Mercurial > hg > nginx
comparison src/event/ngx_event_quic.h @ 8383:7ea34e13937f quic
Address validation using Retry packets.
The behaviour is toggled with the new directive "quic_retry on|off".
QUIC token construction is made suitable for issuing with NEW_TOKEN.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 14 May 2020 15:47:18 +0300 |
parents | 9d9531431c8c |
children | 125cbfa77013 |
comparison
equal
deleted
inserted
replaced
8382:b7704303a7e5 | 8383:7ea34e13937f |
---|---|
20 /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */ | 20 /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */ |
21 | 21 |
22 #define NGX_QUIC_DEFAULT_MAX_PACKET_SIZE 65527 | 22 #define NGX_QUIC_DEFAULT_MAX_PACKET_SIZE 65527 |
23 #define NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT 3 | 23 #define NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT 3 |
24 #define NGX_QUIC_DEFAULT_MAX_ACK_DELAY 25 | 24 #define NGX_QUIC_DEFAULT_MAX_ACK_DELAY 25 |
25 | |
26 #define NGX_QUIC_RETRY_TIMEOUT 3000 | |
27 #define NGX_QUIC_RETRY_LIFETIME 30000 | |
28 #define NGX_QUIC_RETRY_BUFFER_SIZE 128 | |
29 /* 1 flags + 4 version + 3 x (1 + 20) s/o/dcid + itag + token(44) */ | |
30 #define NGX_QUIC_MAX_TOKEN_SIZE 32 | |
31 /* sizeof(struct in6_addr) + sizeof(ngx_msec_t) up to AES-256 block size */ | |
25 | 32 |
26 #define NGX_QUIC_HARDCODED_PTO 1000 /* 1s, TODO: collect */ | 33 #define NGX_QUIC_HARDCODED_PTO 1000 /* 1s, TODO: collect */ |
27 #define NGX_QUIC_CC_MIN_INTERVAL 1000 /* 1s */ | 34 #define NGX_QUIC_CC_MIN_INTERVAL 1000 /* 1s */ |
28 | 35 |
29 #define NGX_QUIC_MIN_INITIAL_SIZE 1200 | 36 #define NGX_QUIC_MIN_INITIAL_SIZE 1200 |
47 ngx_uint_t initial_max_streams_bidi; | 54 ngx_uint_t initial_max_streams_bidi; |
48 ngx_uint_t initial_max_streams_uni; | 55 ngx_uint_t initial_max_streams_uni; |
49 ngx_uint_t ack_delay_exponent; | 56 ngx_uint_t ack_delay_exponent; |
50 ngx_uint_t disable_active_migration; | 57 ngx_uint_t disable_active_migration; |
51 ngx_uint_t active_connection_id_limit; | 58 ngx_uint_t active_connection_id_limit; |
59 ngx_str_t original_connection_id; | |
60 | |
61 ngx_flag_t retry; | |
62 u_char token_key[32]; /* AES 256 */ | |
52 | 63 |
53 /* TODO */ | 64 /* TODO */ |
54 ngx_uint_t original_connection_id; | |
55 u_char stateless_reset_token[16]; | 65 u_char stateless_reset_token[16]; |
56 void *preferred_address; | 66 void *preferred_address; |
57 } ngx_quic_tp_t; | 67 } ngx_quic_tp_t; |
58 | 68 |
59 | 69 |