Mercurial > hg > nginx
annotate src/event/quic/ngx_event_quic_connid.c @ 8911:b09f055daa4e quic
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Previously, the retired socket was not closed if it didn't match
active or backup.
New sockets could not be created (due to count limit), since retired socket
was not closed before calling ngx_quic_create_sockets().
When replacing retired socket, new socket is only requested after closing
old one, to avoid hitting the limit on the number of active connection ids.
Together with added restrictions, this fixes an issue when a current socket
could be closed during migration, recreated and erroneously reused leading
to null pointer dereference.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Thu, 18 Nov 2021 14:19:36 +0300 |
parents | f8848f5a1014 |
children | 9680f0badc95 |
rev | line source |
---|---|
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #include <ngx_config.h> |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_core.h> |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_event.h> |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 #define NGX_QUIC_MAX_SERVER_IDS 8 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
13 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
14 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
15 #if (NGX_QUIC_BPF) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
16 static ngx_int_t ngx_quic_bpf_attach_id(ngx_connection_t *c, u_char *id); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
17 #endif |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
18 static ngx_int_t ngx_quic_send_retire_connection_id(ngx_connection_t *c, |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
19 uint64_t seqnum); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
20 |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
21 static ngx_quic_client_id_t *ngx_quic_alloc_client_id(ngx_connection_t *c, |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
22 ngx_quic_connection_t *qc); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
23 static ngx_int_t ngx_quic_replace_retired_client_id(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
24 ngx_quic_client_id_t *retired_cid); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
25 static ngx_int_t ngx_quic_send_server_id(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
26 ngx_quic_server_id_t *sid); |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
27 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
28 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
29 ngx_int_t |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
30 ngx_quic_create_server_id(ngx_connection_t *c, u_char *id) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
31 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
32 if (RAND_bytes(id, NGX_QUIC_SERVER_CID_LEN) != 1) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
33 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
34 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
35 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
36 #if (NGX_QUIC_BPF) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
37 if (ngx_quic_bpf_attach_id(c, id) != NGX_OK) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
38 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
39 "quic bpf failed to generate socket key"); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
40 /* ignore error, things still may work */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
41 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
42 #endif |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
43 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
44 return NGX_OK; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
45 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
46 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
47 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
48 #if (NGX_QUIC_BPF) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
49 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
50 static ngx_int_t |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
51 ngx_quic_bpf_attach_id(ngx_connection_t *c, u_char *id) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
52 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
53 int fd; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
54 uint64_t cookie; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
55 socklen_t optlen; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
56 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
57 fd = c->listening->fd; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
58 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
59 optlen = sizeof(cookie); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
60 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
61 if (getsockopt(fd, SOL_SOCKET, SO_COOKIE, &cookie, &optlen) == -1) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
62 ngx_log_error(NGX_LOG_ERR, c->log, ngx_socket_errno, |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
63 "quic getsockopt(SO_COOKIE) failed"); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
64 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
65 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
66 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
67 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
68 ngx_quic_dcid_encode_key(id, cookie); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
69 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
70 return NGX_OK; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
71 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
72 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
73 #endif |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
74 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
75 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
76 ngx_int_t |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
77 ngx_quic_handle_new_connection_id_frame(ngx_connection_t *c, |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
78 ngx_quic_new_conn_id_frame_t *f) |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
79 { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
80 ngx_str_t id; |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
81 ngx_queue_t *q; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
82 ngx_quic_client_id_t *cid, *item; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
83 ngx_quic_connection_t *qc; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
84 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
85 qc = ngx_quic_get_connection(c); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
86 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
87 if (f->seqnum < qc->max_retired_seqnum) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
88 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
89 * RFC 9000, 19.15. NEW_CONNECTION_ID Frame |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
90 * |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
91 * An endpoint that receives a NEW_CONNECTION_ID frame with |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
92 * a sequence number smaller than the Retire Prior To field |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
93 * of a previously received NEW_CONNECTION_ID frame MUST send |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
94 * a corresponding RETIRE_CONNECTION_ID frame that retires |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
95 * the newly received connection ID, unless it has already |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
96 * done so for that sequence number. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
97 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
98 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
99 if (ngx_quic_send_retire_connection_id(c, f->seqnum) != NGX_OK) { |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
100 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
101 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
102 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
103 goto retire; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
104 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
105 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
106 cid = NULL; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
107 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
108 for (q = ngx_queue_head(&qc->client_ids); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
109 q != ngx_queue_sentinel(&qc->client_ids); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
110 q = ngx_queue_next(q)) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
111 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
112 item = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
113 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
114 if (item->seqnum == f->seqnum) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
115 cid = item; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
116 break; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
117 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
118 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
119 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
120 if (cid) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
121 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
122 * Transmission errors, timeouts, and retransmissions might cause the |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
123 * same NEW_CONNECTION_ID frame to be received multiple times. |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
124 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
125 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
126 if (cid->len != f->len |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
127 || ngx_strncmp(cid->id, f->cid, f->len) != 0 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
128 || ngx_strncmp(cid->sr_token, f->srt, NGX_QUIC_SR_TOKEN_LEN) != 0) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
129 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
130 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
131 * ..if a sequence number is used for different connection IDs, |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
132 * the endpoint MAY treat that receipt as a connection error |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
133 * of type PROTOCOL_VIOLATION. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
134 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
135 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
136 qc->error_reason = "seqnum refers to different connection id/token"; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
137 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
138 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
139 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
140 } else { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
141 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
142 id.data = f->cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
143 id.len = f->len; |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
144 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
145 if (ngx_quic_create_client_id(c, &id, f->seqnum, f->srt) == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
146 return NGX_ERROR; |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
147 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
148 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
149 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
150 retire: |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
151 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
152 if (qc->max_retired_seqnum && f->retire <= qc->max_retired_seqnum) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
153 /* |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
154 * Once a sender indicates a Retire Prior To value, smaller values sent |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
155 * in subsequent NEW_CONNECTION_ID frames have no effect. A receiver |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
156 * MUST ignore any Retire Prior To fields that do not increase the |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
157 * largest received Retire Prior To value. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
158 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
159 goto done; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
160 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
161 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
162 qc->max_retired_seqnum = f->retire; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
163 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
164 q = ngx_queue_head(&qc->client_ids); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
165 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
166 while (q != ngx_queue_sentinel(&qc->client_ids)) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
167 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
168 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
169 q = ngx_queue_next(q); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
170 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
171 if (cid->seqnum >= f->retire) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
172 continue; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
173 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
174 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
175 /* this connection id must be retired */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
176 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
177 if (ngx_quic_send_retire_connection_id(c, cid->seqnum) != NGX_OK) { |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
178 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
179 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
180 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
181 if (cid->refcnt) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
182 /* we are going to retire client id which is in use */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
183 if (ngx_quic_replace_retired_client_id(c, cid) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
184 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
185 } |
8896
e2ec952dc295
QUIC: fixed removal of unused client IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
186 |
e2ec952dc295
QUIC: fixed removal of unused client IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
187 } else { |
e2ec952dc295
QUIC: fixed removal of unused client IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
188 ngx_quic_unref_client_id(c, cid); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
189 } |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
190 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
191 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
192 done: |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
193 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
194 if (qc->nclient_ids > qc->tp.active_connection_id_limit) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
195 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
196 * RFC 9000, 5.1.1. Issuing Connection IDs |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
197 * |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
198 * After processing a NEW_CONNECTION_ID frame and |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
199 * adding and retiring active connection IDs, if the number of active |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
200 * connection IDs exceeds the value advertised in its |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
201 * active_connection_id_limit transport parameter, an endpoint MUST |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
202 * close the connection with an error of type CONNECTION_ID_LIMIT_ERROR. |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
203 */ |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
204 qc->error = NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
205 qc->error_reason = "too many connection ids received"; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
206 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
207 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
208 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
209 return NGX_OK; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
210 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
211 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
212 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
213 static ngx_int_t |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
214 ngx_quic_send_retire_connection_id(ngx_connection_t *c, uint64_t seqnum) |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
215 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
216 ngx_quic_frame_t *frame; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
217 ngx_quic_connection_t *qc; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
218 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
219 qc = ngx_quic_get_connection(c); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
220 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
221 frame = ngx_quic_alloc_frame(c); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
222 if (frame == NULL) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
223 return NGX_ERROR; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
224 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
225 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
226 frame->level = ssl_encryption_application; |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
227 frame->type = NGX_QUIC_FT_RETIRE_CONNECTION_ID; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
228 frame->u.retire_cid.sequence_number = seqnum; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
229 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
230 ngx_quic_queue_frame(qc, frame); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
231 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
232 /* we are no longer going to use this client id */ |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
233 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
234 return NGX_OK; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
235 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
236 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
237 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
238 static ngx_quic_client_id_t * |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
239 ngx_quic_alloc_client_id(ngx_connection_t *c, ngx_quic_connection_t *qc) |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
240 { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
241 ngx_queue_t *q; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
242 ngx_quic_client_id_t *cid; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
243 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
244 if (!ngx_queue_empty(&qc->free_client_ids)) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
245 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
246 q = ngx_queue_head(&qc->free_client_ids); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
247 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
248 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
249 ngx_queue_remove(&cid->queue); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
250 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
251 ngx_memzero(cid, sizeof(ngx_quic_client_id_t)); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
252 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
253 } else { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
254 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
255 cid = ngx_pcalloc(c->pool, sizeof(ngx_quic_client_id_t)); |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
256 if (cid == NULL) { |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
257 return NULL; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
258 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
259 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
260 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
261 return cid; |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
262 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
263 |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
264 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
265 ngx_quic_client_id_t * |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
266 ngx_quic_create_client_id(ngx_connection_t *c, ngx_str_t *id, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
267 uint64_t seqnum, u_char *token) |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
268 { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
269 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
270 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
271 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
272 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
273 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
274 cid = ngx_quic_alloc_client_id(c, qc); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
275 if (cid == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
276 return NULL; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
277 } |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
278 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
279 cid->seqnum = seqnum; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
280 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
281 cid->len = id->len; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
282 ngx_memcpy(cid->id, id->data, id->len); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
283 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
284 if (token) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
285 ngx_memcpy(cid->sr_token, token, NGX_QUIC_SR_TOKEN_LEN); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
286 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
287 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
288 ngx_queue_insert_tail(&qc->client_ids, &cid->queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
289 qc->nclient_ids++; |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
290 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
291 if (seqnum > qc->client_seqnum) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
292 qc->client_seqnum = seqnum; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
293 } |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
294 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
295 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
296 "quic cid #%uL received id:%uz:%xV:%*xs", |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
297 cid->seqnum, id->len, id, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
298 (size_t) NGX_QUIC_SR_TOKEN_LEN, cid->sr_token); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
299 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
300 return cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
301 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
302 |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
303 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
304 ngx_quic_client_id_t * |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
305 ngx_quic_next_client_id(ngx_connection_t *c) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
306 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
307 ngx_queue_t *q; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
308 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
309 ngx_quic_connection_t *qc; |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
310 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
311 qc = ngx_quic_get_connection(c); |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
312 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
313 for (q = ngx_queue_head(&qc->client_ids); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
314 q != ngx_queue_sentinel(&qc->client_ids); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
315 q = ngx_queue_next(q)) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
316 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
317 cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
318 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
319 if (cid->refcnt == 0) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
320 return cid; |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
321 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
322 } |
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
323 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
324 return NULL; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
325 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
326 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
327 |
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
328 ngx_quic_client_id_t * |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
329 ngx_quic_used_client_id(ngx_connection_t *c, ngx_quic_path_t *path) |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
330 { |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
331 ngx_queue_t *q; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
332 ngx_quic_socket_t *qsock; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
333 ngx_quic_connection_t *qc; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
334 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
335 qc = ngx_quic_get_connection(c); |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
336 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
337 /* best guess: cid used by active path is good for us */ |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
338 if (qc->socket->path == path) { |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
339 return qc->socket->cid; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
340 } |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
341 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
342 for (q = ngx_queue_head(&qc->sockets); |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
343 q != ngx_queue_sentinel(&qc->sockets); |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
344 q = ngx_queue_next(q)) |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
345 { |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
346 qsock = ngx_queue_data(q, ngx_quic_socket_t, queue); |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
347 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
348 if (qsock->path && qsock->path == path) { |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
349 return qsock->cid; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
350 } |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
351 } |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
352 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
353 return NULL; |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
354 } |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
355 |
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
356 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
357 ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
358 ngx_quic_handle_retire_connection_id_frame(ngx_connection_t *c, |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
359 ngx_quic_retire_cid_frame_t *f) |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
360 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
361 ngx_quic_path_t *path; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
362 ngx_quic_socket_t *qsock, **tmp; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
363 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
364 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
365 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
366 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
367 |
8910
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
368 if (f->sequence_number >= qc->server_seqnum) { |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
369 /* |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
370 * RFC 9000, 19.16. |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
371 * |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
372 * Receipt of a RETIRE_CONNECTION_ID frame containing a sequence |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
373 * number greater than any previously sent to the peer MUST be |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
374 * treated as a connection error of type PROTOCOL_VIOLATION. |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
375 */ |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
376 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
377 qc->error_reason = "sequence number of id to retire was never issued"; |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
378 |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
379 return NGX_ERROR; |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
380 } |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
381 |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
382 qsock = ngx_quic_get_socket(c); |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
383 |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
384 if (qsock->sid.seqnum == f->sequence_number) { |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
385 |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
386 /* |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
387 * RFC 9000, 19.16. |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
388 * |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
389 * The sequence number specified in a RETIRE_CONNECTION_ID frame MUST |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
390 * NOT refer to the Destination Connection ID field of the packet in |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
391 * which the frame is contained. The peer MAY treat this as a |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
392 * connection error of type PROTOCOL_VIOLATION. |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
393 */ |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
394 |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
395 qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
396 qc->error_reason = "sequence number of id to retire refers DCID"; |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
397 |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
398 return NGX_ERROR; |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
399 } |
f8848f5a1014
QUIC: additional checks for the RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8896
diff
changeset
|
400 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
401 qsock = ngx_quic_find_socket(c, f->sequence_number); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
402 if (qsock == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
403 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
404 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
405 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
406 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
407 "quic socket #%uL is retired", qsock->sid.seqnum); |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
408 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
409 /* check if client is willing to retire sid we have in use */ |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
410 if (qsock->sid.seqnum == qc->socket->sid.seqnum) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
411 tmp = &qc->socket; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
412 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
413 } else if (qc->backup && qsock->sid.seqnum == qc->backup->sid.seqnum) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
414 tmp = &qc->backup; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
415 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
416 } else { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
417 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
418 ngx_quic_close_socket(c, qsock); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
419 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
420 /* restore socket count up to a limit after deletion */ |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
421 if (ngx_quic_create_sockets(c) != NGX_OK) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
422 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
423 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
424 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
425 return NGX_OK; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
426 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
427 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
428 /* preserve path/cid from retired socket */ |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
429 path = qsock->path; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
430 cid = qsock->cid; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
431 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
432 /* ensure that closing_socket will not drop path and cid */ |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
433 path->refcnt++; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
434 cid->refcnt++; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
435 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
436 ngx_quic_close_socket(c, qsock); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
437 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
438 /* restore original values */ |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
439 path->refcnt--; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
440 cid->refcnt--; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
441 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
442 /* restore socket count up to a limit after deletion */ |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
443 if (ngx_quic_create_sockets(c) != NGX_OK) { |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
444 goto failed; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
445 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
446 |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
447 qsock = ngx_quic_get_unconnected_socket(c); |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
448 if (qsock == NULL) { |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
449 qc->error = NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
450 qc->error_reason = "not enough server IDs"; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
451 goto failed; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
452 } |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
453 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
454 ngx_quic_connect(c, qsock, path, cid); |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
455 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
456 ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
457 "quic %s socket is now #%uL:%uL:%uL (%s)", |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
458 (*tmp) == qc->socket ? "active" : "backup", |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
459 qsock->sid.seqnum, qsock->cid->seqnum, |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
460 qsock->path->seqnum, |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
461 ngx_quic_path_state_str(qsock->path)); |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
462 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
463 /* restore active/backup pointer in quic connection */ |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
464 *tmp = qsock; |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
465 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
466 return NGX_OK; |
8911
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
467 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
468 failed: |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
469 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
470 /* |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
471 * socket was closed, path and cid were preserved artifically |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
472 * to be reused, but it didn't happen, thus unref here |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
473 */ |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
474 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
475 ngx_quic_unref_path(c, path); |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
476 ngx_quic_unref_client_id(c, cid); |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
477 |
b09f055daa4e
QUIC: fixed handling of RETIRE_CONNECTION_ID frame.
Vladimir Homutov <vl@nginx.com>
parents:
8910
diff
changeset
|
478 return NGX_ERROR; |
8748
e0cb1e58ca13
QUIC: separate files for connection id related processing.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
479 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
480 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
481 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
482 ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
483 ngx_quic_create_sockets(ngx_connection_t *c) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
484 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
485 ngx_uint_t n; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
486 ngx_quic_socket_t *qsock; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
487 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
488 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
489 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
490 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
491 n = ngx_min(NGX_QUIC_MAX_SERVER_IDS, qc->ctp.active_connection_id_limit); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
492 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
493 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
494 "quic create sockets has:%ui max:%ui", qc->nsockets, n); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
495 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
496 while (qc->nsockets < n) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
497 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
498 qsock = ngx_quic_alloc_socket(c, qc); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
499 if (qsock == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
500 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
501 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
502 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
503 if (ngx_quic_listen(c, qc, qsock) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
504 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
505 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
506 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
507 if (ngx_quic_send_server_id(c, &qsock->sid) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
508 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
509 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
510 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
511 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
512 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
513 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
514 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
515 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
516 static ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
517 ngx_quic_send_server_id(ngx_connection_t *c, ngx_quic_server_id_t *sid) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
518 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
519 ngx_str_t dcid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
520 ngx_quic_frame_t *frame; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
521 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
522 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
523 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
524 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
525 dcid.len = sid->len; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
526 dcid.data = sid->id; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
527 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
528 frame = ngx_quic_alloc_frame(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
529 if (frame == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
530 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
531 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
532 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
533 frame->level = ssl_encryption_application; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
534 frame->type = NGX_QUIC_FT_NEW_CONNECTION_ID; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
535 frame->u.ncid.seqnum = sid->seqnum; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
536 frame->u.ncid.retire = 0; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
537 frame->u.ncid.len = NGX_QUIC_SERVER_CID_LEN; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
538 ngx_memcpy(frame->u.ncid.cid, sid->id, NGX_QUIC_SERVER_CID_LEN); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
539 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
540 if (ngx_quic_new_sr_token(c, &dcid, qc->conf->sr_token_key, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
541 frame->u.ncid.srt) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
542 != NGX_OK) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
543 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
544 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
545 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
546 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
547 ngx_quic_queue_frame(qc, frame); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
548 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
549 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
550 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
551 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
552 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
553 static ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
554 ngx_quic_replace_retired_client_id(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
555 ngx_quic_client_id_t *retired_cid) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
556 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
557 ngx_queue_t *q; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
558 ngx_quic_socket_t *qsock; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
559 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
560 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
561 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
562 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
563 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
564 for (q = ngx_queue_head(&qc->sockets); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
565 q != ngx_queue_sentinel(&qc->sockets); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
566 q = ngx_queue_next(q)) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
567 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
568 qsock = ngx_queue_data(q, ngx_quic_socket_t, queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
569 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
570 if (qsock->cid == retired_cid) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
571 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
572 cid = ngx_quic_next_client_id(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
573 if (cid == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
574 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
575 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
576 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
577 qsock->cid = cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
578 cid->refcnt++; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
579 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
580 ngx_quic_unref_client_id(c, retired_cid); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
581 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
582 if (retired_cid->refcnt == 0) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
583 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
584 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
585 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
586 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
587 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
588 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
589 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
590 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
591 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
592 void |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
593 ngx_quic_unref_client_id(ngx_connection_t *c, ngx_quic_client_id_t *cid) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
594 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
595 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
596 |
8896
e2ec952dc295
QUIC: fixed removal of unused client IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
597 if (cid->refcnt) { |
e2ec952dc295
QUIC: fixed removal of unused client IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
598 cid->refcnt--; |
e2ec952dc295
QUIC: fixed removal of unused client IDs.
Vladimir Homutov <vl@nginx.com>
parents:
8797
diff
changeset
|
599 } /* else: unused client id */ |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
600 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
601 if (cid->refcnt) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
602 return; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
603 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
604 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
605 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
606 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
607 ngx_queue_remove(&cid->queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
608 ngx_queue_insert_head(&qc->free_client_ids, &cid->queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
609 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
610 qc->nclient_ids--; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8748
diff
changeset
|
611 } |