Mercurial > hg > nginx
annotate src/event/ngx_event_quic.c @ 8247:e9891e8ee975 quic
Configurable transport parameters.
- integer parameters can be configured using the following directives:
quic_max_idle_timeout
quic_max_ack_delay
quic_max_packet_size
quic_initial_max_data
quic_initial_max_stream_data_bidi_local
quic_initial_max_stream_data_bidi_remote
quic_initial_max_stream_data_uni
quic_initial_max_streams_bidi
quic_initial_max_streams_uni
quic_ack_delay_exponent
quic_active_migration
quic_active_connection_id_limit
- only following parameters are actually sent:
active_connection_id_limit
initial_max_streams_uni
initial_max_streams_bidi
initial_max_stream_data_bidi_local
initial_max_stream_data_bidi_remote
initial_max_stream_data_uni
(other parameters are to be added into ngx_quic_create_transport_params()
function as needed, should be easy now)
- draft 24 and draft 27 are now supported
(at compile-time using quic_version macro)
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Fri, 20 Mar 2020 13:47:44 +0300 |
parents | 0d9bc77ae30d |
children | c217a907ce42 |
rev | line source |
---|---|
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
1 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
2 /* |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
4 */ |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
5 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
6 |
8171 | 7 #include <ngx_config.h> |
8 #include <ngx_core.h> | |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
9 #include <ngx_event.h> |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
10 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
11 |
8225 | 12 typedef struct { |
13 ngx_rbtree_node_t node; | |
14 ngx_buf_t *b; | |
15 ngx_connection_t *c; | |
16 ngx_quic_stream_t s; | |
17 } ngx_quic_stream_node_t; | |
18 | |
19 | |
20 typedef struct { | |
21 ngx_rbtree_t tree; | |
22 ngx_rbtree_node_t sentinel; | |
23 ngx_msec_t timeout; | |
24 ngx_connection_handler_pt handler; | |
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
25 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
26 ngx_uint_t id_counter; |
8225 | 27 } ngx_quic_streams_t; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
28 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
29 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
30 struct ngx_quic_connection_s { |
8225 | 31 ngx_str_t scid; |
32 ngx_str_t dcid; | |
33 ngx_str_t token; | |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
34 |
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
35 ngx_quic_tp_t tp; |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
36 |
8225 | 37 /* current packet numbers for each namespace */ |
38 ngx_uint_t initial_pn; | |
39 ngx_uint_t handshake_pn; | |
40 ngx_uint_t appdata_pn; | |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
41 |
8225 | 42 ngx_quic_secrets_t secrets; |
43 ngx_ssl_t *ssl; | |
44 ngx_quic_frame_t *frames; | |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
45 |
8225 | 46 ngx_quic_streams_t streams; |
8237
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
47 ngx_uint_t max_data; |
8225 | 48 }; |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
49 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
50 |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
51 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
52 static int ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
53 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
54 const uint8_t *secret, size_t secret_len); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
55 static int ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
56 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
57 const uint8_t *secret, size_t secret_len); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
58 #else |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
59 static int ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
60 enum ssl_encryption_level_t level, const uint8_t *read_secret, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
61 const uint8_t *write_secret, size_t secret_len); |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
62 #endif |
8225 | 63 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
64 static int ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
65 enum ssl_encryption_level_t level, const uint8_t *data, size_t len); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
66 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
67 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
68 enum ssl_encryption_level_t level, uint8_t alert); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
69 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
70 |
8225 | 71 static ngx_int_t ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, |
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
72 ngx_quic_tp_t *tp, ngx_quic_header_t *pkt); |
8225 | 73 static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); |
74 static void ngx_quic_handshake_handler(ngx_event_t *rev); | |
75 static void ngx_quic_close_connection(ngx_connection_t *c); | |
76 | |
77 static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b); | |
78 static ngx_int_t ngx_quic_initial_input(ngx_connection_t *c, | |
79 ngx_quic_header_t *pkt); | |
80 static ngx_int_t ngx_quic_handshake_input(ngx_connection_t *c, | |
81 ngx_quic_header_t *pkt); | |
82 static ngx_int_t ngx_quic_app_input(ngx_connection_t *c, | |
83 ngx_quic_header_t *pkt); | |
84 static ngx_int_t ngx_quic_payload_handler(ngx_connection_t *c, | |
85 ngx_quic_header_t *pkt); | |
86 | |
87 static ngx_int_t ngx_quic_handle_ack_frame(ngx_connection_t *c, | |
88 ngx_quic_header_t *pkt, ngx_quic_ack_frame_t *f); | |
89 static ngx_int_t ngx_quic_handle_crypto_frame(ngx_connection_t *c, | |
90 ngx_quic_header_t *pkt, ngx_quic_crypto_frame_t *frame); | |
91 static ngx_int_t ngx_quic_handle_stream_frame(ngx_connection_t *c, | |
92 ngx_quic_header_t *pkt, ngx_quic_stream_frame_t *frame); | |
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
93 static ngx_int_t ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
94 ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f); |
8225 | 95 |
96 static void ngx_quic_queue_frame(ngx_quic_connection_t *qc, | |
97 ngx_quic_frame_t *frame); | |
98 | |
99 static ngx_int_t ngx_quic_output(ngx_connection_t *c); | |
100 ngx_int_t ngx_quic_frames_send(ngx_connection_t *c, ngx_quic_frame_t *start, | |
101 ngx_quic_frame_t *end, size_t total); | |
102 static ngx_int_t ngx_quic_send_packet(ngx_connection_t *c, | |
103 ngx_quic_connection_t *qc, enum ssl_encryption_level_t level, | |
104 ngx_str_t *payload); | |
105 | |
106 | |
107 static void ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, | |
108 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); | |
109 static ngx_quic_stream_node_t *ngx_quic_find_stream(ngx_rbtree_t *rbtree, | |
110 ngx_uint_t key); | |
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
111 static ngx_quic_stream_node_t *ngx_quic_create_stream(ngx_connection_t *c, |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
112 ngx_uint_t id); |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
113 static ssize_t ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
114 size_t size); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
115 static ssize_t ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
116 size_t size); |
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
117 static void ngx_quic_stream_cleanup_handler(void *data); |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
118 static ngx_chain_t *ngx_quic_stream_send_chain(ngx_connection_t *c, |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
119 ngx_chain_t *in, off_t limit); |
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
120 |
8225 | 121 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
122 static SSL_QUIC_METHOD quic_method = { |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
123 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
124 ngx_quic_set_read_secret, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
125 ngx_quic_set_write_secret, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
126 #else |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
127 ngx_quic_set_encryption_secrets, |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
128 #endif |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
129 ngx_quic_add_handshake_data, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
130 ngx_quic_flush_flight, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
131 ngx_quic_send_alert, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
132 }; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
133 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
134 |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
135 #if BORINGSSL_API_VERSION >= 10 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
136 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
137 static int |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
138 ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
139 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
140 const uint8_t *rsecret, size_t secret_len) |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
141 { |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
142 ngx_connection_t *c; |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
143 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
144 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
145 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
146 ngx_quic_hexdump(c->log, "level:%d read secret", |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
147 rsecret, secret_len, level); |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
148 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
149 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
150 rsecret, secret_len, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
151 &c->quic->secrets.client); |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
152 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
153 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
154 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
155 static int |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
156 ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
157 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
158 const uint8_t *wsecret, size_t secret_len) |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
159 { |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
160 ngx_connection_t *c; |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
161 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
162 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
163 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
164 ngx_quic_hexdump(c->log, "level:%d write secret", |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
165 wsecret, secret_len, level); |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
166 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
167 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
168 wsecret, secret_len, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
169 &c->quic->secrets.server); |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
170 } |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
171 |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
172 #else |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
173 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
174 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
175 ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
176 enum ssl_encryption_level_t level, const uint8_t *rsecret, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
177 const uint8_t *wsecret, size_t secret_len) |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
178 { |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
179 ngx_int_t rc; |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
180 ngx_connection_t *c; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
181 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
182 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
183 |
8222
bec4cd55361e
Fixed a typo with OpenSSL.
Vladimir Homutov <vl@nginx.com>
parents:
8221
diff
changeset
|
184 ngx_quic_hexdump(c->log, "level:%d read", rsecret, secret_len, level); |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
185 ngx_quic_hexdump(c->log, "level:%d write", wsecret, secret_len, level); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
186 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
187 rc = ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
188 rsecret, secret_len, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
189 &c->quic->secrets.client); |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
190 if (rc != 1) { |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
191 return rc; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
192 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
193 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
194 return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
195 wsecret, secret_len, |
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
196 &c->quic->secrets.server); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
197 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
198 |
8204
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
199 #endif |
9e0c30e1f7fb
Compatibility with BoringSSL revised QUIC encryption secret APIs.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8203
diff
changeset
|
200 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
201 |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
202 static int |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
203 ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
204 enum ssl_encryption_level_t level, const uint8_t *data, size_t len) |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
205 { |
8225 | 206 u_char *p; |
207 ngx_quic_frame_t *frame; | |
208 ngx_connection_t *c; | |
209 ngx_quic_connection_t *qc; | |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
210 |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
211 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
212 qc = c->quic; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
213 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
214 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
215 "ngx_quic_add_handshake_data"); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
216 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
217 frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
218 if (frame == NULL) { |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
219 return 0; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
220 } |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
221 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
222 p = ngx_pnalloc(c->pool, len); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
223 if (p == NULL) { |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
224 return 0; |
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
225 } |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
226 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
227 ngx_memcpy(p, data, len); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
228 |
8186
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
229 frame->level = level; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
230 frame->type = NGX_QUIC_FT_CRYPTO; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
231 frame->u.crypto.len = len; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
232 frame->u.crypto.data = p; |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
233 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
234 ngx_sprintf(frame->info, "crypto, generated by SSL len=%ui level=%d", len, level); |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
235 |
0a2683df5f11
Implemented improved version of quic_output().
Vladimir Homutov <vl@nginx.com>
parents:
8185
diff
changeset
|
236 ngx_quic_queue_frame(qc, frame); |
8184
ec1f84996990
Split frame and packet generation into separate steps.
Vladimir Homutov <vl@nginx.com>
parents:
8183
diff
changeset
|
237 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
238 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
239 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
240 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
241 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
242 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
243 ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
244 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
245 ngx_connection_t *c; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
246 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
247 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
248 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
249 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "ngx_quic_flush_flight()"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
250 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
251 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
252 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
253 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
254 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
255 static int |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
256 ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
257 uint8_t alert) |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
258 { |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
259 ngx_connection_t *c; |
8235
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
260 ngx_quic_frame_t *frame; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
261 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
262 c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
263 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
264 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
265 "ngx_quic_send_alert(), lvl=%d, alert=%d", |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
266 (int) level, (int) alert); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
267 |
8235
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
268 frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
269 if (frame == NULL) { |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
270 return 0; |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
271 } |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
272 |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
273 frame->level = level; |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
274 frame->type = NGX_QUIC_FT_CONNECTION_CLOSE; |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
275 frame->u.close.error_code = 0x100 + alert; |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
276 |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
277 ngx_quic_queue_frame(c->quic, frame); |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
278 |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
279 if (ngx_quic_output(c) != NGX_OK) { |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
280 return 0; |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
281 } |
552d6868091b
Implemented send_alert callback, CONNECTION_CLOSE writer.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8234
diff
changeset
|
282 |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
283 return 1; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
284 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
285 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
286 |
8225 | 287 void |
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
288 ngx_quic_run(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp, |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
289 ngx_msec_t timeout, ngx_connection_handler_pt handler) |
8225 | 290 { |
291 ngx_buf_t *b; | |
292 ngx_quic_header_t pkt; | |
293 | |
294 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic handshake"); | |
295 | |
296 c->log->action = "QUIC handshaking"; | |
297 | |
298 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | |
299 | |
300 b = c->buffer; | |
301 | |
302 pkt.log = c->log; | |
303 pkt.raw = b; | |
304 pkt.data = b->start; | |
305 pkt.len = b->last - b->start; | |
306 | |
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
307 if (ngx_quic_new_connection(c, ssl, tp, &pkt) != NGX_OK) { |
8225 | 308 ngx_quic_close_connection(c); |
309 return; | |
310 } | |
311 | |
312 // we don't need stream handler for initial packet processing | |
313 c->quic->streams.handler = handler; | |
314 c->quic->streams.timeout = timeout; | |
315 | |
316 ngx_add_timer(c->read, timeout); | |
317 | |
318 c->read->handler = ngx_quic_handshake_handler; | |
319 | |
320 return; | |
321 } | |
322 | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
323 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
324 static ngx_int_t |
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
325 ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp, |
8225 | 326 ngx_quic_header_t *pkt) |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
327 { |
8225 | 328 ngx_quic_connection_t *qc; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
329 |
8225 | 330 if (ngx_buf_size(pkt->raw) < 1200) { |
331 ngx_log_error(NGX_LOG_INFO, c->log, 0, "too small UDP datagram"); | |
332 return NGX_ERROR; | |
333 } | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
334 |
8225 | 335 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
336 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
337 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
338 |
8225 | 339 if ((pkt->flags & 0xf0) != NGX_QUIC_PKT_INITIAL) { |
340 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
341 "invalid initial packet: 0x%xi", pkt->flags); | |
342 return NGX_ERROR; | |
343 } | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
344 |
8225 | 345 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
346 return NGX_ERROR; | |
347 } | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
348 |
8225 | 349 qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); |
350 if (qc == NULL) { | |
351 return NGX_ERROR; | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
352 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
353 |
8225 | 354 ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, |
355 ngx_quic_rbtree_insert_stream); | |
356 | |
357 c->quic = qc; | |
358 qc->ssl = ssl; | |
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
359 qc->tp = *tp; |
8225 | 360 |
361 qc->dcid.len = pkt->dcid.len; | |
362 qc->dcid.data = ngx_pnalloc(c->pool, pkt->dcid.len); | |
363 if (qc->dcid.data == NULL) { | |
364 return NGX_ERROR; | |
365 } | |
366 ngx_memcpy(qc->dcid.data, pkt->dcid.data, qc->dcid.len); | |
367 | |
368 qc->scid.len = pkt->scid.len; | |
369 qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len); | |
370 if (qc->scid.data == NULL) { | |
371 return NGX_ERROR; | |
372 } | |
373 ngx_memcpy(qc->scid.data, pkt->scid.data, qc->scid.len); | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
374 |
8225 | 375 qc->token.len = pkt->token.len; |
376 qc->token.data = ngx_pnalloc(c->pool, qc->token.len); | |
377 if (qc->token.data == NULL) { | |
378 return NGX_ERROR; | |
379 } | |
380 ngx_memcpy(qc->token.data, pkt->token.data, qc->token.len); | |
381 | |
382 | |
383 if (ngx_quic_set_initial_secret(c->pool, &qc->secrets, &qc->dcid) | |
384 != NGX_OK) | |
385 { | |
386 return NGX_ERROR; | |
387 } | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
388 |
8225 | 389 pkt->secret = &qc->secrets.client.in; |
390 pkt->level = ssl_encryption_initial; | |
391 | |
392 if (ngx_quic_decrypt(c->pool, NULL, pkt) != NGX_OK) { | |
393 return NGX_ERROR; | |
394 } | |
395 | |
396 if (ngx_quic_init_connection(c) != NGX_OK) { | |
397 return NGX_ERROR; | |
398 } | |
399 | |
400 return ngx_quic_payload_handler(c, pkt); | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
401 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
402 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
403 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
404 static ngx_int_t |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
405 ngx_quic_init_connection(ngx_connection_t *c) |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
406 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
407 int n, sslerr; |
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
408 u_char *p; |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
409 ssize_t len; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
410 ngx_ssl_conn_t *ssl_conn; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
411 ngx_quic_connection_t *qc; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
412 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
413 qc = c->quic; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
414 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
415 if (ngx_ssl_create_connection(qc->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
416 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
417 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
418 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
419 ssl_conn = c->ssl->connection; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
420 |
8232
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
421 if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { |
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
422 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
423 "SSL_set_quic_method() failed"); |
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
424 return NGX_ERROR; |
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
425 } |
253cf267f95a
Moved setting QUIC methods to runtime.
Roman Arutyunyan <arut@nginx.com>
parents:
8231
diff
changeset
|
426 |
8247
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
427 len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp); |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
428 /* always succeeds */ |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
429 |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
430 p = ngx_pnalloc(c->pool, len); |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
431 if (p == NULL) { |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
432 return NGX_ERROR; |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
433 } |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
434 |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
435 len = ngx_quic_create_transport_params(p, p + len, &qc->tp); |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
436 if (len < 0) { |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
437 return NGX_ERROR; |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
438 } |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
439 |
e9891e8ee975
Configurable transport parameters.
Vladimir Homutov <vl@nginx.com>
parents:
8246
diff
changeset
|
440 if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
441 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
442 "SSL_set_quic_transport_params() failed"); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
443 return NGX_ERROR; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
444 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
445 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
446 n = SSL_do_handshake(ssl_conn); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
447 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
448 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
449 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
450 if (n == -1) { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
451 sslerr = SSL_get_error(ssl_conn, n); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
452 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
453 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
454 sslerr); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
455 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
456 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
457 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
458 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
459 (int) SSL_quic_read_level(ssl_conn), |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
460 (int) SSL_quic_write_level(ssl_conn)); |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
461 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
462 return NGX_OK; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
463 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
464 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
465 |
8225 | 466 static void |
467 ngx_quic_handshake_handler(ngx_event_t *rev) | |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
468 { |
8225 | 469 ssize_t n; |
470 ngx_buf_t b; | |
471 ngx_connection_t *c; | |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
472 |
8225 | 473 u_char buf[512]; |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
474 |
8225 | 475 b.start = buf; |
476 b.end = buf + 512; | |
477 b.pos = b.last = b.start; | |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
478 |
8225 | 479 c = rev->data; |
8211
6bc18966b8c1
Stream "connection" read/write methods.
Vladimir Homutov <vl@nginx.com>
parents:
8209
diff
changeset
|
480 |
8225 | 481 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic handshake handler"); |
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
482 |
8225 | 483 if (rev->timedout) { |
484 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); | |
485 ngx_quic_close_connection(c); | |
486 return; | |
8212
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
487 } |
e3c0b19a3a8a
Implemented ngx_quic_stream_send_chain() method.
Roman Arutyunyan <arut@nginx.com>
parents:
8211
diff
changeset
|
488 |
8246
0d9bc77ae30d
Reset QUIC timeout on every datagram.
Roman Arutyunyan <arut@nginx.com>
parents:
8245
diff
changeset
|
489 ngx_add_timer(rev, c->quic->streams.timeout); |
0d9bc77ae30d
Reset QUIC timeout on every datagram.
Roman Arutyunyan <arut@nginx.com>
parents:
8245
diff
changeset
|
490 |
8225 | 491 if (c->close) { |
492 ngx_quic_close_connection(c); | |
493 return; | |
494 } | |
8220
7ada2feeac18
Added processing of CONNECTION CLOSE frames.
Vladimir Homutov <vl@nginx.com>
parents:
8218
diff
changeset
|
495 |
8225 | 496 n = c->recv(c, b.start, b.end - b.start); |
8215 | 497 |
8225 | 498 if (n == NGX_AGAIN) { |
499 return; | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
500 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
501 |
8225 | 502 if (n == NGX_ERROR) { |
503 c->read->eof = 1; | |
504 ngx_quic_close_connection(c); | |
505 return; | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
506 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
507 |
8225 | 508 b.last += n; |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
509 |
8225 | 510 if (ngx_quic_input(c, &b) != NGX_OK) { |
511 ngx_quic_close_connection(c); | |
512 return; | |
513 } | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
514 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
515 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
516 |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
517 static void |
8225 | 518 ngx_quic_close_connection(ngx_connection_t *c) |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
519 { |
8225 | 520 ngx_pool_t *pool; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
521 |
8225 | 522 /* XXX wait for all streams to close */ |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
523 |
8225 | 524 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
525 "close quic connection: %d", c->fd); | |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
526 |
8225 | 527 if (c->ssl) { |
528 (void) ngx_ssl_shutdown(c); | |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
529 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
530 |
8225 | 531 #if (NGX_STAT_STUB) |
532 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); | |
533 #endif | |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
534 |
8225 | 535 c->destroyed = 1; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
536 |
8225 | 537 pool = c->pool; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
538 |
8225 | 539 ngx_close_connection(c); |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
540 |
8225 | 541 ngx_destroy_pool(pool); |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
542 } |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
543 |
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
544 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
545 static ngx_int_t |
8225 | 546 ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b) |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
547 { |
8225 | 548 u_char *p; |
549 ngx_int_t rc; | |
550 ngx_quic_header_t pkt; | |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
551 |
8225 | 552 if (c->quic == NULL) { |
553 // XXX: possible? | |
554 ngx_log_error(NGX_LOG_INFO, c->log, 0, "BUG: no QUIC in connection"); | |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
555 return NGX_ERROR; |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
556 } |
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
557 |
8225 | 558 p = b->start; |
8208
4ae9ac69ab93
HTTP/QUIC interface reworked.
Vladimir Homutov <vl@nginx.com>
parents:
8207
diff
changeset
|
559 |
8225 | 560 do { |
561 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | |
562 pkt.raw = b; | |
563 pkt.data = p; | |
564 pkt.len = b->last - p; | |
565 pkt.log = c->log; | |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
566 |
8225 | 567 if (p[0] == 0) { |
568 /* XXX: no idea WTF is this, just ignore */ | |
569 ngx_log_error(NGX_LOG_ALERT, c->log, 0, "FIREFOX: ZEROES"); | |
570 break; | |
571 } | |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
572 |
8225 | 573 // TODO: check current state |
574 if (p[0] & NGX_QUIC_PKT_LONG) { | |
575 | |
576 if ((p[0] & 0xf0) == NGX_QUIC_PKT_INITIAL) { | |
577 rc = ngx_quic_initial_input(c, &pkt); | |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
578 |
8225 | 579 } else if ((p[0] & 0xf0) == NGX_QUIC_PKT_HANDSHAKE) { |
580 rc = ngx_quic_handshake_input(c, &pkt); | |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
581 |
8225 | 582 } else { |
583 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
584 "BUG: unknown quic state"); | |
585 return NGX_ERROR; | |
586 } | |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
587 |
8225 | 588 } else { |
589 rc = ngx_quic_app_input(c, &pkt); | |
590 } | |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
591 |
8225 | 592 if (rc == NGX_ERROR) { |
593 return NGX_ERROR; | |
594 } | |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
595 |
8225 | 596 /* b->pos is at header end, adjust by actual packet length */ |
597 p = b->pos + pkt.len; | |
598 b->pos = p; /* reset b->pos to the next packet start */ | |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
599 |
8225 | 600 } while (p < b->last); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
601 |
8225 | 602 return NGX_OK; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
603 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
604 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
605 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
606 static ngx_int_t |
8223 | 607 ngx_quic_initial_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
608 { | |
609 ngx_ssl_conn_t *ssl_conn; | |
610 ngx_quic_connection_t *qc; | |
611 | |
612 qc = c->quic; | |
613 ssl_conn = c->ssl->connection; | |
614 | |
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
615 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
8223 | 616 return NGX_ERROR; |
617 } | |
618 | |
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
619 if (ngx_quic_parse_initial_header(pkt) != NGX_OK) { |
8223 | 620 return NGX_ERROR; |
621 } | |
622 | |
623 pkt->secret = &qc->secrets.client.in; | |
624 pkt->level = ssl_encryption_initial; | |
625 | |
626 if (ngx_quic_decrypt(c->pool, ssl_conn, pkt) != NGX_OK) { | |
627 return NGX_ERROR; | |
628 } | |
629 | |
630 return ngx_quic_payload_handler(c, pkt); | |
631 } | |
632 | |
633 | |
634 static ngx_int_t | |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
635 ngx_quic_handshake_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
636 { |
8188
bf555b94e387
Using cached ssl_conn in ngx_quic_handshake_input(), NFC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8187
diff
changeset
|
637 ngx_ssl_conn_t *ssl_conn; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
638 ngx_quic_connection_t *qc; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
639 |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
640 qc = c->quic; |
8188
bf555b94e387
Using cached ssl_conn in ngx_quic_handshake_input(), NFC.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8187
diff
changeset
|
641 ssl_conn = c->ssl->connection; |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
642 |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
643 /* extract cleartext data into pkt */ |
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
644 if (ngx_quic_parse_long_header(pkt) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
645 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
646 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
647 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
648 if (pkt->dcid.len != qc->dcid.len) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
649 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcidl"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
650 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
651 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
652 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
653 if (ngx_memcmp(pkt->dcid.data, qc->dcid.data, qc->dcid.len) != 0) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
654 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic dcid"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
655 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
656 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
657 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
658 if (pkt->scid.len != qc->scid.len) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
659 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scidl"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
660 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
661 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
662 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
663 if (ngx_memcmp(pkt->scid.data, qc->scid.data, qc->scid.len) != 0) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
664 ngx_log_error(NGX_LOG_INFO, c->log, 0, "unexpected quic scid"); |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
665 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
666 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
667 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
668 if ((pkt->flags & 0xf0) != NGX_QUIC_PKT_HANDSHAKE) { |
8193
4355efde26d8
Added functions to decrypt long packets.
Vladimir Homutov <vl@nginx.com>
parents:
8192
diff
changeset
|
669 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
670 "invalid packet type: 0x%xi", pkt->flags); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
671 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
672 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
673 |
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
674 if (ngx_quic_parse_handshake_header(pkt) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
675 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
676 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
677 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
678 pkt->secret = &qc->secrets.client.hs; |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
679 pkt->level = ssl_encryption_handshake; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
680 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
681 if (ngx_quic_decrypt(c->pool, c->ssl->connection, pkt) != NGX_OK) { |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
682 return NGX_ERROR; |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
683 } |
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
684 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
685 return ngx_quic_payload_handler(c, pkt); |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
686 } |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
687 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
688 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
689 static ngx_int_t |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
690 ngx_quic_app_input(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
691 { |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
692 ngx_quic_connection_t *qc; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
693 |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
694 qc = c->quic; |
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
695 |
8223 | 696 if (qc->secrets.client.ad.key.len == 0) { |
697 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
698 "no read keys yet, packet ignored"); | |
699 return NGX_DECLINED; | |
700 } | |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
701 |
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8223
diff
changeset
|
702 if (ngx_quic_parse_short_header(pkt, &qc->dcid) != NGX_OK) { |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
703 return NGX_ERROR; |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
704 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
705 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
706 pkt->secret = &qc->secrets.client.ad; |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
707 pkt->level = ssl_encryption_application; |
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
708 |
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
8220
diff
changeset
|
709 if (ngx_quic_decrypt(c->pool, c->ssl->connection, pkt) != NGX_OK) { |
8199
1297dc83a6b9
Generic payload handler for quic packets.
Vladimir Homutov <vl@nginx.com>
parents:
8198
diff
changeset
|
710 return NGX_ERROR; |
8185
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
711 } |
6a76d9657772
QUIC handshake final bits.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8184
diff
changeset
|
712 |
8206
8d6ac639feac
Added support of multiple QUIC packets in single datagram.
Vladimir Homutov <vl@nginx.com>
parents:
8205
diff
changeset
|
713 return ngx_quic_payload_handler(c, pkt); |
8182
b28ea685a56e
Moved all QUIC code into ngx_event_quic.c
Vladimir Homutov <vl@nginx.com>
parents:
8180
diff
changeset
|
714 } |
8171 | 715 |
716 | |
8225 | 717 static ngx_int_t |
718 ngx_quic_payload_handler(ngx_connection_t *c, ngx_quic_header_t *pkt) | |
719 { | |
720 u_char *end, *p; | |
721 ssize_t len; | |
722 ngx_uint_t ack_this, do_close; | |
723 ngx_quic_frame_t frame, *ack_frame; | |
724 ngx_quic_connection_t *qc; | |
725 | |
726 qc = c->quic; | |
727 | |
728 p = pkt->payload.data; | |
729 end = p + pkt->payload.len; | |
730 | |
731 ack_this = 0; | |
732 do_close = 0; | |
733 | |
734 while (p < end) { | |
735 | |
8240
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
8239
diff
changeset
|
736 len = ngx_quic_parse_frame(pkt, p, end, &frame); |
8225 | 737 if (len < 0) { |
738 return NGX_ERROR; | |
739 } | |
740 | |
741 p += len; | |
742 | |
743 switch (frame.type) { | |
744 | |
745 case NGX_QUIC_FT_ACK: | |
746 if (ngx_quic_handle_ack_frame(c, pkt, &frame.u.ack) != NGX_OK) { | |
747 return NGX_ERROR; | |
748 } | |
749 | |
750 break; | |
751 | |
752 case NGX_QUIC_FT_CRYPTO: | |
753 | |
754 if (ngx_quic_handle_crypto_frame(c, pkt, &frame.u.crypto) | |
755 != NGX_OK) | |
756 { | |
757 return NGX_ERROR; | |
758 } | |
759 | |
760 ack_this = 1; | |
761 break; | |
762 | |
763 case NGX_QUIC_FT_PADDING: | |
764 break; | |
765 | |
766 case NGX_QUIC_FT_PING: | |
767 ack_this = 1; | |
768 break; | |
769 | |
770 case NGX_QUIC_FT_NEW_CONNECTION_ID: | |
771 ack_this = 1; | |
772 break; | |
773 | |
774 case NGX_QUIC_FT_CONNECTION_CLOSE: | |
775 | |
776 do_close = 1; | |
777 break; | |
778 | |
779 case NGX_QUIC_FT_STREAM0: | |
780 case NGX_QUIC_FT_STREAM1: | |
781 case NGX_QUIC_FT_STREAM2: | |
782 case NGX_QUIC_FT_STREAM3: | |
783 case NGX_QUIC_FT_STREAM4: | |
784 case NGX_QUIC_FT_STREAM5: | |
785 case NGX_QUIC_FT_STREAM6: | |
786 case NGX_QUIC_FT_STREAM7: | |
787 | |
788 if (ngx_quic_handle_stream_frame(c, pkt, &frame.u.stream) | |
789 != NGX_OK) | |
790 { | |
791 return NGX_ERROR; | |
792 } | |
793 | |
794 ack_this = 1; | |
795 break; | |
796 | |
8237
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
797 case NGX_QUIC_FT_MAX_DATA: |
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
798 c->quic->max_data = frame.u.max_data.max_data; |
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
799 ack_this = 1; |
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
800 break; |
ff540f13d95d
MAX_DATA frame parser/handler.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8236
diff
changeset
|
801 |
8231
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
802 case NGX_QUIC_FT_RESET_STREAM: |
8240
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
8239
diff
changeset
|
803 /* TODO: handle */ |
8231
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
804 break; |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
805 |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
806 case NGX_QUIC_FT_STOP_SENDING: |
8240
1f002206a59b
Added boundaries checks into frame parser.
Vladimir Homutov <vl@nginx.com>
parents:
8239
diff
changeset
|
807 /* TODO: handle; need ack ? */ |
8231
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
808 break; |
78540e2160d0
Added parsing of RESET_STREAM and STOP_SENDING frames
Vladimir Homutov <vl@nginx.com>
parents:
8229
diff
changeset
|
809 |
8236
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
810 case NGX_QUIC_FT_STREAMS_BLOCKED: |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
811 case NGX_QUIC_FT_STREAMS_BLOCKED2: |
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
812 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
813 if (ngx_quic_handle_streams_blocked_frame(c, pkt, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
814 &frame.u.streams_blocked) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
815 != NGX_OK) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
816 { |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
817 return NGX_ERROR; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
818 } |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
819 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
820 ack_this = 1; |
8236
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
821 break; |
d3b26c3bea22
Added parsing of STREAMS BLOCKED frames.
Vladimir Homutov <vl@nginx.com>
parents:
8235
diff
changeset
|
822 |
8225 | 823 default: |
824 return NGX_ERROR; | |
825 } | |
826 } | |
827 | |
828 if (p != end) { | |
829 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
830 "trailing garbage in payload: %ui bytes", end - p); | |
831 return NGX_ERROR; | |
832 } | |
833 | |
834 if (do_close) { | |
835 // TODO: handle stream close | |
836 } | |
837 | |
838 if (ack_this == 0) { | |
839 /* do not ack packets with ACKs and PADDING */ | |
840 return NGX_OK; | |
841 } | |
842 | |
843 // packet processed, ACK it now if required | |
844 // TODO: if (ack_required) ... - currently just ack each packet | |
845 | |
846 ack_frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); | |
847 if (ack_frame == NULL) { | |
848 return NGX_ERROR; | |
849 } | |
850 | |
851 ack_frame->level = pkt->level; | |
852 ack_frame->type = NGX_QUIC_FT_ACK; | |
853 ack_frame->u.ack.pn = pkt->pn; | |
854 | |
855 ngx_sprintf(ack_frame->info, "ACK for PN=%d from frame handler level=%d", pkt->pn, pkt->level); | |
856 ngx_quic_queue_frame(qc, ack_frame); | |
857 | |
858 return ngx_quic_output(c); | |
859 } | |
860 | |
861 | |
862 static ngx_int_t | |
863 ngx_quic_handle_ack_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, | |
864 ngx_quic_ack_frame_t *f) | |
865 { | |
866 /* TODO: handle ACK here */ | |
867 return NGX_OK; | |
868 } | |
869 | |
870 | |
871 static ngx_int_t | |
872 ngx_quic_handle_crypto_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, | |
873 ngx_quic_crypto_frame_t *f) | |
874 { | |
875 int sslerr; | |
876 ssize_t n; | |
877 ngx_ssl_conn_t *ssl_conn; | |
878 | |
879 if (f->offset != 0x0) { | |
880 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
881 "crypto frame with non-zero offset"); | |
882 // TODO: add support for crypto frames spanning packets | |
883 return NGX_ERROR; | |
884 } | |
885 | |
886 ssl_conn = c->ssl->connection; | |
887 | |
888 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
889 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", | |
890 (int) SSL_quic_read_level(ssl_conn), | |
891 (int) SSL_quic_write_level(ssl_conn)); | |
892 | |
893 if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn), | |
894 f->data, f->len)) | |
895 { | |
896 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, | |
897 "SSL_provide_quic_data() failed"); | |
898 return NGX_ERROR; | |
899 } | |
900 | |
901 n = SSL_do_handshake(ssl_conn); | |
902 | |
903 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); | |
904 | |
905 if (n == -1) { | |
906 sslerr = SSL_get_error(ssl_conn, n); | |
907 | |
908 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", | |
909 sslerr); | |
910 | |
911 if (sslerr == SSL_ERROR_SSL) { | |
912 ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); | |
913 } | |
914 } | |
915 | |
916 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
917 "quic ssl cipher: %s", SSL_get_cipher(ssl_conn)); | |
918 | |
919 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
920 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", | |
921 (int) SSL_quic_read_level(ssl_conn), | |
922 (int) SSL_quic_write_level(ssl_conn)); | |
923 | |
924 return NGX_OK; | |
925 } | |
926 | |
927 | |
928 static ngx_int_t | |
929 ngx_quic_handle_stream_frame(ngx_connection_t *c, | |
930 ngx_quic_header_t *pkt, ngx_quic_stream_frame_t *f) | |
931 { | |
932 ngx_buf_t *b; | |
933 ngx_quic_connection_t *qc; | |
934 ngx_quic_stream_node_t *sn; | |
935 | |
936 qc = c->quic; | |
937 | |
938 sn = ngx_quic_find_stream(&qc->streams.tree, f->stream_id); | |
939 | |
940 if (sn) { | |
941 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "existing stream"); | |
942 b = sn->b; | |
943 | |
944 if ((size_t) (b->end - b->pos) < f->length) { | |
945 ngx_log_error(NGX_LOG_INFO, c->log, 0, "no space in stream buffer"); | |
946 return NGX_ERROR; | |
947 } | |
948 | |
949 ngx_memcpy(b->pos, f->data, f->length); | |
950 b->pos += f->length; | |
951 | |
952 // TODO: notify | |
953 | |
954 return NGX_OK; | |
955 } | |
956 | |
957 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "stream is new"); | |
958 | |
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
959 sn = ngx_quic_create_stream(c, f->stream_id); |
8225 | 960 if (sn == NULL) { |
961 return NGX_ERROR; | |
962 } | |
963 | |
964 b = sn->b; | |
965 | |
966 ngx_memcpy(b->start, f->data, f->length); | |
967 b->last = b->start + f->length; | |
968 | |
969 qc->streams.handler(sn->c); | |
970 | |
971 return NGX_OK; | |
972 } | |
973 | |
974 | |
8245
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
975 static ngx_int_t |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
976 ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
977 ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f) |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
978 { |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
979 ngx_quic_frame_t *frame; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
980 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
981 frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
982 if (frame == NULL) { |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
983 return NGX_ERROR; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
984 } |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
985 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
986 frame->level = pkt->level; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
987 frame->type = NGX_QUIC_FT_MAX_STREAMS; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
988 frame->u.max_streams.limit = f->limit * 2; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
989 frame->u.max_streams.bidi = f->bidi; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
990 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
991 ngx_sprintf(frame->info, "MAX_STREAMS limit:%d bidi:%d level=%d", |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
992 (int) frame->u.max_streams.limit, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
993 (int) frame->u.max_streams.bidi, |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
994 frame->level); |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
995 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
996 ngx_quic_queue_frame(c->quic, frame); |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
997 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
998 return NGX_OK; |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
999 } |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1000 |
a14afe21e692
Double MAX_STREAMS on STREAMS_BLOCKED.
Roman Arutyunyan <arut@nginx.com>
parents:
8241
diff
changeset
|
1001 |
8225 | 1002 static void |
1003 ngx_quic_queue_frame(ngx_quic_connection_t *qc, ngx_quic_frame_t *frame) | |
1004 { | |
1005 ngx_quic_frame_t *f; | |
1006 | |
1007 if (qc->frames == NULL) { | |
1008 qc->frames = frame; | |
1009 return; | |
1010 } | |
1011 | |
1012 for (f = qc->frames; f->next; f = f->next) { | |
1013 if (f->next->level > frame->level) { | |
1014 break; | |
1015 } | |
1016 } | |
1017 | |
1018 frame->next = f->next; | |
1019 f->next = frame; | |
1020 } | |
1021 | |
1022 | |
1023 static ngx_int_t | |
1024 ngx_quic_output(ngx_connection_t *c) | |
1025 { | |
1026 size_t len; | |
1027 ngx_uint_t lvl; | |
1028 ngx_quic_frame_t *f, *start; | |
1029 ngx_quic_connection_t *qc; | |
1030 | |
1031 qc = c->quic; | |
1032 | |
1033 if (qc->frames == NULL) { | |
1034 return NGX_OK; | |
1035 } | |
1036 | |
1037 lvl = qc->frames->level; | |
1038 start = qc->frames; | |
1039 f = start; | |
1040 | |
1041 do { | |
1042 len = 0; | |
1043 | |
1044 do { | |
1045 /* process same-level group of frames */ | |
1046 | |
8241
db745339e54b
The ngx_quic_frame_len() function is not really needed.
Vladimir Homutov <vl@nginx.com>
parents:
8240
diff
changeset
|
1047 len += ngx_quic_create_frame(NULL, NULL, f);// TODO: handle overflow, max size |
8225 | 1048 |
1049 f = f->next; | |
1050 } while (f && f->level == lvl); | |
1051 | |
1052 | |
1053 if (ngx_quic_frames_send(c, start, f, len) != NGX_OK) { | |
1054 return NGX_ERROR; | |
1055 } | |
1056 | |
1057 if (f == NULL) { | |
1058 break; | |
1059 } | |
1060 | |
1061 lvl = f->level; // TODO: must not decrease (ever, also between calls) | |
1062 start = f; | |
1063 | |
1064 } while (1); | |
1065 | |
1066 qc->frames = NULL; | |
1067 | |
1068 return NGX_OK; | |
1069 } | |
1070 | |
1071 | |
1072 /* pack a group of frames [start; end) into memory p and send as single packet */ | |
1073 ngx_int_t | |
1074 ngx_quic_frames_send(ngx_connection_t *c, ngx_quic_frame_t *start, | |
1075 ngx_quic_frame_t *end, size_t total) | |
1076 { | |
1077 ssize_t len; | |
1078 u_char *p; | |
1079 ngx_str_t out; | |
1080 ngx_quic_frame_t *f; | |
1081 | |
1082 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1083 "sending frames %p...%p", start, end); | |
1084 | |
1085 p = ngx_pnalloc(c->pool, total); | |
1086 if (p == NULL) { | |
1087 return NGX_ERROR; | |
1088 } | |
1089 | |
1090 out.data = p; | |
1091 | |
1092 for (f = start; f != end; f = f->next) { | |
1093 | |
1094 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "frame: %s", f->info); | |
1095 | |
1096 len = ngx_quic_create_frame(p, p + total, f); | |
1097 if (len == -1) { | |
1098 return NGX_ERROR; | |
1099 } | |
1100 | |
1101 p += len; | |
1102 } | |
1103 | |
1104 out.len = p - out.data; | |
1105 | |
1106 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1107 "packet ready: %ui bytes at level %d", | |
1108 out.len, start->level); | |
1109 | |
1110 // IOVEC/sendmsg_chain ? | |
1111 if (ngx_quic_send_packet(c, c->quic, start->level, &out) != NGX_OK) { | |
1112 return NGX_ERROR; | |
1113 } | |
1114 | |
1115 return NGX_OK; | |
1116 } | |
1117 | |
1118 | |
1119 static ngx_int_t | |
1120 ngx_quic_send_packet(ngx_connection_t *c, ngx_quic_connection_t *qc, | |
1121 enum ssl_encryption_level_t level, ngx_str_t *payload) | |
1122 { | |
1123 ngx_str_t res; | |
1124 ngx_quic_header_t pkt; | |
1125 | |
1126 pkt.log = c->log; | |
1127 | |
1128 static ngx_str_t initial_token = ngx_null_string; | |
1129 | |
1130 ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); | |
1131 ngx_quic_hexdump0(c->log, "payload", payload->data, payload->len); | |
1132 | |
1133 pkt.level = level; | |
1134 pkt.dcid = qc->dcid; | |
1135 pkt.scid = qc->scid; | |
1136 | |
1137 if (level == ssl_encryption_initial) { | |
1138 pkt.number = &qc->initial_pn; | |
1139 pkt.flags = NGX_QUIC_PKT_INITIAL; | |
1140 pkt.secret = &qc->secrets.server.in; | |
1141 pkt.token = initial_token; | |
1142 | |
1143 } else if (level == ssl_encryption_handshake) { | |
1144 pkt.number = &qc->handshake_pn; | |
1145 pkt.flags = NGX_QUIC_PKT_HANDSHAKE; | |
1146 pkt.secret = &qc->secrets.server.hs; | |
1147 | |
1148 } else { | |
1149 pkt.number = &qc->appdata_pn; | |
1150 pkt.secret = &qc->secrets.server.ad; | |
1151 } | |
1152 | |
1153 if (ngx_quic_encrypt(c->pool, c->ssl->connection, &pkt, payload, &res) | |
1154 != NGX_OK) | |
1155 { | |
1156 return NGX_ERROR; | |
1157 } | |
1158 | |
1159 ngx_quic_hexdump0(c->log, "packet to send", res.data, res.len); | |
1160 | |
1161 c->send(c, res.data, res.len); // TODO: err handling | |
1162 | |
1163 (*pkt.number)++; | |
1164 | |
1165 return NGX_OK; | |
1166 } | |
1167 | |
1168 | |
1169 ngx_connection_t * | |
1170 ngx_quic_create_uni_stream(ngx_connection_t *c) | |
1171 { | |
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1172 ngx_uint_t id; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1173 ngx_quic_stream_t *qs; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1174 ngx_quic_connection_t *qc; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1175 ngx_quic_stream_node_t *sn; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1176 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1177 qs = c->qs; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1178 qc = qs->parent->quic; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1179 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1180 /* |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1181 * A stream ID is a 62-bit integer that is unique for all streams |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1182 * on a connection. |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1183 * |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1184 * 0x3 | Server-Initiated, Unidirectional |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1185 */ |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1186 id = (qc->streams.id_counter << 2) | 0x3; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1187 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1188 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1189 "creating server uni stream #%ui id %ui", |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1190 qc->streams.id_counter, id); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1191 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1192 qc->streams.id_counter++; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1193 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1194 sn = ngx_quic_create_stream(qs->parent, id); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1195 if (sn == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1196 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1197 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1198 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1199 return sn->c; |
8225 | 1200 } |
1201 | |
1202 | |
1203 static void | |
1204 ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, | |
1205 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel) | |
1206 { | |
1207 ngx_rbtree_node_t **p; | |
1208 ngx_quic_stream_node_t *qn, *qnt; | |
1209 | |
1210 for ( ;; ) { | |
1211 | |
1212 if (node->key < temp->key) { | |
1213 | |
1214 p = &temp->left; | |
1215 | |
1216 } else if (node->key > temp->key) { | |
1217 | |
1218 p = &temp->right; | |
1219 | |
1220 } else { /* node->key == temp->key */ | |
1221 | |
1222 qn = (ngx_quic_stream_node_t *) &node->color; | |
1223 qnt = (ngx_quic_stream_node_t *) &temp->color; | |
1224 | |
1225 if (qn->c < qnt->c) { | |
1226 p = &temp->left; | |
1227 } else { | |
1228 p = &temp->right; | |
1229 } | |
1230 } | |
1231 | |
1232 if (*p == sentinel) { | |
1233 break; | |
1234 } | |
1235 | |
1236 temp = *p; | |
1237 } | |
1238 | |
1239 *p = node; | |
1240 node->parent = temp; | |
1241 node->left = sentinel; | |
1242 node->right = sentinel; | |
1243 ngx_rbt_red(node); | |
1244 } | |
1245 | |
1246 | |
1247 static ngx_quic_stream_node_t * | |
1248 ngx_quic_find_stream(ngx_rbtree_t *rbtree, ngx_uint_t key) | |
1249 { | |
1250 ngx_rbtree_node_t *node, *sentinel; | |
1251 | |
1252 node = rbtree->root; | |
1253 sentinel = rbtree->sentinel; | |
1254 | |
1255 while (node != sentinel) { | |
1256 | |
1257 if (key == node->key) { | |
1258 return (ngx_quic_stream_node_t *) node; | |
1259 } | |
1260 | |
1261 node = (key < node->key) ? node->left : node->right; | |
1262 } | |
1263 | |
1264 return NULL; | |
1265 } | |
1266 | |
1267 | |
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1268 static ngx_quic_stream_node_t * |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1269 ngx_quic_create_stream(ngx_connection_t *c, ngx_uint_t id) |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1270 { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1271 ngx_log_t *log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1272 ngx_pool_t *pool; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1273 ngx_event_t *rev, *wev; |
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1274 ngx_pool_cleanup_t *cln; |
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1275 ngx_quic_connection_t *qc; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1276 ngx_quic_stream_node_t *sn; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1277 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1278 qc = c->quic; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1279 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1280 sn = ngx_pcalloc(c->pool, sizeof(ngx_quic_stream_node_t)); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1281 if (sn == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1282 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1283 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1284 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1285 sn->c = ngx_get_connection(-1, c->log); // TODO: free on connection termination |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1286 if (sn->c == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1287 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1288 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1289 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1290 pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1291 if (pool == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1292 /* XXX free connection */ |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1293 // TODO: add pool cleanup handdler |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1294 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1295 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1296 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1297 log = ngx_palloc(pool, sizeof(ngx_log_t)); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1298 if (log == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1299 /* XXX free pool and connection */ |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1300 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1301 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1302 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1303 *log = *c->log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1304 pool->log = log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1305 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1306 sn->c->log = log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1307 sn->c->pool = pool; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1308 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1309 sn->c->listening = c->listening; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1310 sn->c->sockaddr = c->sockaddr; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1311 sn->c->local_sockaddr = c->local_sockaddr; |
8234
19bb9edcd8bd
Added copying addr_text to QUIC stream connections.
Roman Arutyunyan <arut@nginx.com>
parents:
8232
diff
changeset
|
1312 sn->c->addr_text = c->addr_text; |
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1313 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1314 rev = sn->c->read; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1315 wev = sn->c->write; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1316 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1317 rev->ready = 1; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1318 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1319 rev->log = c->log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1320 wev->log = c->log; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1321 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1322 sn->c->number = ngx_atomic_fetch_add(ngx_connection_counter, 1); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1323 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1324 sn->node.key =id; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1325 sn->b = ngx_create_temp_buf(pool, 16 * 1024); // XXX enough for everyone |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1326 if (sn->b == NULL) { |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1327 return NULL; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1328 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1329 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1330 ngx_rbtree_insert(&qc->streams.tree, &sn->node); |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1331 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1332 sn->s.id = id; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1333 sn->s.unidirectional = (sn->s.id & 0x02) ? 1 : 0; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1334 sn->s.parent = c; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1335 sn->c->qs = &sn->s; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1336 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1337 sn->c->recv = ngx_quic_stream_recv; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1338 sn->c->send = ngx_quic_stream_send; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1339 sn->c->send_chain = ngx_quic_stream_send_chain; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1340 |
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1341 cln = ngx_pool_cleanup_add(pool, 0); |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1342 if (cln == NULL) { |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1343 ngx_close_connection(sn->c); |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1344 ngx_destroy_pool(pool); |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1345 return NULL; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1346 } |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1347 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1348 cln->handler = ngx_quic_stream_cleanup_handler; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1349 cln->data = sn->c; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1350 |
8229
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1351 return sn; |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1352 } |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1353 |
cfc429911c0d
Implemented creation of server unidirectional streams.
Vladimir Homutov <vl@nginx.com>
parents:
8225
diff
changeset
|
1354 |
8225 | 1355 static ssize_t |
1356 ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, size_t size) | |
1357 { | |
1358 ssize_t len; | |
1359 ngx_buf_t *b; | |
1360 ngx_quic_stream_t *qs; | |
1361 ngx_quic_connection_t *qc; | |
1362 ngx_quic_stream_node_t *sn; | |
1363 | |
1364 qs = c->qs; | |
1365 qc = qs->parent->quic; | |
1366 | |
1367 // XXX: get direct pointer from stream structure? | |
1368 sn = ngx_quic_find_stream(&qc->streams.tree, qs->id); | |
1369 | |
1370 if (sn == NULL) { | |
1371 return NGX_ERROR; | |
1372 } | |
1373 | |
1374 // XXX: how to return EOF? | |
1375 | |
1376 b = sn->b; | |
1377 | |
1378 if (b->last - b->pos == 0) { | |
1379 c->read->ready = 0; | |
1380 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1381 "quic recv() not ready"); | |
1382 return NGX_AGAIN; // ? | |
1383 } | |
1384 | |
1385 len = ngx_min(b->last - b->pos, (ssize_t) size); | |
1386 | |
1387 ngx_memcpy(buf, b->pos, len); | |
1388 | |
1389 b->pos += len; | |
1390 | |
1391 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
1392 "quic recv: %z of %uz", len, size); | |
1393 | |
1394 return len; | |
1395 } | |
1396 | |
1397 | |
1398 static ssize_t | |
1399 ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, size_t size) | |
1400 { | |
1401 u_char *p; | |
1402 ngx_connection_t *pc; | |
1403 ngx_quic_frame_t *frame; | |
1404 ngx_quic_stream_t *qs; | |
1405 ngx_quic_connection_t *qc; | |
1406 ngx_quic_stream_node_t *sn; | |
1407 | |
1408 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic send: %uz", size); | |
1409 | |
1410 qs = c->qs; | |
1411 pc = qs->parent; | |
1412 qc = pc->quic; | |
1413 | |
1414 // XXX: get direct pointer from stream structure? | |
1415 sn = ngx_quic_find_stream(&qc->streams.tree, qs->id); | |
1416 | |
1417 if (sn == NULL) { | |
1418 return NGX_ERROR; | |
1419 } | |
1420 | |
1421 frame = ngx_pcalloc(pc->pool, sizeof(ngx_quic_frame_t)); | |
1422 if (frame == NULL) { | |
1423 return 0; | |
1424 } | |
1425 | |
1426 p = ngx_pnalloc(pc->pool, size); | |
1427 if (p == NULL) { | |
1428 return 0; | |
1429 } | |
1430 | |
1431 ngx_memcpy(p, buf, size); | |
1432 | |
1433 frame->level = ssl_encryption_application; | |
1434 frame->type = NGX_QUIC_FT_STREAM6; /* OFF=1 LEN=1 FIN=0 */ | |
1435 frame->u.stream.off = 1; | |
1436 frame->u.stream.len = 1; | |
1437 frame->u.stream.fin = 0; | |
1438 | |
1439 frame->u.stream.type = frame->type; | |
1440 frame->u.stream.stream_id = qs->id; | |
1441 frame->u.stream.offset = c->sent; | |
1442 frame->u.stream.length = size; | |
1443 frame->u.stream.data = p; | |
1444 | |
1445 c->sent += size; | |
1446 | |
1447 ngx_sprintf(frame->info, "stream %xi len=%ui level=%d", | |
1448 qs->id, size, frame->level); | |
1449 | |
1450 ngx_quic_queue_frame(qc, frame); | |
1451 | |
1452 return size; | |
1453 } | |
1454 | |
1455 | |
8239
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1456 static void |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1457 ngx_quic_stream_cleanup_handler(void *data) |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1458 { |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1459 ngx_connection_t *c = data; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1460 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1461 ngx_connection_t *pc; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1462 ngx_quic_frame_t *frame; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1463 ngx_quic_stream_t *qs; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1464 ngx_quic_connection_t *qc; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1465 ngx_quic_stream_node_t *sn; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1466 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1467 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic send fin"); |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1468 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1469 qs = c->qs; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1470 pc = qs->parent; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1471 qc = pc->quic; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1472 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1473 if ((qs->id & 0x03) == 0x02) { |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1474 /* do not send fin for client unidirectional streams */ |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1475 return; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1476 } |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1477 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1478 // XXX: get direct pointer from stream structure? |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1479 sn = ngx_quic_find_stream(&qc->streams.tree, qs->id); |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1480 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1481 if (sn == NULL) { |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1482 return; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1483 } |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1484 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1485 frame = ngx_pcalloc(pc->pool, sizeof(ngx_quic_frame_t)); |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1486 if (frame == NULL) { |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1487 return; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1488 } |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1489 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1490 frame->level = ssl_encryption_application; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1491 frame->type = NGX_QUIC_FT_STREAM7; /* OFF=1 LEN=1 FIN=1 */ |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1492 frame->u.stream.off = 1; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1493 frame->u.stream.len = 1; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1494 frame->u.stream.fin = 1; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1495 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1496 frame->u.stream.type = frame->type; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1497 frame->u.stream.stream_id = qs->id; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1498 frame->u.stream.offset = c->sent; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1499 frame->u.stream.length = 0; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1500 frame->u.stream.data = NULL; |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1501 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1502 ngx_sprintf(frame->info, "stream %xi fin=1 level=%d", qs->id, frame->level); |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1503 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1504 ngx_quic_queue_frame(qc, frame); |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1505 } |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1506 |
5ad7bffd3850
Send a FIN frame when QUIC stream is closed.
Roman Arutyunyan <arut@nginx.com>
parents:
8237
diff
changeset
|
1507 |
8225 | 1508 static ngx_chain_t * |
1509 ngx_quic_stream_send_chain(ngx_connection_t *c, ngx_chain_t *in, | |
1510 off_t limit) | |
1511 { | |
1512 size_t len; | |
1513 ssize_t n; | |
1514 ngx_buf_t *b; | |
1515 | |
1516 for ( /* void */; in; in = in->next) { | |
1517 b = in->buf; | |
1518 | |
1519 if (!ngx_buf_in_memory(b)) { | |
1520 continue; | |
1521 } | |
1522 | |
1523 if (ngx_buf_size(b) == 0) { | |
1524 continue; | |
1525 } | |
1526 | |
1527 len = b->last - b->pos; | |
1528 | |
1529 n = ngx_quic_stream_send(c, b->pos, len); | |
1530 | |
1531 if (n == NGX_ERROR) { | |
1532 return NGX_CHAIN_ERROR; | |
1533 } | |
1534 | |
1535 if (n == NGX_AGAIN) { | |
1536 return in; | |
1537 } | |
1538 | |
1539 if (n != (ssize_t) len) { | |
1540 b->pos += n; | |
1541 return in; | |
1542 } | |
1543 } | |
1544 | |
1545 return NULL; | |
1546 } |