Mercurial > hg > nginx
annotate src/event/quic/ngx_event_quic_migration.c @ 9331:dbf76fdd109f default tip
release-1.27.4 tag
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 03 Sep 2024 13:11:25 +0300 |
parents | 2ed3f57dca0a |
children |
rev | line source |
---|---|
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #include <ngx_config.h> |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_core.h> |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_event.h> |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 #include <ngx_event_quic_connection.h> |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
13 #define NGX_QUIC_PATH_MTU_DELAY 100 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
14 #define NGX_QUIC_PATH_MTU_PRECISION 16 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
15 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
16 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
17 static void ngx_quic_set_connection_path(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
18 ngx_quic_path_t *path); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
19 static ngx_int_t ngx_quic_validate_path(ngx_connection_t *c, |
8944
b7284807b4fa
QUIC: refactored ngx_quic_validate_path().
Vladimir Homutov <vl@nginx.com>
parents:
8943
diff
changeset
|
20 ngx_quic_path_t *path); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
21 static ngx_int_t ngx_quic_send_path_challenge(ngx_connection_t *c, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
22 ngx_quic_path_t *path); |
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
23 static void ngx_quic_set_path_timer(ngx_connection_t *c); |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
24 static ngx_int_t ngx_quic_expire_path_validation(ngx_connection_t *c, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
25 ngx_quic_path_t *path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
26 static ngx_int_t ngx_quic_expire_path_mtu_delay(ngx_connection_t *c, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
27 ngx_quic_path_t *path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
28 static ngx_int_t ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
29 ngx_quic_path_t *path); |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
30 static ngx_quic_path_t *ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag); |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
31 static ngx_int_t ngx_quic_send_path_mtu_probe(ngx_connection_t *c, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
32 ngx_quic_path_t *path); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
33 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
34 |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
35 ngx_int_t |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
36 ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
37 ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f) |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
38 { |
9189
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
39 size_t min; |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
40 ngx_quic_frame_t *fp; |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
41 ngx_quic_connection_t *qc; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
42 |
9191
618132842e7c
QUIC: ignore duplicate PATH_CHALLENGE frames.
Roman Arutyunyan <arut@nginx.com>
parents:
9190
diff
changeset
|
43 if (pkt->level != ssl_encryption_application || pkt->path_challenged) { |
618132842e7c
QUIC: ignore duplicate PATH_CHALLENGE frames.
Roman Arutyunyan <arut@nginx.com>
parents:
9190
diff
changeset
|
44 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
618132842e7c
QUIC: ignore duplicate PATH_CHALLENGE frames.
Roman Arutyunyan <arut@nginx.com>
parents:
9190
diff
changeset
|
45 "quic ignoring PATH_CHALLENGE"); |
618132842e7c
QUIC: ignore duplicate PATH_CHALLENGE frames.
Roman Arutyunyan <arut@nginx.com>
parents:
9190
diff
changeset
|
46 return NGX_OK; |
618132842e7c
QUIC: ignore duplicate PATH_CHALLENGE frames.
Roman Arutyunyan <arut@nginx.com>
parents:
9190
diff
changeset
|
47 } |
618132842e7c
QUIC: ignore duplicate PATH_CHALLENGE frames.
Roman Arutyunyan <arut@nginx.com>
parents:
9190
diff
changeset
|
48 |
618132842e7c
QUIC: ignore duplicate PATH_CHALLENGE frames.
Roman Arutyunyan <arut@nginx.com>
parents:
9190
diff
changeset
|
49 pkt->path_challenged = 1; |
618132842e7c
QUIC: ignore duplicate PATH_CHALLENGE frames.
Roman Arutyunyan <arut@nginx.com>
parents:
9190
diff
changeset
|
50 |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
51 qc = ngx_quic_get_connection(c); |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
52 |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
53 fp = ngx_quic_alloc_frame(c); |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
54 if (fp == NULL) { |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
55 return NGX_ERROR; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
56 } |
8933
02a9ad88e2df
QUIC: added missing frame initialization.
Vladimir Homutov <vl@nginx.com>
parents:
8932
diff
changeset
|
57 |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
58 fp->level = ssl_encryption_application; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
59 fp->type = NGX_QUIC_FT_PATH_RESPONSE; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
60 fp->u.path_response = *f; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
61 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
62 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
63 * RFC 9000, 8.2.2. Path Validation Responses |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
64 * |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
65 * A PATH_RESPONSE frame MUST be sent on the network path where the |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
66 * PATH_CHALLENGE frame was received. |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
67 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
68 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
69 /* |
8901
a951e0809044
QUIC: fixed PATH_RESPONSE frame expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8822
diff
changeset
|
70 * An endpoint MUST expand datagrams that contain a PATH_RESPONSE frame |
a951e0809044
QUIC: fixed PATH_RESPONSE frame expansion.
Vladimir Homutov <vl@nginx.com>
parents:
8822
diff
changeset
|
71 * to at least the smallest allowed maximum datagram size of 1200 bytes. |
9189
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
72 * ... |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
73 * However, an endpoint MUST NOT expand the datagram containing the |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
74 * PATH_RESPONSE if the resulting data exceeds the anti-amplification limit. |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
75 */ |
9189
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
76 |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
77 min = (ngx_quic_path_limit(c, pkt->path, 1200) < 1200) ? 0 : 1200; |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
78 |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
79 if (ngx_quic_frame_sendto(c, fp, min, pkt->path) == NGX_ERROR) { |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
80 return NGX_ERROR; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
81 } |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
82 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
83 if (pkt->path == qc->path) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
84 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
85 * RFC 9000, 9.3.3. Off-Path Packet Forwarding |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
86 * |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
87 * An endpoint that receives a PATH_CHALLENGE on an active path SHOULD |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
88 * send a non-probing packet in response. |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
89 */ |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
90 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
91 fp = ngx_quic_alloc_frame(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
92 if (fp == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
93 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
94 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
95 |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
96 fp->level = ssl_encryption_application; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
97 fp->type = NGX_QUIC_FT_PING; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
98 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
99 ngx_quic_queue_frame(qc, fp); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
100 } |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
101 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
102 return NGX_OK; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
103 } |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
104 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
105 |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
106 ngx_int_t |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
107 ngx_quic_handle_path_response_frame(ngx_connection_t *c, |
8778
5186ee5a94b9
QUIC: simplified sending 1-RTT only frames.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8777
diff
changeset
|
108 ngx_quic_path_challenge_frame_t *f) |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
109 { |
8943
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
110 ngx_uint_t rst; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
111 ngx_queue_t *q; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
112 ngx_quic_path_t *path, *prev; |
9196
6c8595b77e66
QUIC: path aware in-flight bytes accounting.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9195
diff
changeset
|
113 ngx_quic_send_ctx_t *ctx; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
114 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
115 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
116 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
117 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
118 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
119 * RFC 9000, 8.2.3. Successful Path Validation |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
120 * |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
121 * A PATH_RESPONSE frame received on any network path validates the path |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
122 * on which the PATH_CHALLENGE was sent. |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
123 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
124 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
125 for (q = ngx_queue_head(&qc->paths); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
126 q != ngx_queue_sentinel(&qc->paths); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
127 q = ngx_queue_next(q)) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
128 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
129 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
130 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
131 if (path->state != NGX_QUIC_PATH_VALIDATING) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
132 continue; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
133 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
134 |
9189
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
135 if (ngx_memcmp(path->challenge[0], f->data, sizeof(f->data)) == 0 |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
136 || ngx_memcmp(path->challenge[1], f->data, sizeof(f->data)) == 0) |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
137 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
138 goto valid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
139 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
140 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
141 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
142 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, |
9015
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8997
diff
changeset
|
143 "quic stale PATH_RESPONSE ignored"); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
144 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
145 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
146 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
147 valid: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
148 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
149 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
150 * RFC 9000, 9.4. Loss Detection and Congestion Control |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
151 * |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
152 * On confirming a peer's ownership of its new address, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
153 * an endpoint MUST immediately reset the congestion controller |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
154 * and round-trip time estimator for the new path to initial values |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
155 * unless the only change in the peer's address is its port number. |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
156 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
157 |
8943
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
158 rst = 1; |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
159 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
160 prev = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
161 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
162 if (prev != NULL) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
163 |
8943
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
164 if (ngx_cmp_sockaddr(prev->sockaddr, prev->socklen, |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
165 path->sockaddr, path->socklen, 0) |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
166 == NGX_OK) |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
167 { |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
168 /* address did not change */ |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
169 rst = 0; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
170 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
171 path->mtu = prev->mtu; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
172 path->max_mtu = prev->max_mtu; |
9194
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
173 path->mtu_unvalidated = 0; |
8943
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
174 } |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
175 } |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
176 |
118a34e32121
QUIC: added missing check for backup path existence.
Vladimir Homutov <vl@nginx.com>
parents:
8940
diff
changeset
|
177 if (rst) { |
9196
6c8595b77e66
QUIC: path aware in-flight bytes accounting.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9195
diff
changeset
|
178 /* prevent old path packets contribution to congestion control */ |
6c8595b77e66
QUIC: path aware in-flight bytes accounting.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9195
diff
changeset
|
179 |
6c8595b77e66
QUIC: path aware in-flight bytes accounting.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9195
diff
changeset
|
180 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
6c8595b77e66
QUIC: path aware in-flight bytes accounting.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9195
diff
changeset
|
181 qc->rst_pnum = ctx->pnum; |
6c8595b77e66
QUIC: path aware in-flight bytes accounting.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9195
diff
changeset
|
182 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
183 ngx_memzero(&qc->congestion, sizeof(ngx_quic_congestion_t)); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
184 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
185 qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
186 ngx_max(2 * qc->tp.max_udp_payload_size, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
187 14720)); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
188 qc->congestion.ssthresh = (size_t) -1; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
189 qc->congestion.recovery_start = ngx_current_msec; |
9195
ff452f283aa9
QUIC: reset RTT estimator for the new path.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9194
diff
changeset
|
190 |
ff452f283aa9
QUIC: reset RTT estimator for the new path.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9194
diff
changeset
|
191 ngx_quic_init_rtt(qc); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
192 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
193 |
9194
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
194 path->validated = 1; |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
195 |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
196 if (path->mtu_unvalidated) { |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
197 path->mtu_unvalidated = 0; |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
198 return ngx_quic_validate_path(c, path); |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
199 } |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
200 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
201 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
202 * RFC 9000, 9.3. Responding to Connection Migration |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
203 * |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
204 * After verifying a new client address, the server SHOULD |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
205 * send new address validation tokens (Section 8) to the client. |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
206 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
207 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
208 if (ngx_quic_send_new_token(c, path) != NGX_OK) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
209 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
210 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
211 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
212 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
213 "quic path seq:%uL addr:%V successfully validated", |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
214 path->seqnum, &path->addr_text); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
215 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
216 ngx_quic_path_dbg(c, "is validated", path); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
217 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
218 ngx_quic_discover_path_mtu(c, path); |
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
219 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
220 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
221 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
222 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
223 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
224 ngx_quic_path_t * |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
225 ngx_quic_new_path(ngx_connection_t *c, |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
226 struct sockaddr *sockaddr, socklen_t socklen, ngx_quic_client_id_t *cid) |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
227 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
228 ngx_queue_t *q; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
229 ngx_quic_path_t *path; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
230 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
231 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
232 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
233 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
234 if (!ngx_queue_empty(&qc->free_paths)) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
235 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
236 q = ngx_queue_head(&qc->free_paths); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
237 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
238 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
239 ngx_queue_remove(&path->queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
240 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
241 ngx_memzero(path, sizeof(ngx_quic_path_t)); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
242 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
243 } else { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
244 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
245 path = ngx_pcalloc(c->pool, sizeof(ngx_quic_path_t)); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
246 if (path == NULL) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
247 return NULL; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
248 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
249 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
250 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
251 ngx_queue_insert_tail(&qc->paths, &path->queue); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
252 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
253 path->cid = cid; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
254 cid->used = 1; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
255 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
256 path->seqnum = qc->path_seqnum++; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
257 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
258 path->sockaddr = &path->sa.sockaddr; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
259 path->socklen = socklen; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
260 ngx_memcpy(path->sockaddr, sockaddr, socklen); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
261 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
262 path->addr_text.data = path->text; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
263 path->addr_text.len = ngx_sock_ntop(sockaddr, socklen, path->text, |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
264 NGX_SOCKADDR_STRLEN, 1); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
265 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
266 path->mtu = NGX_QUIC_MIN_INITIAL_SIZE; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
267 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
268 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
269 "quic path seq:%uL created addr:%V", |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
270 path->seqnum, &path->addr_text); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
271 return path; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
272 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
273 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
274 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
275 static ngx_quic_path_t * |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
276 ngx_quic_get_path(ngx_connection_t *c, ngx_uint_t tag) |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
277 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
278 ngx_queue_t *q; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
279 ngx_quic_path_t *path; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
280 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
281 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
282 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
283 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
284 for (q = ngx_queue_head(&qc->paths); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
285 q != ngx_queue_sentinel(&qc->paths); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
286 q = ngx_queue_next(q)) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
287 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
288 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
289 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
290 if (path->tag == tag) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
291 return path; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
292 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
293 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
294 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
295 return NULL; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
296 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
297 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
298 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
299 ngx_int_t |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
300 ngx_quic_set_path(ngx_connection_t *c, ngx_quic_header_t *pkt) |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
301 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
302 off_t len; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
303 ngx_queue_t *q; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
304 ngx_quic_path_t *path, *probe; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
305 ngx_quic_socket_t *qsock; |
8972
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
306 ngx_quic_send_ctx_t *ctx; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
307 ngx_quic_client_id_t *cid; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
308 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
309 |
8939
ddd5e5c0f87d
QUIC: improved path validation.
Vladimir Homutov <vl@nginx.com>
parents:
8933
diff
changeset
|
310 qc = ngx_quic_get_connection(c); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
311 qsock = ngx_quic_get_socket(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
312 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
313 len = pkt->raw->last - pkt->raw->start; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
314 |
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
315 if (c->udp->buffer == NULL) { |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
316 /* first ever packet in connection, path already exists */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
317 path = qc->path; |
8913
40445fc7c403
QUIC: fixed migration during NAT rebinding.
Vladimir Homutov <vl@nginx.com>
parents:
8912
diff
changeset
|
318 goto update; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
319 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
320 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
321 probe = NULL; |
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
322 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
323 for (q = ngx_queue_head(&qc->paths); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
324 q != ngx_queue_sentinel(&qc->paths); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
325 q = ngx_queue_next(q)) |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
326 { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
327 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
328 |
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
329 if (ngx_cmp_sockaddr(&qsock->sockaddr.sockaddr, qsock->socklen, |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
330 path->sockaddr, path->socklen, 1) |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
331 == NGX_OK) |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
332 { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
333 goto update; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
334 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
335 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
336 if (path->tag == NGX_QUIC_PATH_PROBE) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
337 probe = path; |
8777
d5f93733c17d
QUIC: relaxed client id requirements.
Vladimir Homutov <vl@nginx.com>
parents:
8763
diff
changeset
|
338 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
339 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
340 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
341 /* packet from new path, drop current probe, if any */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
342 |
8972
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
343 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
344 |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
345 /* |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
346 * only accept highest-numbered packets to prevent connection id |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
347 * exhaustion by excessive probing packets from unknown paths |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
348 */ |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
349 if (pkt->pn != ctx->largest_pn) { |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
350 return NGX_DONE; |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
351 } |
077a1e403446
QUIC: additional limit for probing packets.
Vladimir Homutov <vl@nginx.com>
parents:
8971
diff
changeset
|
352 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
353 if (probe && ngx_quic_free_path(c, probe) != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
354 return NGX_ERROR; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
355 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
356 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
357 /* new path requires new client id */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
358 cid = ngx_quic_next_client_id(c); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
359 if (cid == NULL) { |
9029
28fc35b71d75
QUIC: "info" logging level on insufficient client connection ids.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9017
diff
changeset
|
360 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
361 "quic no available client ids for new path"); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
362 /* stop processing of this datagram */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
363 return NGX_DONE; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
364 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
365 |
9017
c2f5d79cde64
QUIC: separate UDP framework for QUIC.
Roman Arutyunyan <arut@nginx.com>
parents:
9015
diff
changeset
|
366 path = ngx_quic_new_path(c, &qsock->sockaddr.sockaddr, qsock->socklen, cid); |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
367 if (path == NULL) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
368 return NGX_ERROR; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
369 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
370 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
371 path->tag = NGX_QUIC_PATH_PROBE; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
372 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
373 /* |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
374 * client arrived using new path and previously seen DCID, |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
375 * this indicates NAT rebinding (or bad client) |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
376 */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
377 if (qsock->used) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
378 pkt->rebound = 1; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
379 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
380 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
381 update: |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
382 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
383 qsock->used = 1; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
384 pkt->path = path; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
385 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
386 /* TODO: this may be too late in some cases; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
387 * for example, if error happens during decrypt(), we cannot |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
388 * send CC, if error happens in 1st packet, due to amplification |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
389 * limit, because path->received = 0 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
390 * |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
391 * should we account garbage as received or only decrypting packets? |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
392 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
393 path->received += len; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
394 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
395 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
396 "quic packet len:%O via sock seq:%L path seq:%uL", |
8985
da24a78720eb
QUIC: fixed handling of initial source connection id.
Vladimir Homutov <vl@nginx.com>
parents:
8972
diff
changeset
|
397 len, (int64_t) qsock->sid.seqnum, path->seqnum); |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
398 ngx_quic_path_dbg(c, "status", path); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
399 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
400 return NGX_OK; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
401 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
402 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
403 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
404 ngx_int_t |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
405 ngx_quic_free_path(ngx_connection_t *c, ngx_quic_path_t *path) |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
406 { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
407 ngx_quic_connection_t *qc; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
408 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
409 qc = ngx_quic_get_connection(c); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
410 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
411 ngx_queue_remove(&path->queue); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
412 ngx_queue_insert_head(&qc->free_paths, &path->queue); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
413 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
414 /* |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
415 * invalidate CID that is no longer usable for any other path; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
416 * this also requests new CIDs from client |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
417 */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
418 if (path->cid) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
419 if (ngx_quic_free_client_id(c, path->cid) != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
420 return NGX_ERROR; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
421 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
422 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
423 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
424 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
425 "quic path seq:%uL addr:%V retired", |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
426 path->seqnum, &path->addr_text); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
427 |
8737
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
428 return NGX_OK; |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
429 } |
76f476ce4d31
QUIC: distinct files for connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
430 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
431 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
432 static void |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
433 ngx_quic_set_connection_path(ngx_connection_t *c, ngx_quic_path_t *path) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
434 { |
9015
a2fbae359828
QUIC: fixed indentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8997
diff
changeset
|
435 ngx_memcpy(c->sockaddr, path->sockaddr, path->socklen); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
436 c->socklen = path->socklen; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
437 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
438 if (c->addr_text.data) { |
9099
9462c514a653
QUIC: fixed addr_text after migration (ticket #2488).
Roman Arutyunyan <arut@nginx.com>
parents:
9098
diff
changeset
|
439 c->addr_text.len = ngx_sock_ntop(c->sockaddr, c->socklen, |
9462c514a653
QUIC: fixed addr_text after migration (ticket #2488).
Roman Arutyunyan <arut@nginx.com>
parents:
9098
diff
changeset
|
440 c->addr_text.data, |
9462c514a653
QUIC: fixed addr_text after migration (ticket #2488).
Roman Arutyunyan <arut@nginx.com>
parents:
9098
diff
changeset
|
441 c->listening->addr_text_max_len, 0); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
442 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
443 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
444 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
445 "quic send path set to seq:%uL addr:%V", |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
446 path->seqnum, &path->addr_text); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
447 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
448 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
449 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
450 ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
451 ngx_quic_handle_migration(ngx_connection_t *c, ngx_quic_header_t *pkt) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
452 { |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
453 ngx_quic_path_t *next, *bkp; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
454 ngx_quic_send_ctx_t *ctx; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
455 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
456 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
457 /* got non-probing packet via non-active path */ |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
458 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
459 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
460 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
461 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
462 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
463 /* |
8797
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
464 * RFC 9000, 9.3. Responding to Connection Migration |
4715f3e669f1
QUIC: updated specification references.
Sergey Kandaurov <pluknet@nginx.com>
parents:
8778
diff
changeset
|
465 * |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
466 * An endpoint only changes the address to which it sends packets in |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
467 * response to the highest-numbered non-probing packet. |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
468 */ |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
469 if (pkt->pn != ctx->largest_pn) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
470 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
471 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
472 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
473 next = pkt->path; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
474 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
475 /* |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
476 * RFC 9000, 9.3.3: |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
477 * |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
478 * In response to an apparent migration, endpoints MUST validate the |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
479 * previously active path using a PATH_CHALLENGE frame. |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
480 */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
481 if (pkt->rebound) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
482 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
483 /* NAT rebinding: client uses new path with old SID */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
484 if (ngx_quic_validate_path(c, qc->path) != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
485 return NGX_ERROR; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
486 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
487 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
488 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
489 if (qc->path->validated) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
490 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
491 if (next->tag != NGX_QUIC_PATH_BACKUP) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
492 /* can delete backup path, if any */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
493 bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
494 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
495 if (bkp && ngx_quic_free_path(c, bkp) != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
496 return NGX_ERROR; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
497 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
498 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
499 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
500 qc->path->tag = NGX_QUIC_PATH_BACKUP; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
501 ngx_quic_path_dbg(c, "is now backup", qc->path); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
502 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
503 } else { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
504 if (ngx_quic_free_path(c, qc->path) != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
505 return NGX_ERROR; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
506 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
507 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
508 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
509 /* switch active path to migrated */ |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
510 qc->path = next; |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
511 qc->path->tag = NGX_QUIC_PATH_ACTIVE; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
512 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
513 ngx_quic_set_connection_path(c, next); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
514 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
515 if (!next->validated && next->state != NGX_QUIC_PATH_VALIDATING) { |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
516 if (ngx_quic_validate_path(c, next) != NGX_OK) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
517 return NGX_ERROR; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
518 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
519 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
520 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
521 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
522 "quic migrated to path seq:%uL addr:%V", |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
523 qc->path->seqnum, &qc->path->addr_text); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
524 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
525 ngx_quic_path_dbg(c, "is now active", qc->path); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
526 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
527 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
528 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
529 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
530 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
531 static ngx_int_t |
8944
b7284807b4fa
QUIC: refactored ngx_quic_validate_path().
Vladimir Homutov <vl@nginx.com>
parents:
8943
diff
changeset
|
532 ngx_quic_validate_path(ngx_connection_t *c, ngx_quic_path_t *path) |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
533 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
534 ngx_msec_t pto; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
535 ngx_quic_send_ctx_t *ctx; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
536 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
537 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
538 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
539 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
540 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
541 "quic initiated validation of path seq:%uL", path->seqnum); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
542 |
9096
c6db94ec3841
QUIC: separated path validation retransmit backoff.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9029
diff
changeset
|
543 path->tries = 0; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
544 |
9189
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
545 if (RAND_bytes((u_char *) path->challenge, sizeof(path->challenge)) != 1) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
546 return NGX_ERROR; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
547 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
548 |
9154
f6b6f3dd7ca0
QUIC: ignore path validation socket error (ticket #2532).
Roman Arutyunyan <arut@nginx.com>
parents:
9147
diff
changeset
|
549 (void) ngx_quic_send_path_challenge(c, path); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
550 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
551 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
9097
a9fef6ca45a8
QUIC: lower bound path validation PTO.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9096
diff
changeset
|
552 pto = ngx_max(ngx_quic_pto(c, ctx), 1000); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
553 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
554 path->expires = ngx_current_msec + pto; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
555 path->state = NGX_QUIC_PATH_VALIDATING; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
556 |
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
557 ngx_quic_set_path_timer(c); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
558 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
559 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
560 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
561 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
562 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
563 static ngx_int_t |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
564 ngx_quic_send_path_challenge(ngx_connection_t *c, ngx_quic_path_t *path) |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
565 { |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
566 size_t min; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
567 ngx_uint_t n; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
568 ngx_quic_frame_t *frame; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
569 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
570 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
8997
fab36e4abf83
QUIC: got rid of hash symbol in backup and logging.
Vladimir Homutov <vl@nginx.com>
parents:
8985
diff
changeset
|
571 "quic path seq:%uL send path_challenge tries:%ui", |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
572 path->seqnum, path->tries); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
573 |
9189
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
574 for (n = 0; n < 2; n++) { |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
575 |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
576 frame = ngx_quic_alloc_frame(c); |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
577 if (frame == NULL) { |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
578 return NGX_ERROR; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
579 } |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
580 |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
581 frame->level = ssl_encryption_application; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
582 frame->type = NGX_QUIC_FT_PATH_CHALLENGE; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
583 |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
584 ngx_memcpy(frame->u.path_challenge.data, path->challenge[n], 8); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
585 |
9189
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
586 /* |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
587 * RFC 9000, 8.2.1. Initiating Path Validation |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
588 * |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
589 * An endpoint MUST expand datagrams that contain a PATH_CHALLENGE frame |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
590 * to at least the smallest allowed maximum datagram size of 1200 bytes, |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
591 * unless the anti-amplification limit for the path does not permit |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
592 * sending a datagram of this size. |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
593 */ |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
594 |
9194
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
595 if (path->mtu_unvalidated |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
596 || ngx_quic_path_limit(c, path, 1200) < 1200) |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
597 { |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
598 min = 0; |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
599 path->mtu_unvalidated = 1; |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
600 |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
601 } else { |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
602 min = 1200; |
a6f79f044de5
QUIC: path revalidation after expansion failure.
Roman Arutyunyan <arut@nginx.com>
parents:
9192
diff
changeset
|
603 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
604 |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
605 if (ngx_quic_frame_sendto(c, frame, min, path) == NGX_ERROR) { |
9189
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
606 return NGX_ERROR; |
fcec773dd249
QUIC: avoid partial expansion of PATH_CHALLENGE/PATH_RESPONSE.
Roman Arutyunyan <arut@nginx.com>
parents:
9154
diff
changeset
|
607 } |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
608 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
609 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
610 return NGX_OK; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
611 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
612 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
613 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
614 void |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
615 ngx_quic_discover_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path) |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
616 { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
617 ngx_quic_connection_t *qc; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
618 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
619 qc = ngx_quic_get_connection(c); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
620 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
621 if (path->max_mtu) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
622 if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
623 path->state = NGX_QUIC_PATH_IDLE; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
624 ngx_quic_set_path_timer(c); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
625 return; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
626 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
627 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
628 path->mtud = (path->mtu + path->max_mtu) / 2; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
629 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
630 } else { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
631 path->mtud = path->mtu * 2; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
632 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
633 if (path->mtud >= qc->ctp.max_udp_payload_size) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
634 path->mtud = qc->ctp.max_udp_payload_size; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
635 path->max_mtu = qc->ctp.max_udp_payload_size; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
636 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
637 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
638 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
639 path->state = NGX_QUIC_PATH_WAITING; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
640 path->expires = ngx_current_msec + NGX_QUIC_PATH_MTU_DELAY; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
641 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
642 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
643 "quic path seq:%uL schedule mtu:%uz", |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
644 path->seqnum, path->mtud); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
645 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
646 ngx_quic_set_path_timer(c); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
647 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
648 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
649 |
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
650 static void |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
651 ngx_quic_set_path_timer(ngx_connection_t *c) |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
652 { |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
653 ngx_msec_t now; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
654 ngx_queue_t *q; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
655 ngx_msec_int_t left, next; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
656 ngx_quic_path_t *path; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
657 ngx_quic_connection_t *qc; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
658 |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
659 qc = ngx_quic_get_connection(c); |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
660 |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
661 now = ngx_current_msec; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
662 next = -1; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
663 |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
664 for (q = ngx_queue_head(&qc->paths); |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
665 q != ngx_queue_sentinel(&qc->paths); |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
666 q = ngx_queue_next(q)) |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
667 { |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
668 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
669 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
670 if (path->state == NGX_QUIC_PATH_IDLE) { |
9098
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
671 continue; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
672 } |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
673 |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
674 left = path->expires - now; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
675 left = ngx_max(left, 1); |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
676 |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
677 if (next == -1 || left < next) { |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
678 next = left; |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
679 } |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
680 } |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
681 |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
682 if (next != -1) { |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
683 ngx_add_timer(&qc->path_validation, next); |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
684 |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
685 } else if (qc->path_validation.timer_set) { |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
686 ngx_del_timer(&qc->path_validation); |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
687 } |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
688 } |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
689 |
d565cf69ff5d
QUIC: reschedule path validation on path insertion/removal.
Sergey Kandaurov <pluknet@nginx.com>
parents:
9097
diff
changeset
|
690 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
691 void |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
692 ngx_quic_path_handler(ngx_event_t *ev) |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
693 { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
694 ngx_msec_t now; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
695 ngx_queue_t *q; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
696 ngx_msec_int_t left; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
697 ngx_quic_path_t *path; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
698 ngx_connection_t *c; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
699 ngx_quic_connection_t *qc; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
700 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
701 c = ev->data; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
702 qc = ngx_quic_get_connection(c); |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
703 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
704 now = ngx_current_msec; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
705 |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
706 q = ngx_queue_head(&qc->paths); |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
707 |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
708 while (q != ngx_queue_sentinel(&qc->paths)) { |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
709 |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
710 path = ngx_queue_data(q, ngx_quic_path_t, queue); |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
711 q = ngx_queue_next(q); |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
712 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
713 if (path->state == NGX_QUIC_PATH_IDLE) { |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
714 continue; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
715 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
716 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
717 left = path->expires - now; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
718 |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
719 if (left > 0) { |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
720 continue; |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
721 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
722 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
723 switch (path->state) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
724 case NGX_QUIC_PATH_VALIDATING: |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
725 if (ngx_quic_expire_path_validation(c, path) != NGX_OK) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
726 goto failed; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
727 } |
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
728 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
729 break; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
730 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
731 case NGX_QUIC_PATH_WAITING: |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
732 if (ngx_quic_expire_path_mtu_delay(c, path) != NGX_OK) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
733 goto failed; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
734 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
735 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
736 break; |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
737 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
738 case NGX_QUIC_PATH_MTUD: |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
739 if (ngx_quic_expire_path_mtu_discovery(c, path) != NGX_OK) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
740 goto failed; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
741 } |
8971
1e2f4e9c8195
QUIC: reworked migration handling.
Vladimir Homutov <vl@nginx.com>
parents:
8944
diff
changeset
|
742 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
743 break; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
744 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
745 default: |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
746 break; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
747 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
748 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
749 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
750 ngx_quic_set_path_timer(c); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
751 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
752 return; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
753 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
754 failed: |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
755 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
756 ngx_quic_close_connection(c, NGX_ERROR); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
757 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
758 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
759 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
760 static ngx_int_t |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
761 ngx_quic_expire_path_validation(ngx_connection_t *c, ngx_quic_path_t *path) |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
762 { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
763 ngx_msec_int_t pto; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
764 ngx_quic_path_t *bkp; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
765 ngx_quic_send_ctx_t *ctx; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
766 ngx_quic_connection_t *qc; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
767 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
768 qc = ngx_quic_get_connection(c); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
769 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
770 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
771 if (++path->tries < NGX_QUIC_PATH_RETRIES) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
772 pto = ngx_max(ngx_quic_pto(c, ctx), 1000) << path->tries; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
773 path->expires = ngx_current_msec + pto; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
774 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
775 (void) ngx_quic_send_path_challenge(c, path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
776 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
777 return NGX_OK; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
778 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
779 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
780 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
781 "quic path seq:%uL validation failed", path->seqnum); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
782 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
783 /* found expired path */ |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
784 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
785 path->validated = 0; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
786 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
787 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
788 /* RFC 9000, 9.3.2. On-Path Address Spoofing |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
789 * |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
790 * To protect the connection from failing due to such a spurious |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
791 * migration, an endpoint MUST revert to using the last validated |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
792 * peer address when validation of a new peer address fails. |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
793 */ |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
794 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
795 if (qc->path == path) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
796 /* active path validation failed */ |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
797 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
798 bkp = ngx_quic_get_path(c, NGX_QUIC_PATH_BACKUP); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
799 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
800 if (bkp == NULL) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
801 qc->error = NGX_QUIC_ERR_NO_VIABLE_PATH; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
802 qc->error_reason = "no viable path"; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
803 return NGX_ERROR; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
804 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
805 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
806 qc->path = bkp; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
807 qc->path->tag = NGX_QUIC_PATH_ACTIVE; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
808 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
809 ngx_quic_set_connection_path(c, qc->path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
810 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
811 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
812 "quic path seq:%uL addr:%V is restored from backup", |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
813 qc->path->seqnum, &qc->path->addr_text); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
814 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
815 ngx_quic_path_dbg(c, "is active", qc->path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
816 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
817 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
818 return ngx_quic_free_path(c, path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
819 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
820 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
821 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
822 static ngx_int_t |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
823 ngx_quic_expire_path_mtu_delay(ngx_connection_t *c, ngx_quic_path_t *path) |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
824 { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
825 ngx_int_t rc; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
826 ngx_uint_t i; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
827 ngx_msec_t pto; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
828 ngx_quic_send_ctx_t *ctx; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
829 ngx_quic_connection_t *qc; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
830 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
831 qc = ngx_quic_get_connection(c); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
832 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
833 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
834 path->tries = 0; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
835 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
836 for ( ;; ) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
837 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
838 for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
839 path->mtu_pnum[i] = NGX_QUIC_UNSET_PN; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
840 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
841 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
842 rc = ngx_quic_send_path_mtu_probe(c, path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
843 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
844 if (rc == NGX_ERROR) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
845 return NGX_ERROR; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
846 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
847 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
848 if (rc == NGX_OK) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
849 pto = ngx_quic_pto(c, ctx); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
850 path->expires = ngx_current_msec + pto; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
851 path->state = NGX_QUIC_PATH_MTUD; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
852 return NGX_OK; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
853 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
854 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
855 /* rc == NGX_DECLINED */ |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
856 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
857 path->max_mtu = path->mtud; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
858 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
859 if (path->max_mtu - path->mtu <= NGX_QUIC_PATH_MTU_PRECISION) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
860 path->state = NGX_QUIC_PATH_IDLE; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
861 return NGX_OK; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
862 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
863 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
864 path->mtud = (path->mtu + path->max_mtu) / 2; |
8763
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
865 } |
4117aa7fa38e
QUIC: connection migration.
Vladimir Homutov <vl@nginx.com>
parents:
8747
diff
changeset
|
866 } |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
867 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
868 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
869 static ngx_int_t |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
870 ngx_quic_expire_path_mtu_discovery(ngx_connection_t *c, ngx_quic_path_t *path) |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
871 { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
872 ngx_int_t rc; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
873 ngx_msec_int_t pto; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
874 ngx_quic_send_ctx_t *ctx; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
875 ngx_quic_connection_t *qc; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
876 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
877 qc = ngx_quic_get_connection(c); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
878 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
879 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
880 if (++path->tries < NGX_QUIC_PATH_RETRIES) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
881 rc = ngx_quic_send_path_mtu_probe(c, path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
882 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
883 if (rc == NGX_ERROR) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
884 return NGX_ERROR; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
885 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
886 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
887 if (rc == NGX_OK) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
888 pto = ngx_quic_pto(c, ctx) << path->tries; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
889 path->expires = ngx_current_msec + pto; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
890 return NGX_OK; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
891 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
892 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
893 /* rc == NGX_DECLINED */ |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
894 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
895 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
896 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
897 "quic path seq:%uL expired mtu:%uz", |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
898 path->seqnum, path->mtud); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
899 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
900 path->max_mtu = path->mtud; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
901 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
902 ngx_quic_discover_path_mtu(c, path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
903 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
904 return NGX_OK; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
905 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
906 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
907 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
908 static ngx_int_t |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
909 ngx_quic_send_path_mtu_probe(ngx_connection_t *c, ngx_quic_path_t *path) |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
910 { |
9190
3a67dd34b6cc
QUIC: fixed anti-amplification with explicit send.
Roman Arutyunyan <arut@nginx.com>
parents:
9189
diff
changeset
|
911 size_t mtu; |
9208
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
912 uint64_t pnum; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
913 ngx_int_t rc; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
914 ngx_uint_t log_error; |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
915 ngx_quic_frame_t *frame; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
916 ngx_quic_send_ctx_t *ctx; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
917 ngx_quic_connection_t *qc; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
918 |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
919 frame = ngx_quic_alloc_frame(c); |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
920 if (frame == NULL) { |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
921 return NGX_ERROR; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
922 } |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
923 |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
924 frame->level = ssl_encryption_application; |
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
925 frame->type = NGX_QUIC_FT_PING; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
926 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
927 qc = ngx_quic_get_connection(c); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
928 ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application); |
9208
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
929 pnum = ctx->pnum; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
930 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
931 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
932 "quic path seq:%uL send probe " |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
933 "mtu:%uz pnum:%uL tries:%ui", |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
934 path->seqnum, path->mtud, ctx->pnum, path->tries); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
935 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
936 log_error = c->log_error; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
937 c->log_error = NGX_ERROR_IGNORE_EMSGSIZE; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
938 |
9190
3a67dd34b6cc
QUIC: fixed anti-amplification with explicit send.
Roman Arutyunyan <arut@nginx.com>
parents:
9189
diff
changeset
|
939 mtu = path->mtu; |
3a67dd34b6cc
QUIC: fixed anti-amplification with explicit send.
Roman Arutyunyan <arut@nginx.com>
parents:
9189
diff
changeset
|
940 path->mtu = path->mtud; |
3a67dd34b6cc
QUIC: fixed anti-amplification with explicit send.
Roman Arutyunyan <arut@nginx.com>
parents:
9189
diff
changeset
|
941 |
9192
efcdaa66df2e
QUIC: congestion control in ngx_quic_frame_sendto().
Roman Arutyunyan <arut@nginx.com>
parents:
9191
diff
changeset
|
942 rc = ngx_quic_frame_sendto(c, frame, path->mtud, path); |
9190
3a67dd34b6cc
QUIC: fixed anti-amplification with explicit send.
Roman Arutyunyan <arut@nginx.com>
parents:
9189
diff
changeset
|
943 |
3a67dd34b6cc
QUIC: fixed anti-amplification with explicit send.
Roman Arutyunyan <arut@nginx.com>
parents:
9189
diff
changeset
|
944 path->mtu = mtu; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
945 c->log_error = log_error; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
946 |
9208
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
947 if (rc == NGX_OK) { |
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
948 path->mtu_pnum[path->tries] = pnum; |
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
949 return NGX_OK; |
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
950 } |
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
951 |
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
952 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
953 "quic path seq:%uL rejected mtu:%uz", |
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
954 path->seqnum, path->mtud); |
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
955 |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
956 if (rc == NGX_ERROR) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
957 if (c->write->error) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
958 c->write->error = 0; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
959 return NGX_DECLINED; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
960 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
961 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
962 return NGX_ERROR; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
963 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
964 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
965 return NGX_OK; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
966 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
967 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
968 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
969 ngx_int_t |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
970 ngx_quic_handle_path_mtu(ngx_connection_t *c, ngx_quic_path_t *path, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
971 uint64_t min, uint64_t max) |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
972 { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
973 uint64_t pnum; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
974 ngx_uint_t i; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
975 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
976 if (path->state != NGX_QUIC_PATH_MTUD) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
977 return NGX_OK; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
978 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
979 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
980 for (i = 0; i < NGX_QUIC_PATH_RETRIES; i++) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
981 pnum = path->mtu_pnum[i]; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
982 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
983 if (pnum == NGX_QUIC_UNSET_PN) { |
9208
2ed3f57dca0a
QUIC: fixed unsent MTU probe acknowledgement.
Roman Arutyunyan <arut@nginx.com>
parents:
9196
diff
changeset
|
984 continue; |
9147
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
985 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
986 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
987 if (pnum < min || pnum > max) { |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
988 continue; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
989 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
990 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
991 path->mtu = path->mtud; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
992 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
993 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
994 "quic path seq:%uL ack mtu:%uz", |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
995 path->seqnum, path->mtu); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
996 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
997 ngx_quic_discover_path_mtu(c, path); |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
998 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
999 break; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
1000 } |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
1001 |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
1002 return NGX_OK; |
58afcd72446f
QUIC: path MTU discovery.
Roman Arutyunyan <arut@nginx.com>
parents:
9146
diff
changeset
|
1003 } |