |
3813 ngx_quic_stream_frame_t *f; | 3846 ngx_quic_stream_frame_t *f; |
3814 | 3847 |
3815 qc = c->quic; | 3848 qc = ngx_quic_get_connection(c); |
3816 sn = data; | 3849 sn = data; |
3817 | 3850 |
3818 f = &frame->u.stream; | 3851 f = &frame->u.stream; |
3819 id = f->stream_id; | 3852 id = f->stream_id; |
3820 | 3853 |
3861 ngx_rbtree_t *tree; | 3894 ngx_rbtree_t *tree; |
3862 ngx_rbtree_node_t *node; | 3895 ngx_rbtree_node_t *node; |
3863 ngx_quic_stream_t *qs; | 3896 ngx_quic_stream_t *qs; |
3864 ngx_quic_connection_t *qc; | 3897 ngx_quic_connection_t *qc; |
3865 | 3898 |
3866 qc = c->quic; | 3899 qc = ngx_quic_get_connection(c); |
3867 tree = &qc->streams.tree; | 3900 tree = &qc->streams.tree; |
3868 | 3901 |
3869 if (f->max_data <= qc->streams.send_max_data) { | 3902 if (f->max_data <= qc->streams.send_max_data) { |
3870 return NGX_OK; | 3903 return NGX_OK; |
3871 } | 3904 } |
3908 ngx_buf_t *b; | 3941 ngx_buf_t *b; |
3909 ngx_quic_frame_t *frame; | 3942 ngx_quic_frame_t *frame; |
3910 ngx_quic_stream_t *sn; | 3943 ngx_quic_stream_t *sn; |
3911 ngx_quic_connection_t *qc; | 3944 ngx_quic_connection_t *qc; |
3912 | 3945 |
3913 qc = c->quic; | 3946 qc = ngx_quic_get_connection(c); |
3914 | 3947 |
3915 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) | 3948 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
3916 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) | 3949 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) |
3917 { | 3950 { |
3918 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; | 3951 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
3950 frame->level = pkt->level; | 3983 frame->level = pkt->level; |
3951 frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; | 3984 frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; |
3952 frame->u.max_stream_data.id = f->id; | 3985 frame->u.max_stream_data.id = f->id; |
3953 frame->u.max_stream_data.limit = n; | 3986 frame->u.max_stream_data.limit = n; |
3954 | 3987 |
3955 ngx_quic_queue_frame(c->quic, frame); | 3988 ngx_quic_queue_frame(qc, frame); |
3956 | 3989 |
3957 return NGX_OK; | 3990 return NGX_OK; |
3958 } | 3991 } |
3959 | 3992 |
3960 | 3993 |
3965 uint64_t sent; | 3998 uint64_t sent; |
3966 ngx_event_t *wev; | 3999 ngx_event_t *wev; |
3967 ngx_quic_stream_t *sn; | 4000 ngx_quic_stream_t *sn; |
3968 ngx_quic_connection_t *qc; | 4001 ngx_quic_connection_t *qc; |
3969 | 4002 |
3970 qc = c->quic; | 4003 qc = ngx_quic_get_connection(c); |
3971 | 4004 |
3972 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) | 4005 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
3973 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) | 4006 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) |
3974 { | 4007 { |
3975 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; | 4008 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
4026 ngx_event_t *rev; | 4059 ngx_event_t *rev; |
4027 ngx_connection_t *sc; | 4060 ngx_connection_t *sc; |
4028 ngx_quic_stream_t *sn; | 4061 ngx_quic_stream_t *sn; |
4029 ngx_quic_connection_t *qc; | 4062 ngx_quic_connection_t *qc; |
4030 | 4063 |
4031 qc = c->quic; | 4064 qc = ngx_quic_get_connection(c); |
4032 | 4065 |
4033 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) | 4066 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
4034 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) | 4067 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) |
4035 { | 4068 { |
4036 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; | 4069 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
4080 ngx_event_t *wev; | 4113 ngx_event_t *wev; |
4081 ngx_connection_t *sc; | 4114 ngx_connection_t *sc; |
4082 ngx_quic_stream_t *sn; | 4115 ngx_quic_stream_t *sn; |
4083 ngx_quic_connection_t *qc; | 4116 ngx_quic_connection_t *qc; |
4084 | 4117 |
4085 qc = c->quic; | 4118 qc = ngx_quic_get_connection(c); |
4086 | 4119 |
4087 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) | 4120 if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) |
4088 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) | 4121 && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) |
4089 { | 4122 { |
4090 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; | 4123 qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; |
4131 ngx_quic_handle_max_streams_frame(ngx_connection_t *c, | 4164 ngx_quic_handle_max_streams_frame(ngx_connection_t *c, |
4132 ngx_quic_header_t *pkt, ngx_quic_max_streams_frame_t *f) | 4165 ngx_quic_header_t *pkt, ngx_quic_max_streams_frame_t *f) |
4133 { | 4166 { |
4134 ngx_quic_connection_t *qc; | 4167 ngx_quic_connection_t *qc; |
4135 | 4168 |
4136 qc = c->quic; | 4169 qc = ngx_quic_get_connection(c); |
4137 | 4170 |
4138 if (f->bidi) { | 4171 if (f->bidi) { |
4139 if (qc->streams.server_max_streams_bidi < f->limit) { | 4172 if (qc->streams.server_max_streams_bidi < f->limit) { |
4140 qc->streams.server_max_streams_bidi = f->limit; | 4173 qc->streams.server_max_streams_bidi = f->limit; |
4141 | 4174 |
4158 | 4191 |
4159 static ngx_int_t | 4192 static ngx_int_t |
4160 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, | 4193 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, |
4161 ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f) | 4194 ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f) |
4162 { | 4195 { |
4163 ngx_quic_frame_t *frame; | 4196 ngx_quic_frame_t *frame; |
4197 ngx_quic_connection_t *qc; | |
4198 | |
4199 qc = ngx_quic_get_connection(c); | |
4164 | 4200 |
4165 frame = ngx_quic_alloc_frame(c, 0); | 4201 frame = ngx_quic_alloc_frame(c, 0); |
4166 if (frame == NULL) { | 4202 if (frame == NULL) { |
4167 return NGX_ERROR; | 4203 return NGX_ERROR; |
4168 } | 4204 } |
4169 | 4205 |
4170 frame->level = pkt->level; | 4206 frame->level = pkt->level; |
4171 frame->type = NGX_QUIC_FT_PATH_RESPONSE; | 4207 frame->type = NGX_QUIC_FT_PATH_RESPONSE; |
4172 frame->u.path_response = *f; | 4208 frame->u.path_response = *f; |
4173 | 4209 |
4174 ngx_quic_queue_frame(c->quic, frame); | 4210 ngx_quic_queue_frame(qc, frame); |
4175 | 4211 |
4176 return NGX_OK; | 4212 return NGX_OK; |
4177 } | 4213 } |
4178 | 4214 |
4179 | 4215 |
4183 { | 4219 { |
4184 ngx_queue_t *q; | 4220 ngx_queue_t *q; |
4185 ngx_quic_client_id_t *cid, *item; | 4221 ngx_quic_client_id_t *cid, *item; |
4186 ngx_quic_connection_t *qc; | 4222 ngx_quic_connection_t *qc; |
4187 | 4223 |
4188 qc = c->quic; | 4224 qc = ngx_quic_get_connection(c); |
4189 | 4225 |
4190 if (f->seqnum < qc->max_retired_seqnum) { | 4226 if (f->seqnum < qc->max_retired_seqnum) { |
4191 /* | 4227 /* |
4192 * An endpoint that receives a NEW_CONNECTION_ID frame with | 4228 * An endpoint that receives a NEW_CONNECTION_ID frame with |
4193 * a sequence number smaller than the Retire Prior To field | 4229 * a sequence number smaller than the Retire Prior To field |
4321 | 4357 |
4322 static ngx_int_t | 4358 static ngx_int_t |
4323 ngx_quic_retire_connection_id(ngx_connection_t *c, | 4359 ngx_quic_retire_connection_id(ngx_connection_t *c, |
4324 enum ssl_encryption_level_t level, uint64_t seqnum) | 4360 enum ssl_encryption_level_t level, uint64_t seqnum) |
4325 { | 4361 { |
4326 ngx_quic_frame_t *frame; | 4362 ngx_quic_frame_t *frame; |
4363 ngx_quic_connection_t *qc; | |
4364 | |
4365 qc = ngx_quic_get_connection(c); | |
4327 | 4366 |
4328 frame = ngx_quic_alloc_frame(c, 0); | 4367 frame = ngx_quic_alloc_frame(c, 0); |
4329 if (frame == NULL) { | 4368 if (frame == NULL) { |
4330 return NGX_ERROR; | 4369 return NGX_ERROR; |
4331 } | 4370 } |
4332 | 4371 |
4333 frame->level = level; | 4372 frame->level = level; |
4334 frame->type = NGX_QUIC_FT_RETIRE_CONNECTION_ID; | 4373 frame->type = NGX_QUIC_FT_RETIRE_CONNECTION_ID; |
4335 frame->u.retire_cid.sequence_number = seqnum; | 4374 frame->u.retire_cid.sequence_number = seqnum; |
4336 | 4375 |
4337 ngx_quic_queue_frame(c->quic, frame); | 4376 ngx_quic_queue_frame(qc, frame); |
4338 | 4377 |
4339 return NGX_OK; | 4378 return NGX_OK; |
4340 } | 4379 } |
4341 | 4380 |
4342 | 4381 |
4346 { | 4385 { |
4347 ngx_queue_t *q; | 4386 ngx_queue_t *q; |
4348 ngx_quic_server_id_t *sid; | 4387 ngx_quic_server_id_t *sid; |
4349 ngx_quic_connection_t *qc; | 4388 ngx_quic_connection_t *qc; |
4350 | 4389 |
4351 qc = c->quic; | 4390 qc = ngx_quic_get_connection(c); |
4352 | 4391 |
4353 for (q = ngx_queue_head(&qc->server_ids); | 4392 for (q = ngx_queue_head(&qc->server_ids); |
4354 q != ngx_queue_sentinel(&qc->server_ids); | 4393 q != ngx_queue_sentinel(&qc->server_ids); |
4355 q = ngx_queue_next(q)) | 4394 q = ngx_queue_next(q)) |
4356 { | 4395 { |
4357 sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); | 4396 sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); |
4358 | 4397 |
4359 if (sid->seqnum == f->sequence_number) { | 4398 if (sid->seqnum == f->sequence_number) { |
4360 ngx_queue_remove(q); | 4399 ngx_queue_remove(q); |
4400 ngx_queue_insert_tail(&qc->free_server_ids, &sid->queue); | |
4361 ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); | 4401 ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); |
4362 qc->nserver_ids--; | 4402 qc->nserver_ids--; |
4363 | |
4364 if (c->udp != &sid->udp) { | |
4365 ngx_queue_insert_tail(&qc->free_server_ids, &sid->queue); | |
4366 } | |
4367 | |
4368 break; | 4403 break; |
4369 } | 4404 } |
4370 } | 4405 } |
4371 | 4406 |
4372 return ngx_quic_issue_server_ids(c); | 4407 return ngx_quic_issue_server_ids(c); |
4381 ngx_quic_frame_t *frame; | 4416 ngx_quic_frame_t *frame; |
4382 ngx_quic_server_id_t *sid; | 4417 ngx_quic_server_id_t *sid; |
4383 ngx_quic_connection_t *qc; | 4418 ngx_quic_connection_t *qc; |
4384 u_char id[NGX_QUIC_SERVER_CID_LEN]; | 4419 u_char id[NGX_QUIC_SERVER_CID_LEN]; |
4385 | 4420 |
4386 qc = c->quic; | 4421 qc = ngx_quic_get_connection(c); |
4387 | 4422 |
4388 n = ngx_min(NGX_QUIC_MAX_SERVER_IDS, qc->ctp.active_connection_id_limit); | 4423 n = ngx_min(NGX_QUIC_MAX_SERVER_IDS, qc->ctp.active_connection_id_limit); |
4389 | 4424 |
4390 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | 4425 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4391 "quic issue server ids has:%ui max:%ui", qc->nserver_ids, n); | 4426 "quic issue server ids has:%ui max:%ui", qc->nserver_ids, n); |
4420 != NGX_OK) | 4455 != NGX_OK) |
4421 { | 4456 { |
4422 return NGX_ERROR; | 4457 return NGX_ERROR; |
4423 } | 4458 } |
4424 | 4459 |
4425 ngx_quic_queue_frame(c->quic, frame); | 4460 ngx_quic_queue_frame(qc, frame); |
4426 } | 4461 } |
4427 | 4462 |
4428 return NGX_OK; | 4463 return NGX_OK; |
4429 } | 4464 } |
4430 | 4465 |
4434 { | 4469 { |
4435 ngx_queue_t *q, *next; | 4470 ngx_queue_t *q, *next; |
4436 ngx_quic_server_id_t *sid; | 4471 ngx_quic_server_id_t *sid; |
4437 ngx_quic_connection_t *qc; | 4472 ngx_quic_connection_t *qc; |
4438 | 4473 |
4439 qc = c->quic; | 4474 qc = ngx_quic_get_connection(c); |
4440 | 4475 |
4441 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | 4476 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4442 "quic clear temp server ids"); | 4477 "quic clear temp server ids"); |
4443 | 4478 |
4444 for (q = ngx_queue_head(&qc->server_ids); | 4479 for (q = ngx_queue_head(&qc->server_ids); |
4451 if (sid->seqnum != NGX_QUIC_UNSET_PN) { | 4486 if (sid->seqnum != NGX_QUIC_UNSET_PN) { |
4452 continue; | 4487 continue; |
4453 } | 4488 } |
4454 | 4489 |
4455 ngx_queue_remove(q); | 4490 ngx_queue_remove(q); |
4491 ngx_queue_insert_tail(&qc->free_server_ids, &sid->queue); | |
4456 ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); | 4492 ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); |
4457 qc->nserver_ids--; | 4493 qc->nserver_ids--; |
4458 | |
4459 if (c->udp != &sid->udp) { | |
4460 ngx_queue_insert_tail(&qc->free_server_ids, &sid->queue); | |
4461 } | |
4462 } | 4494 } |
4463 } | 4495 } |
4464 | 4496 |
4465 | 4497 |
4466 static ngx_quic_server_id_t * | 4498 static ngx_quic_server_id_t * |
4468 { | 4500 { |
4469 ngx_str_t dcid; | 4501 ngx_str_t dcid; |
4470 ngx_quic_server_id_t *sid; | 4502 ngx_quic_server_id_t *sid; |
4471 ngx_quic_connection_t *qc; | 4503 ngx_quic_connection_t *qc; |
4472 | 4504 |
4473 qc = c->quic; | 4505 qc = ngx_quic_get_connection(c); |
4474 | 4506 |
4475 sid = ngx_quic_alloc_server_id(c, qc); | 4507 sid = ngx_quic_alloc_server_id(c, qc); |
4476 if (sid == NULL) { | 4508 if (sid == NULL) { |
4477 return NULL; | 4509 return NULL; |
4478 } | 4510 } |
4491 | 4523 |
4492 dcid.data = sid->id; | 4524 dcid.data = sid->id; |
4493 dcid.len = sid->len; | 4525 dcid.len = sid->len; |
4494 | 4526 |
4495 ngx_insert_udp_connection(c, &sid->udp, &dcid); | 4527 ngx_insert_udp_connection(c, &sid->udp, &dcid); |
4496 | |
4497 if (c->udp == NULL) { | |
4498 c->udp = &sid->udp; | |
4499 } | |
4500 | 4528 |
4501 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 4529 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4502 "quic insert server id seqnum:%uL", sid->seqnum); | 4530 "quic insert server id seqnum:%uL", sid->seqnum); |
4503 | 4531 |
4504 ngx_quic_hexdump(c->log, "quic server id", id->data, id->len); | 4532 ngx_quic_hexdump(c->log, "quic server id", id->data, id->len); |
4589 ngx_quic_send_ctx_t *ctx; | 4617 ngx_quic_send_ctx_t *ctx; |
4590 ngx_quic_connection_t *qc; | 4618 ngx_quic_connection_t *qc; |
4591 | 4619 |
4592 c->log->action = "sending frames"; | 4620 c->log->action = "sending frames"; |
4593 | 4621 |
4594 qc = c->quic; | 4622 qc = ngx_quic_get_connection(c); |
4595 | 4623 |
4596 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { | 4624 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
4597 | 4625 |
4598 ctx = &qc->send_ctx[i]; | 4626 ctx = &qc->send_ctx[i]; |
4599 | 4627 |
4644 ngx_queue_t *q, range; | 4672 ngx_queue_t *q, range; |
4645 ngx_quic_frame_t *f; | 4673 ngx_quic_frame_t *f; |
4646 ngx_quic_congestion_t *cg; | 4674 ngx_quic_congestion_t *cg; |
4647 ngx_quic_connection_t *qc; | 4675 ngx_quic_connection_t *qc; |
4648 | 4676 |
4649 qc = c->quic; | 4677 qc = ngx_quic_get_connection(c); |
4650 cg = &qc->congestion; | 4678 cg = &qc->congestion; |
4651 | 4679 |
4652 if (ngx_queue_empty(&ctx->frames)) { | 4680 if (ngx_queue_empty(&ctx->frames)) { |
4653 return NGX_OK; | 4681 return NGX_OK; |
4654 } | 4682 } |
4806 f->plen = 0; | 4834 f->plen = 0; |
4807 } | 4835 } |
4808 | 4836 |
4809 out.len = p - out.data; | 4837 out.len = p - out.data; |
4810 | 4838 |
4811 qc = c->quic; | 4839 qc = ngx_quic_get_connection(c); |
4812 | 4840 |
4813 pkt.keys = qc->keys; | 4841 pkt.keys = qc->keys; |
4814 | 4842 |
4815 pkt.flags = NGX_QUIC_PKT_FIXED_BIT; | 4843 pkt.flags = NGX_QUIC_PKT_FIXED_BIT; |
4816 | 4844 |
4819 | 4847 |
4820 } else if (start->level == ssl_encryption_handshake) { | 4848 } else if (start->level == ssl_encryption_handshake) { |
4821 pkt.flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_HANDSHAKE; | 4849 pkt.flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_HANDSHAKE; |
4822 | 4850 |
4823 } else { | 4851 } else { |
4824 if (c->quic->key_phase) { | 4852 if (qc->key_phase) { |
4825 pkt.flags |= NGX_QUIC_PKT_KPHASE; | 4853 pkt.flags |= NGX_QUIC_PKT_KPHASE; |
4826 } | 4854 } |
4827 } | 4855 } |
4828 | 4856 |
4829 ngx_quic_set_packet_number(&pkt, ctx); | 4857 ngx_quic_set_packet_number(&pkt, ctx); |
4944 ngx_quic_connection_t *qc; | 4972 ngx_quic_connection_t *qc; |
4945 | 4973 |
4946 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic pto timer"); | 4974 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic pto timer"); |
4947 | 4975 |
4948 c = ev->data; | 4976 c = ev->data; |
4949 qc = c->quic; | 4977 qc = ngx_quic_get_connection(c); |
4950 | 4978 |
4951 qc->pto_count++; | 4979 qc->pto_count++; |
4952 | 4980 |
4953 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { | 4981 for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { |
4954 | 4982 |
4967 continue; | 4995 continue; |
4968 } | 4996 } |
4969 | 4997 |
4970 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, | 4998 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4971 "quic pto pnum:%uL pto_count:%ui level:%d", | 4999 "quic pto pnum:%uL pto_count:%ui level:%d", |
4972 start->pnum, c->quic->pto_count, start->level); | 5000 start->pnum, qc->pto_count, start->level); |
4973 | 5001 |
4974 ngx_quic_resend_frames(c, ctx); | 5002 ngx_quic_resend_frames(c, ctx); |
4975 } | 5003 } |
4976 | 5004 |
4977 ngx_quic_connstate_dbg(c); | 5005 ngx_quic_connstate_dbg(c); |
5021 ngx_queue_t *q; | 5049 ngx_queue_t *q; |
5022 ngx_quic_frame_t *start; | 5050 ngx_quic_frame_t *start; |
5023 ngx_quic_send_ctx_t *ctx; | 5051 ngx_quic_send_ctx_t *ctx; |
5024 ngx_quic_connection_t *qc; | 5052 ngx_quic_connection_t *qc; |
5025 | 5053 |
5026 qc = c->quic; | 5054 qc = ngx_quic_get_connection(c); |
5027 now = ngx_current_msec; | 5055 now = ngx_current_msec; |
5028 | 5056 |
5029 min_wait = 0; | 5057 min_wait = 0; |
5030 | 5058 |
5031 thr = NGX_QUIC_TIME_THR * ngx_max(qc->latest_rtt, qc->avg_rtt); | 5059 thr = NGX_QUIC_TIME_THR * ngx_max(qc->latest_rtt, qc->avg_rtt); |
5096 ngx_queue_t *q; | 5124 ngx_queue_t *q; |
5097 ngx_quic_frame_t *f, *start; | 5125 ngx_quic_frame_t *f, *start; |
5098 ngx_quic_stream_t *sn; | 5126 ngx_quic_stream_t *sn; |
5099 ngx_quic_connection_t *qc; | 5127 ngx_quic_connection_t *qc; |
5100 | 5128 |
5101 qc = c->quic; | 5129 qc = ngx_quic_get_connection(c); |
5102 q = ngx_queue_head(&ctx->sent); | 5130 q = ngx_queue_head(&ctx->sent); |
5103 start = ngx_queue_data(q, ngx_quic_frame_t, queue); | 5131 start = ngx_queue_data(q, ngx_quic_frame_t, queue); |
5104 | 5132 |
5105 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 5133 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
5106 "quic resend packet pnum:%uL", start->pnum); | 5134 "quic resend packet pnum:%uL", start->pnum); |
5202 uint64_t id; | 5230 uint64_t id; |
5203 ngx_quic_stream_t *qs, *sn; | 5231 ngx_quic_stream_t *qs, *sn; |
5204 ngx_quic_connection_t *qc; | 5232 ngx_quic_connection_t *qc; |
5205 | 5233 |
5206 qs = c->qs; | 5234 qs = c->qs; |
5207 qc = qs->parent->quic; | 5235 qc = ngx_quic_get_connection(qs->parent); |
5208 | 5236 |
5209 if (bidi) { | 5237 if (bidi) { |
5210 if (qc->streams.server_streams_bidi | 5238 if (qc->streams.server_streams_bidi |
5211 >= qc->streams.server_max_streams_bidi) | 5239 >= qc->streams.server_max_streams_bidi) |
5212 { | 5240 { |
5321 ngx_quic_connection_t *qc; | 5349 ngx_quic_connection_t *qc; |
5322 | 5350 |
5323 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 5351 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
5324 "quic stream id:0x%xL is new", id); | 5352 "quic stream id:0x%xL is new", id); |
5325 | 5353 |
5326 qc = c->quic; | 5354 qc = ngx_quic_get_connection(c); |
5327 | 5355 |
5328 if (id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { | 5356 if (id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { |
5329 | 5357 |
5330 if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { | 5358 if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { |
5331 if ((id >> 2) < qc->streams.server_streams_uni) { | 5359 if ((id >> 2) < qc->streams.server_streams_uni) { |
5412 ngx_quic_connection_t *qc; | 5440 ngx_quic_connection_t *qc; |
5413 | 5441 |
5414 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 5442 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
5415 "quic stream id:0x%xL create", id); | 5443 "quic stream id:0x%xL create", id); |
5416 | 5444 |
5417 qc = c->quic; | 5445 qc = ngx_quic_get_connection(c); |
5418 | 5446 |
5419 pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); | 5447 pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); |
5420 if (pool == NULL) { | 5448 if (pool == NULL) { |
5421 return NULL; | 5449 return NULL; |
5422 } | 5450 } |
5501 } | 5529 } |
5502 | 5530 |
5503 cln->handler = ngx_quic_stream_cleanup_handler; | 5531 cln->handler = ngx_quic_stream_cleanup_handler; |
5504 cln->data = sn->c; | 5532 cln->data = sn->c; |
5505 | 5533 |
5506 ngx_rbtree_insert(&c->quic->streams.tree, &sn->node); | 5534 ngx_rbtree_insert(&qc->streams.tree, &sn->node); |
5507 | 5535 |
5508 return sn; | 5536 return sn; |
5509 } | 5537 } |
5510 | 5538 |
5511 | 5539 |
5521 ngx_quic_connection_t *qc; | 5549 ngx_quic_connection_t *qc; |
5522 | 5550 |
5523 qs = c->qs; | 5551 qs = c->qs; |
5524 b = qs->b; | 5552 b = qs->b; |
5525 pc = qs->parent; | 5553 pc = qs->parent; |
5526 qc = pc->quic; | 5554 qc = ngx_quic_get_connection(pc); |
5527 rev = c->read; | 5555 rev = c->read; |
5528 | 5556 |
5529 if (rev->error) { | 5557 if (rev->error) { |
5530 return NGX_ERROR; | 5558 return NGX_ERROR; |
5531 } | 5559 } |
5574 frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; | 5602 frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; |
5575 frame->u.max_stream_data.id = qs->id; | 5603 frame->u.max_stream_data.id = qs->id; |
5576 frame->u.max_stream_data.limit = qs->fs.received + (b->pos - b->start) | 5604 frame->u.max_stream_data.limit = qs->fs.received + (b->pos - b->start) |
5577 + (b->end - b->last); | 5605 + (b->end - b->last); |
5578 | 5606 |
5579 ngx_quic_queue_frame(pc->quic, frame); | 5607 ngx_quic_queue_frame(qc, frame); |
5580 } | 5608 } |
5581 | 5609 |
5582 if ((qc->streams.recv_max_data / 2) < qc->streams.received) { | 5610 if ((qc->streams.recv_max_data / 2) < qc->streams.received) { |
5583 | 5611 |
5584 frame = ngx_quic_alloc_frame(pc, 0); | 5612 frame = ngx_quic_alloc_frame(pc, 0); |
5591 | 5619 |
5592 frame->level = ssl_encryption_application; | 5620 frame->level = ssl_encryption_application; |
5593 frame->type = NGX_QUIC_FT_MAX_DATA; | 5621 frame->type = NGX_QUIC_FT_MAX_DATA; |
5594 frame->u.max_data.max_data = qc->streams.recv_max_data; | 5622 frame->u.max_data.max_data = qc->streams.recv_max_data; |
5595 | 5623 |
5596 ngx_quic_queue_frame(pc->quic, frame); | 5624 ngx_quic_queue_frame(qc, frame); |
5597 | 5625 |
5598 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | 5626 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
5599 "quic stream id:0x%xL recv: increased max_data:%uL", | 5627 "quic stream id:0x%xL recv: increased max_data:%uL", |
5600 qs->id, qc->streams.recv_max_data); | 5628 qs->id, qc->streams.recv_max_data); |
5601 } | 5629 } |
5650 ngx_quic_stream_t *qs; | 5678 ngx_quic_stream_t *qs; |
5651 ngx_quic_connection_t *qc; | 5679 ngx_quic_connection_t *qc; |
5652 | 5680 |
5653 qs = c->qs; | 5681 qs = c->qs; |
5654 pc = qs->parent; | 5682 pc = qs->parent; |
5655 qc = pc->quic; | 5683 qc = ngx_quic_get_connection(pc); |
5656 wev = c->write; | 5684 wev = c->write; |
5657 | 5685 |
5658 if (wev->error) { | 5686 if (wev->error) { |
5659 return NGX_CHAIN_ERROR; | 5687 return NGX_CHAIN_ERROR; |
5660 } | 5688 } |
5768 uint64_t sent, unacked; | 5796 uint64_t sent, unacked; |
5769 ngx_quic_stream_t *qs; | 5797 ngx_quic_stream_t *qs; |
5770 ngx_quic_connection_t *qc; | 5798 ngx_quic_connection_t *qc; |
5771 | 5799 |
5772 qs = c->qs; | 5800 qs = c->qs; |
5773 qc = qs->parent->quic; | 5801 qc = ngx_quic_get_connection(qs->parent); |
5774 | 5802 |
5775 size = NGX_QUIC_STREAM_BUFSIZE; | 5803 size = NGX_QUIC_STREAM_BUFSIZE; |
5776 sent = c->sent; | 5804 sent = c->sent; |
5777 unacked = sent - qs->acked; | 5805 unacked = sent - qs->acked; |
5778 | 5806 |
5827 ngx_quic_stream_t *qs; | 5855 ngx_quic_stream_t *qs; |
5828 ngx_quic_connection_t *qc; | 5856 ngx_quic_connection_t *qc; |
5829 | 5857 |
5830 qs = c->qs; | 5858 qs = c->qs; |
5831 pc = qs->parent; | 5859 pc = qs->parent; |
5832 qc = pc->quic; | 5860 qc = ngx_quic_get_connection(pc); |
5833 | 5861 |
5834 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | 5862 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
5835 "quic stream id:0x%xL cleanup", qs->id); | 5863 "quic stream id:0x%xL cleanup", qs->id); |
5836 | 5864 |
5837 ngx_rbtree_delete(&qc->streams.tree, &qs->node); | 5865 ngx_rbtree_delete(&qc->streams.tree, &qs->node); |
5929 | 5957 |
5930 } else { | 5958 } else { |
5931 p = NULL; | 5959 p = NULL; |
5932 } | 5960 } |
5933 | 5961 |
5934 qc = c->quic; | 5962 qc = ngx_quic_get_connection(c); |
5935 | 5963 |
5936 if (!ngx_queue_empty(&qc->free_frames)) { | 5964 if (!ngx_queue_empty(&qc->free_frames)) { |
5937 | 5965 |
5938 q = ngx_queue_head(&qc->free_frames); | 5966 q = ngx_queue_head(&qc->free_frames); |
5939 frame = ngx_queue_data(q, ngx_quic_frame_t, queue); | 5967 frame = ngx_queue_data(q, ngx_quic_frame_t, queue); |
5979 | 6007 |
5980 if (f->plen == 0) { | 6008 if (f->plen == 0) { |
5981 return; | 6009 return; |
5982 } | 6010 } |
5983 | 6011 |
5984 qc = c->quic; | 6012 qc = ngx_quic_get_connection(c); |
5985 cg = &qc->congestion; | 6013 cg = &qc->congestion; |
5986 | 6014 |
5987 cg->in_flight -= f->plen; | 6015 cg->in_flight -= f->plen; |
5988 | 6016 |
5989 timer = f->last - cg->recovery_start; | 6017 timer = f->last - cg->recovery_start; |
6030 | 6058 |
6031 if (f->plen == 0) { | 6059 if (f->plen == 0) { |
6032 return; | 6060 return; |
6033 } | 6061 } |
6034 | 6062 |
6035 qc = c->quic; | 6063 qc = ngx_quic_get_connection(c); |
6036 cg = &qc->congestion; | 6064 cg = &qc->congestion; |
6037 | 6065 |
6038 cg->in_flight -= f->plen; | 6066 cg->in_flight -= f->plen; |
6039 f->plen = 0; | 6067 f->plen = 0; |
6040 | 6068 |
6066 static void | 6094 static void |
6067 ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame) | 6095 ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame) |
6068 { | 6096 { |
6069 ngx_quic_connection_t *qc; | 6097 ngx_quic_connection_t *qc; |
6070 | 6098 |
6071 qc = c->quic; | 6099 qc = ngx_quic_get_connection(c); |
6072 | 6100 |
6073 if (frame->data) { | 6101 if (frame->data) { |
6074 ngx_free(frame->data); | 6102 ngx_free(frame->data); |
6075 frame->data = NULL; | 6103 frame->data = NULL; |
6076 } | 6104 } |
6085 | 6113 |
6086 | 6114 |
6087 uint32_t | 6115 uint32_t |
6088 ngx_quic_version(ngx_connection_t *c) | 6116 ngx_quic_version(ngx_connection_t *c) |
6089 { | 6117 { |
6090 uint32_t version; | 6118 uint32_t version; |
6091 | 6119 ngx_quic_connection_t *qc; |
6092 version = c->quic->version; | 6120 |
6121 qc = ngx_quic_get_connection(c); | |
6122 | |
6123 version = qc->version; | |
6093 | 6124 |
6094 return (version & 0xff000000) == 0xff000000 ? version & 0xff : version; | 6125 return (version & 0xff000000) == 0xff000000 ? version & 0xff : version; |
6095 } | 6126 } |