Mercurial > hg > nginx
diff src/event/ngx_event_quic.c @ 8361:336d527ca031 quic
Error messages cleanup.
+ added "quic" prefix to all error messages
+ rephrased some messages
+ removed excessive error logging from frame parser
+ added ngx_quic_check_peer() function to check proper source/destination
match and do it one place
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Fri, 24 Apr 2020 14:38:49 +0300 |
| parents | f175006124d0 |
| children | 44cac24aaa44 |
line wrap: on
line diff
--- a/src/event/ngx_event_quic.c +++ b/src/event/ngx_event_quic.c @@ -158,6 +158,8 @@ static ngx_int_t ngx_quic_handshake_inpu ngx_quic_header_t *pkt); static ngx_int_t ngx_quic_early_input(ngx_connection_t *c, ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_check_peer(ngx_quic_connection_t *qc, + ngx_quic_header_t *pkt); static ngx_int_t ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt); static ngx_int_t ngx_quic_payload_handler(ngx_connection_t *c, @@ -385,7 +387,7 @@ ngx_quic_add_handshake_data(ngx_ssl_conn || qc->ctp.max_packet_size > NGX_QUIC_DEFAULT_MAX_PACKET_SIZE) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "maximum packet size is invalid"); + "quic maximum packet size is invalid"); return NGX_ERROR; } @@ -519,7 +521,8 @@ ngx_quic_new_connection(ngx_connection_t static u_char buf[NGX_QUIC_DEFAULT_MAX_PACKET_SIZE]; if (ngx_buf_size(pkt->raw) < NGX_QUIC_MIN_INITIAL_SIZE) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "too small UDP datagram"); + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic UDP datagram is too small for initial packet"); return NGX_ERROR; } @@ -529,7 +532,7 @@ ngx_quic_new_connection(ngx_connection_t if (!ngx_quic_pkt_in(pkt->flags)) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "invalid initial packet: 0x%xi", pkt->flags); + "quic invalid initial packet: 0x%xi", pkt->flags); return NGX_ERROR; } @@ -657,7 +660,7 @@ ngx_quic_init_connection(ngx_connection_ if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "SSL_set_quic_method() failed"); + "quic SSL_set_quic_method() failed"); return NGX_ERROR; } @@ -686,7 +689,7 @@ ngx_quic_init_connection(ngx_connection_ if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "SSL_set_quic_transport_params() failed"); + "quic SSL_set_quic_transport_params() failed"); return NGX_ERROR; } @@ -738,7 +741,8 @@ ngx_quic_input_handler(ngx_event_t *rev) ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); if (rev->timedout) { - ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); + ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, + "quic client timed out"); ngx_quic_close_connection(c, NGX_DONE); return; } @@ -1003,7 +1007,9 @@ ngx_quic_input(ngx_connection_t *c, ngx_ if (pkt.flags == 0) { /* XXX: no idea WTF is this, just ignore */ - ngx_log_error(NGX_LOG_ALERT, c->log, 0, "FIREFOX: ZEROES"); + ngx_log_error(NGX_LOG_ALERT, c->log, 0, + "quic packet with zero flags, presumably" + " firefox padding, ignored"); break; } @@ -1021,7 +1027,7 @@ ngx_quic_input(ngx_connection_t *c, ngx_ } else { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "BUG: unknown quic state"); + "quic unknown long packet type"); return NGX_ERROR; } @@ -1110,7 +1116,7 @@ ngx_quic_handshake_input(ngx_connection_ if (keys->client.key.len == 0) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "no read keys yet, packet ignored"); + "quic no read keys yet, packet ignored"); return NGX_DECLINED; } @@ -1119,29 +1125,13 @@ ngx_quic_handshake_input(ngx_connection_ return NGX_ERROR; } - if (pkt->dcid.len != qc->dcid.len) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcidl"); - return NGX_ERROR; - } - - if (ngx_memcmp(pkt->dcid.data, qc->dcid.data, qc->dcid.len) != 0) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcid"); - return NGX_ERROR; - } - - if (pkt->scid.len != qc->scid.len) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scidl"); - return NGX_ERROR; - } - - if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scid"); + if (ngx_quic_check_peer(qc, pkt) != NGX_OK) { return NGX_ERROR; } if (!ngx_quic_pkt_hs(pkt->flags)) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "invalid packet type: 0x%xi", pkt->flags); + "quic invalid packet type: 0x%xi", pkt->flags); return NGX_ERROR; } @@ -1180,29 +1170,13 @@ ngx_quic_early_input(ngx_connection_t *c return NGX_ERROR; } - if (pkt->dcid.len != qc->dcid.len) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcidl"); - return NGX_ERROR; - } - - if (ngx_memcmp(pkt->dcid.data, qc->dcid.data, qc->dcid.len) != 0) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcid"); - return NGX_ERROR; - } - - if (pkt->scid.len != qc->scid.len) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scidl"); - return NGX_ERROR; - } - - if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scid"); + if (ngx_quic_check_peer(qc, pkt) != NGX_OK) { return NGX_ERROR; } if (!ngx_quic_pkt_zrtt(pkt->flags)) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "invalid packet type: 0x%xi", pkt->flags); + "quic invalid packet type: 0x%xi", pkt->flags); return NGX_ERROR; } @@ -1211,7 +1185,7 @@ ngx_quic_early_input(ngx_connection_t *c } if (c->quic->state != NGX_QUIC_ST_EARLY_DATA) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected 0-RTT packet"); + ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic unexpected 0-RTT packet"); return NGX_OK; } @@ -1232,6 +1206,33 @@ ngx_quic_early_input(ngx_connection_t *c static ngx_int_t +ngx_quic_check_peer(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) +{ + if (pkt->dcid.len != qc->dcid.len) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic dcidl"); + return NGX_ERROR; + } + + if (ngx_memcmp(pkt->dcid.data, qc->dcid.data, qc->dcid.len) != 0) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic dcid"); + return NGX_ERROR; + } + + if (pkt->scid.len != qc->scid.len) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scidl"); + return NGX_ERROR; + } + + if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); + return NGX_ERROR; + } + + return NGX_OK; +} + + +static ngx_int_t ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt) { ngx_int_t rc; @@ -1249,7 +1250,7 @@ ngx_quic_app_input(ngx_connection_t *c, if (keys->client.key.len == 0) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "no read keys yet, packet ignored"); + "quic no read keys yet, packet ignored"); return NGX_DECLINED; } @@ -1448,7 +1449,7 @@ ngx_quic_payload_handler(ngx_connection_ if (p != end) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "trailing garbage in payload: %ui bytes", end - p); + "quic trailing garbage in payload: %ui bytes", end - p); return NGX_ERROR; } @@ -1551,7 +1552,7 @@ ngx_quic_handle_ack_frame(ngx_connection if (ack->first_range > ack->largest) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "invalid first range in ack frame"); + "quic invalid first range in ack frame"); return NGX_ERROR; } @@ -1582,7 +1583,7 @@ ngx_quic_handle_ack_frame(ngx_connection if (gap >= min) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "invalid range %ui in ack frame", i); + "quic invalid range %ui in ack frame", i); return NGX_ERROR; } @@ -1590,7 +1591,7 @@ ngx_quic_handle_ack_frame(ngx_connection if (range > max + 1) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "invalid range %ui in ack frame", i); + "quic invalid range %ui in ack frame", i); return NGX_ERROR; } @@ -1640,7 +1641,7 @@ ngx_quic_handle_ack_frame_range(ngx_conn } ngx_log_error(NGX_LOG_INFO, c->log, 0, - "ACK for the packet not in sent queue "); + "quic ACK for the packet not in sent queue "); // TODO: handle error properly: PROTOCOL VIOLATION? return NGX_ERROR; } @@ -1811,7 +1812,7 @@ ngx_quic_buffer_frame(ngx_connection_t * /* check limit on total size used by all buffered frames, not actual data */ if (NGX_QUIC_MAX_BUFFERED - fs->total < f->length) { ngx_log_error(NGX_LOG_INFO, c->log, 0, - "ordered input buffer limit exceeded"); + "quic ordered input buffer limit exceeded"); return NGX_ERROR; } @@ -1987,7 +1988,8 @@ ngx_quic_handle_stream_frame(ngx_connect } if (n < f->length) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "no space in stream buffer"); + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic no space in stream buffer"); return NGX_ERROR; } @@ -2069,7 +2071,8 @@ ngx_quic_stream_input(ngx_connection_t * b = sn->b; if ((size_t) ((b->pos - b->start) + (b->end - b->last)) < f->length) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "no space in stream buffer"); + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic no space in stream buffer"); return NGX_ERROR; } @@ -2180,7 +2183,8 @@ ngx_quic_handle_stream_data_blocked_fram sn = ngx_quic_find_stream(&qc->streams.tree, f->id); if (sn == NULL) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "unknown stream id:%uL", f->id); + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic unknown stream id:%uL", f->id); return NGX_ERROR; } @@ -2595,7 +2599,7 @@ ngx_quic_retransmit(ngx_connection_t *c, if (start->first + qc->tp.max_idle_timeout < now) { ngx_log_error(NGX_LOG_ERR, c->log, 0, - "retransmission timeout"); + "quic retransmission timeout"); return NGX_DECLINED; }