Mercurial > hg > nginx
comparison src/event/ngx_event_quic.h @ 8383:7ea34e13937f quic
Address validation using Retry packets.
The behaviour is toggled with the new directive "quic_retry on|off".
QUIC token construction is made suitable for issuing with NEW_TOKEN.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Thu, 14 May 2020 15:47:18 +0300 |
| parents | 9d9531431c8c |
| children | 125cbfa77013 |
comparison
equal
deleted
inserted
replaced
| 8382:b7704303a7e5 | 8383:7ea34e13937f |
|---|---|
| 20 /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */ | 20 /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */ |
| 21 | 21 |
| 22 #define NGX_QUIC_DEFAULT_MAX_PACKET_SIZE 65527 | 22 #define NGX_QUIC_DEFAULT_MAX_PACKET_SIZE 65527 |
| 23 #define NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT 3 | 23 #define NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT 3 |
| 24 #define NGX_QUIC_DEFAULT_MAX_ACK_DELAY 25 | 24 #define NGX_QUIC_DEFAULT_MAX_ACK_DELAY 25 |
| 25 | |
| 26 #define NGX_QUIC_RETRY_TIMEOUT 3000 | |
| 27 #define NGX_QUIC_RETRY_LIFETIME 30000 | |
| 28 #define NGX_QUIC_RETRY_BUFFER_SIZE 128 | |
| 29 /* 1 flags + 4 version + 3 x (1 + 20) s/o/dcid + itag + token(44) */ | |
| 30 #define NGX_QUIC_MAX_TOKEN_SIZE 32 | |
| 31 /* sizeof(struct in6_addr) + sizeof(ngx_msec_t) up to AES-256 block size */ | |
| 25 | 32 |
| 26 #define NGX_QUIC_HARDCODED_PTO 1000 /* 1s, TODO: collect */ | 33 #define NGX_QUIC_HARDCODED_PTO 1000 /* 1s, TODO: collect */ |
| 27 #define NGX_QUIC_CC_MIN_INTERVAL 1000 /* 1s */ | 34 #define NGX_QUIC_CC_MIN_INTERVAL 1000 /* 1s */ |
| 28 | 35 |
| 29 #define NGX_QUIC_MIN_INITIAL_SIZE 1200 | 36 #define NGX_QUIC_MIN_INITIAL_SIZE 1200 |
| 47 ngx_uint_t initial_max_streams_bidi; | 54 ngx_uint_t initial_max_streams_bidi; |
| 48 ngx_uint_t initial_max_streams_uni; | 55 ngx_uint_t initial_max_streams_uni; |
| 49 ngx_uint_t ack_delay_exponent; | 56 ngx_uint_t ack_delay_exponent; |
| 50 ngx_uint_t disable_active_migration; | 57 ngx_uint_t disable_active_migration; |
| 51 ngx_uint_t active_connection_id_limit; | 58 ngx_uint_t active_connection_id_limit; |
| 59 ngx_str_t original_connection_id; | |
| 60 | |
| 61 ngx_flag_t retry; | |
| 62 u_char token_key[32]; /* AES 256 */ | |
| 52 | 63 |
| 53 /* TODO */ | 64 /* TODO */ |
| 54 ngx_uint_t original_connection_id; | |
| 55 u_char stateless_reset_token[16]; | 65 u_char stateless_reset_token[16]; |
| 56 void *preferred_address; | 66 void *preferred_address; |
| 57 } ngx_quic_tp_t; | 67 } ngx_quic_tp_t; |
| 58 | 68 |
| 59 | 69 |