Mercurial > hg > nginx
diff src/event/ngx_event_quic.h @ 8383:7ea34e13937f quic
Address validation using Retry packets.
The behaviour is toggled with the new directive "quic_retry on|off".
QUIC token construction is made suitable for issuing with NEW_TOKEN.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 14 May 2020 15:47:18 +0300 |
parents | 9d9531431c8c |
children | 125cbfa77013 |
line wrap: on
line diff
--- a/src/event/ngx_event_quic.h +++ b/src/event/ngx_event_quic.h @@ -23,6 +23,13 @@ #define NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT 3 #define NGX_QUIC_DEFAULT_MAX_ACK_DELAY 25 +#define NGX_QUIC_RETRY_TIMEOUT 3000 +#define NGX_QUIC_RETRY_LIFETIME 30000 +#define NGX_QUIC_RETRY_BUFFER_SIZE 128 + /* 1 flags + 4 version + 3 x (1 + 20) s/o/dcid + itag + token(44) */ +#define NGX_QUIC_MAX_TOKEN_SIZE 32 + /* sizeof(struct in6_addr) + sizeof(ngx_msec_t) up to AES-256 block size */ + #define NGX_QUIC_HARDCODED_PTO 1000 /* 1s, TODO: collect */ #define NGX_QUIC_CC_MIN_INTERVAL 1000 /* 1s */ @@ -49,9 +56,12 @@ typedef struct { ngx_uint_t ack_delay_exponent; ngx_uint_t disable_active_migration; ngx_uint_t active_connection_id_limit; + ngx_str_t original_connection_id; + + ngx_flag_t retry; + u_char token_key[32]; /* AES 256 */ /* TODO */ - ngx_uint_t original_connection_id; u_char stateless_reset_token[16]; void *preferred_address; } ngx_quic_tp_t;