Mercurial > hg > nginx
changeset 8673:046c951e393a quic
QUIC: moved all quic sources into src/event/quic.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Fri, 25 Dec 2020 14:01:28 +0300 |
| parents | 13c537def699 |
| children | 2c7f927f7999 |
| files | auto/make auto/modules auto/sources src/event/ngx_event_quic.c src/event/ngx_event_quic.h src/event/ngx_event_quic_protection.c src/event/ngx_event_quic_protection.h src/event/ngx_event_quic_transport.c src/event/ngx_event_quic_transport.h src/event/quic/ngx_event_quic.c src/event/quic/ngx_event_quic.h src/event/quic/ngx_event_quic_protection.c src/event/quic/ngx_event_quic_protection.h src/event/quic/ngx_event_quic_transport.c src/event/quic/ngx_event_quic_transport.h |
| diffstat | 15 files changed, 10247 insertions(+), 10246 deletions(-) [+] |
line wrap: on
line diff
--- a/auto/make Tue Dec 22 16:41:56 2020 +0300 +++ b/auto/make Fri Dec 25 14:01:28 2020 +0300 @@ -11,7 +11,8 @@ $NGX_OBJS/src/http/modules $NGX_OBJS/src/http/modules/perl \ $NGX_OBJS/src/mail \ $NGX_OBJS/src/stream \ - $NGX_OBJS/src/misc + $NGX_OBJS/src/misc \ + $NGX_OBJS/src/event/quic ngx_objs_dir=$NGX_OBJS$ngx_regex_dirsep
--- a/auto/modules Tue Dec 22 16:41:56 2020 +0300 +++ b/auto/modules Fri Dec 25 14:01:28 2020 +0300 @@ -1327,13 +1327,13 @@ if [ $USE_OPENSSL_QUIC = YES ]; then ngx_module_deps="$ngx_module_deps \ - src/event/ngx_event_quic.h \ - src/event/ngx_event_quic_transport.h \ - src/event/ngx_event_quic_protection.h" + src/event/quic/ngx_event_quic.h \ + src/event/quic/ngx_event_quic_transport.h \ + src/event/quic/ngx_event_quic_protection.h" ngx_module_srcs="$ngx_module_srcs \ - src/event/ngx_event_quic.c \ - src/event/ngx_event_quic_transport.c \ - src/event/ngx_event_quic_protection.c" + src/event/quic/ngx_event_quic.c \ + src/event/quic/ngx_event_quic_transport.c \ + src/event/quic/ngx_event_quic_protection.c" fi . auto/module
--- a/auto/sources Tue Dec 22 16:41:56 2020 +0300 +++ b/auto/sources Fri Dec 25 14:01:28 2020 +0300 @@ -83,7 +83,7 @@ EVENT_MODULES="ngx_events_module ngx_event_core_module" -EVENT_INCS="src/event src/event/modules" +EVENT_INCS="src/event src/event/modules src/event/quic" EVENT_DEPS="src/event/ngx_event.h \ src/event/ngx_event_timer.h \
--- a/src/event/ngx_event_quic.c Tue Dec 22 16:41:56 2020 +0300 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,6530 +0,0 @@ - -/* - * Copyright (C) Nginx, Inc. - */ - - -#include <ngx_config.h> -#include <ngx_core.h> -#include <ngx_event.h> -#include <ngx_event_quic_transport.h> -#include <ngx_event_quic_protection.h> - - -/* 0-RTT and 1-RTT data exist in the same packet number space, - * so we have 3 packet number spaces: - * - * 0 - Initial - * 1 - Handshake - * 2 - 0-RTT and 1-RTT - */ -#define ngx_quic_get_send_ctx(qc, level) \ - ((level) == ssl_encryption_initial) ? &((qc)->send_ctx[0]) \ - : (((level) == ssl_encryption_handshake) ? &((qc)->send_ctx[1]) \ - : &((qc)->send_ctx[2])) - -#define NGX_QUIC_SEND_CTX_LAST (NGX_QUIC_ENCRYPTION_LAST - 1) - -/* - * 7.4. Cryptographic Message Buffering - * Implementations MUST support buffering at least 4096 bytes of data - */ -#define NGX_QUIC_MAX_BUFFERED 65535 - -#define NGX_QUIC_STREAM_GONE (void *) -1 - -#define NGX_QUIC_UNSET_PN (uint64_t) -1 - -/* - * Endpoints MUST discard packets that are too small to be valid QUIC - * packets. With the set of AEAD functions defined in [QUIC-TLS], - * packets that are smaller than 21 bytes are never valid. - */ -#define NGX_QUIC_MIN_PKT_LEN 21 - -#define NGX_QUIC_MIN_SR_PACKET 43 /* 5 random + 16 srt + 22 padding */ -#define NGX_QUIC_MAX_SR_PACKET 1200 - -#define NGX_QUIC_MAX_ACK_GAP 2 - - -typedef struct { - ngx_rbtree_t tree; - ngx_rbtree_node_t sentinel; - - uint64_t received; - uint64_t sent; - uint64_t recv_max_data; - uint64_t send_max_data; - - uint64_t server_max_streams_uni; - uint64_t server_max_streams_bidi; - uint64_t server_streams_uni; - uint64_t server_streams_bidi; - - uint64_t client_max_streams_uni; - uint64_t client_max_streams_bidi; - uint64_t client_streams_uni; - uint64_t client_streams_bidi; -} ngx_quic_streams_t; - - -typedef struct { - size_t in_flight; - size_t window; - size_t ssthresh; - ngx_msec_t recovery_start; -} ngx_quic_congestion_t; - - -/* - * 12.3. Packet Numbers - * - * Conceptually, a packet number space is the context in which a packet - * can be processed and acknowledged. Initial packets can only be sent - * with Initial packet protection keys and acknowledged in packets which - * are also Initial packets. -*/ -typedef struct { - enum ssl_encryption_level_t level; - - uint64_t pnum; /* to be sent */ - uint64_t largest_ack; /* received from peer */ - uint64_t largest_pn; /* received from peer */ - - ngx_queue_t frames; - ngx_queue_t sent; - - uint64_t pending_ack; /* non sent ack-eliciting */ - uint64_t largest_range; - uint64_t first_range; - ngx_msec_t largest_received; - ngx_msec_t ack_delay_start; - ngx_uint_t nranges; - ngx_quic_ack_range_t ranges[NGX_QUIC_MAX_RANGES]; - ngx_uint_t send_ack; -} ngx_quic_send_ctx_t; - - -typedef struct { - ngx_udp_connection_t udp; - - uint32_t version; - ngx_str_t scid; /* initial client ID */ - ngx_str_t dcid; /* server (our own) ID */ - ngx_str_t odcid; /* original server ID */ - ngx_str_t token; - - struct sockaddr *sockaddr; - socklen_t socklen; - - ngx_queue_t client_ids; - ngx_queue_t server_ids; - ngx_queue_t free_client_ids; - ngx_queue_t free_server_ids; - ngx_uint_t nclient_ids; - ngx_uint_t nserver_ids; - uint64_t max_retired_seqnum; - uint64_t client_seqnum; - uint64_t server_seqnum; - - ngx_uint_t client_tp_done; - ngx_quic_tp_t tp; - ngx_quic_tp_t ctp; - - ngx_quic_send_ctx_t send_ctx[NGX_QUIC_SEND_CTX_LAST]; - - ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST]; - - ngx_quic_keys_t *keys; - - ngx_quic_conf_t *conf; - - ngx_event_t push; - ngx_event_t pto; - ngx_event_t close; - ngx_msec_t last_cc; - - ngx_msec_t latest_rtt; - ngx_msec_t avg_rtt; - ngx_msec_t min_rtt; - ngx_msec_t rttvar; - - ngx_uint_t pto_count; - - ngx_queue_t free_frames; - ngx_chain_t *free_bufs; - ngx_buf_t *free_shadow_bufs; - -#ifdef NGX_QUIC_DEBUG_ALLOC - ngx_uint_t nframes; - ngx_uint_t nbufs; -#endif - - ngx_quic_streams_t streams; - ngx_quic_congestion_t congestion; - off_t received; - - ngx_uint_t error; - enum ssl_encryption_level_t error_level; - ngx_uint_t error_ftype; - const char *error_reason; - - unsigned error_app:1; - unsigned send_timer_set:1; - unsigned closing:1; - unsigned draining:1; - unsigned key_phase:1; - unsigned in_retry:1; - unsigned initialized:1; - unsigned validated:1; -} ngx_quic_connection_t; - - -typedef struct { - ngx_queue_t queue; - uint64_t seqnum; - size_t len; - u_char id[NGX_QUIC_CID_LEN_MAX]; - u_char sr_token[NGX_QUIC_SR_TOKEN_LEN]; -} ngx_quic_client_id_t; - - -typedef struct { - ngx_udp_connection_t udp; - ngx_queue_t queue; - uint64_t seqnum; - size_t len; - u_char id[NGX_QUIC_CID_LEN_MAX]; -} ngx_quic_server_id_t; - - -typedef ngx_int_t (*ngx_quic_frame_handler_pt)(ngx_connection_t *c, - ngx_quic_frame_t *frame, void *data); - - -#if BORINGSSL_API_VERSION >= 10 -static int ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, - const uint8_t *secret, size_t secret_len); -static int ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, - const uint8_t *secret, size_t secret_len); -#else -static int ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, const uint8_t *read_secret, - const uint8_t *write_secret, size_t secret_len); -#endif - -static int ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, const uint8_t *data, size_t len); -static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); -static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, uint8_t alert); - - -static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, - ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_send_stateless_reset(ngx_connection_t *c, - ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, - ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c, - ngx_quic_header_t *inpkt); -static ngx_int_t ngx_quic_create_server_id(ngx_connection_t *c, u_char *id); -static ngx_int_t ngx_quic_send_retry(ngx_connection_t *c); -static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token); -static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, - ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); -static ngx_inline size_t ngx_quic_max_udp_payload(ngx_connection_t *c); -static void ngx_quic_input_handler(ngx_event_t *rev); - -static void ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc); -static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); -static void ngx_quic_close_timer_handler(ngx_event_t *ev); -static ngx_int_t ngx_quic_close_streams(ngx_connection_t *c, - ngx_quic_connection_t *qc); - -static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, - ngx_quic_conf_t *conf); -static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, - ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_init_secrets(ngx_connection_t *c); -static void ngx_quic_discard_ctx(ngx_connection_t *c, - enum ssl_encryption_level_t level); -static ngx_int_t ngx_quic_check_peer(ngx_quic_connection_t *qc, - ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_payload_handler(ngx_connection_t *c, - ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_ack_packet(ngx_connection_t *c, - ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_send_ack_range(ngx_connection_t *c, - ngx_quic_send_ctx_t *ctx, uint64_t smallest, uint64_t largest); -static void ngx_quic_drop_ack_ranges(ngx_connection_t *c, - ngx_quic_send_ctx_t *ctx, uint64_t pn); -static ngx_int_t ngx_quic_send_ack(ngx_connection_t *c, - ngx_quic_send_ctx_t *ctx); -static ngx_int_t ngx_quic_send_cc(ngx_connection_t *c); -static ngx_int_t ngx_quic_send_new_token(ngx_connection_t *c); - -static ngx_int_t ngx_quic_handle_ack_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_frame_t *f); -static ngx_int_t ngx_quic_handle_ack_frame_range(ngx_connection_t *c, - ngx_quic_send_ctx_t *ctx, uint64_t min, uint64_t max, - ngx_msec_t *send_time); -static void ngx_quic_rtt_sample(ngx_connection_t *c, ngx_quic_ack_frame_t *ack, - enum ssl_encryption_level_t level, ngx_msec_t send_time); -static ngx_inline ngx_msec_t ngx_quic_pto(ngx_connection_t *c, - ngx_quic_send_ctx_t *ctx); -static void ngx_quic_handle_stream_ack(ngx_connection_t *c, - ngx_quic_frame_t *f); - -static ngx_int_t ngx_quic_handle_ordered_frame(ngx_connection_t *c, - ngx_quic_frames_stream_t *fs, ngx_quic_frame_t *frame, - ngx_quic_frame_handler_pt handler, void *data); -static ngx_int_t ngx_quic_adjust_frame_offset(ngx_connection_t *c, - ngx_quic_frame_t *f, uint64_t offset_in); -static ngx_int_t ngx_quic_buffer_frame(ngx_connection_t *c, - ngx_quic_frames_stream_t *stream, ngx_quic_frame_t *f); - -static ngx_int_t ngx_quic_handle_crypto_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_frame_t *frame); -static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, - ngx_quic_frame_t *frame, void *data); -static ngx_int_t ngx_quic_handle_stream_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_frame_t *frame); -static ngx_int_t ngx_quic_stream_input(ngx_connection_t *c, - ngx_quic_frame_t *frame, void *data); - -static ngx_int_t ngx_quic_handle_max_data_frame(ngx_connection_t *c, - ngx_quic_max_data_frame_t *f); -static ngx_int_t ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f); -static ngx_int_t ngx_quic_handle_stream_data_blocked_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_stream_data_blocked_frame_t *f); -static ngx_int_t ngx_quic_handle_max_stream_data_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_max_stream_data_frame_t *f); -static ngx_int_t ngx_quic_handle_reset_stream_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_reset_stream_frame_t *f); -static ngx_int_t ngx_quic_handle_stop_sending_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_stop_sending_frame_t *f); -static ngx_int_t ngx_quic_handle_max_streams_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_max_streams_frame_t *f); -static ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f); -static ngx_int_t ngx_quic_handle_new_connection_id_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_new_conn_id_frame_t *f); -static ngx_int_t ngx_quic_retire_connection_id(ngx_connection_t *c, - enum ssl_encryption_level_t level, uint64_t seqnum); -static ngx_int_t ngx_quic_handle_retire_connection_id_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_retire_cid_frame_t *f); -static ngx_int_t ngx_quic_issue_server_ids(ngx_connection_t *c); -static void ngx_quic_clear_temp_server_ids(ngx_connection_t *c); -static ngx_quic_server_id_t *ngx_quic_insert_server_id(ngx_connection_t *c, - ngx_str_t *id); -static ngx_quic_client_id_t *ngx_quic_alloc_client_id(ngx_connection_t *c, - ngx_quic_connection_t *qc); -static ngx_quic_server_id_t *ngx_quic_alloc_server_id(ngx_connection_t *c, - ngx_quic_connection_t *qc); - -static void ngx_quic_queue_frame(ngx_quic_connection_t *qc, - ngx_quic_frame_t *frame); - -static ngx_int_t ngx_quic_output(ngx_connection_t *c); -static ngx_uint_t ngx_quic_get_padding_level(ngx_connection_t *c); -static ngx_int_t ngx_quic_generate_ack(ngx_connection_t *c, - ngx_quic_send_ctx_t *ctx); -static ssize_t ngx_quic_output_packet(ngx_connection_t *c, - ngx_quic_send_ctx_t *ctx, u_char *data, size_t max, size_t min); -static ngx_int_t ngx_quic_split_frame(ngx_connection_t *c, ngx_quic_frame_t *f, - size_t len); -static void ngx_quic_free_frames(ngx_connection_t *c, ngx_queue_t *frames); -static ssize_t ngx_quic_send(ngx_connection_t *c, u_char *buf, size_t len); - -static void ngx_quic_set_packet_number(ngx_quic_header_t *pkt, - ngx_quic_send_ctx_t *ctx); -static void ngx_quic_pto_handler(ngx_event_t *ev); -static void ngx_quic_lost_handler(ngx_event_t *ev); -static ngx_int_t ngx_quic_detect_lost(ngx_connection_t *c); -static void ngx_quic_resend_frames(ngx_connection_t *c, - ngx_quic_send_ctx_t *ctx); -static void ngx_quic_push_handler(ngx_event_t *ev); - -static void ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, - ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); -static ngx_quic_stream_t *ngx_quic_find_stream(ngx_rbtree_t *rbtree, - uint64_t id); -static ngx_quic_stream_t *ngx_quic_create_client_stream(ngx_connection_t *c, - uint64_t id); -static ngx_quic_stream_t *ngx_quic_create_stream(ngx_connection_t *c, - uint64_t id, size_t rcvbuf_size); -static ssize_t ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, - size_t size); -static ssize_t ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, - size_t size); -static ngx_chain_t *ngx_quic_stream_send_chain(ngx_connection_t *c, - ngx_chain_t *in, off_t limit); -static size_t ngx_quic_max_stream_flow(ngx_connection_t *c); -static void ngx_quic_stream_cleanup_handler(void *data); -static ngx_quic_frame_t *ngx_quic_alloc_frame(ngx_connection_t *c); -static void ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame); - -static void ngx_quic_congestion_ack(ngx_connection_t *c, - ngx_quic_frame_t *frame); -static void ngx_quic_congestion_lost(ngx_connection_t *c, - ngx_quic_frame_t *frame); - -static ngx_chain_t *ngx_quic_alloc_buf(ngx_connection_t *c); -static void ngx_quic_free_bufs(ngx_connection_t *c, ngx_chain_t *in); -static ngx_chain_t *ngx_quic_copy_buf(ngx_connection_t *c, u_char *data, - size_t len); -static ngx_chain_t *ngx_quic_copy_chain(ngx_connection_t *c, ngx_chain_t *in, - size_t limit); -static ngx_chain_t *ngx_quic_split_bufs(ngx_connection_t *c, ngx_chain_t *in, - size_t len); - - -static SSL_QUIC_METHOD quic_method = { -#if BORINGSSL_API_VERSION >= 10 - ngx_quic_set_read_secret, - ngx_quic_set_write_secret, -#else - ngx_quic_set_encryption_secrets, -#endif - ngx_quic_add_handshake_data, - ngx_quic_flush_flight, - ngx_quic_send_alert, -}; - - -#if (NGX_DEBUG) - -static void -ngx_quic_log_frame(ngx_log_t *log, ngx_quic_frame_t *f, ngx_uint_t tx) -{ - u_char *p, *last, *pos, *end; - ssize_t n; - uint64_t gap, range, largest, smallest; - ngx_uint_t i; - u_char buf[NGX_MAX_ERROR_STR]; - - p = buf; - last = buf + sizeof(buf); - - switch (f->type) { - - case NGX_QUIC_FT_CRYPTO: - p = ngx_slprintf(p, last, "CRYPTO len:%uL off:%uL", - f->u.crypto.length, f->u.crypto.offset); - break; - - case NGX_QUIC_FT_PADDING: - p = ngx_slprintf(p, last, "PADDING"); - break; - - case NGX_QUIC_FT_ACK: - case NGX_QUIC_FT_ACK_ECN: - - p = ngx_slprintf(p, last, "ACK n:%ui delay:%uL ", - f->u.ack.range_count, f->u.ack.delay); - - if (f->data) { - pos = f->data->buf->pos; - end = f->data->buf->end; - - } else { - pos = NULL; - end = NULL; - } - - largest = f->u.ack.largest; - smallest = f->u.ack.largest - f->u.ack.first_range; - - if (largest == smallest) { - p = ngx_slprintf(p, last, "%uL", largest); - - } else { - p = ngx_slprintf(p, last, "%uL-%uL", largest, smallest); - } - - for (i = 0; i < f->u.ack.range_count; i++) { - n = ngx_quic_parse_ack_range(log, pos, end, &gap, &range); - if (n == NGX_ERROR) { - break; - } - - pos += n; - - largest = smallest - gap - 2; - smallest = largest - range; - - if (largest == smallest) { - p = ngx_slprintf(p, last, " %uL", largest); - - } else { - p = ngx_slprintf(p, last, " %uL-%uL", largest, smallest); - } - } - - if (f->type == NGX_QUIC_FT_ACK_ECN) { - p = ngx_slprintf(p, last, " ECN counters ect0:%uL ect1:%uL ce:%uL", - f->u.ack.ect0, f->u.ack.ect1, f->u.ack.ce); - } - break; - - case NGX_QUIC_FT_PING: - p = ngx_slprintf(p, last, "PING"); - break; - - case NGX_QUIC_FT_NEW_CONNECTION_ID: - p = ngx_slprintf(p, last, - "NEW_CONNECTION_ID seq:%uL retire:%uL len:%ud", - f->u.ncid.seqnum, f->u.ncid.retire, f->u.ncid.len); - break; - - case NGX_QUIC_FT_RETIRE_CONNECTION_ID: - p = ngx_slprintf(p, last, "RETIRE_CONNECTION_ID seqnum:%uL", - f->u.retire_cid.sequence_number); - break; - - case NGX_QUIC_FT_CONNECTION_CLOSE: - case NGX_QUIC_FT_CONNECTION_CLOSE_APP: - p = ngx_slprintf(p, last, "CONNECTION_CLOSE%s err:%ui", - f->u.close.app ? "_APP" : "", f->u.close.error_code); - - if (f->u.close.reason.len) { - p = ngx_slprintf(p, last, " %V", &f->u.close.reason); - } - - if (f->type == NGX_QUIC_FT_CONNECTION_CLOSE) { - p = ngx_slprintf(p, last, " ft:%ui", f->u.close.frame_type); - } - - - break; - - case NGX_QUIC_FT_STREAM0: - case NGX_QUIC_FT_STREAM1: - case NGX_QUIC_FT_STREAM2: - case NGX_QUIC_FT_STREAM3: - case NGX_QUIC_FT_STREAM4: - case NGX_QUIC_FT_STREAM5: - case NGX_QUIC_FT_STREAM6: - case NGX_QUIC_FT_STREAM7: - - p = ngx_slprintf(p, last, "STREAM id:0x%xL", f->u.stream.stream_id); - - if (f->u.stream.off) { - p = ngx_slprintf(p, last, " off:%uL", f->u.stream.offset); - } - - if (f->u.stream.len) { - p = ngx_slprintf(p, last, " len:%uL", f->u.stream.length); - } - - if (f->u.stream.fin) { - p = ngx_slprintf(p, last, " fin:1"); - } - -#ifdef NGX_QUIC_DEBUG_FRAMES - { - ngx_chain_t *cl; - - p = ngx_slprintf(p, last, " data:"); - - for (cl = f->data; cl; cl = cl->next) { - p = ngx_slprintf(p, last, "%*xs", - cl->buf->last - cl->buf->pos, cl->buf->pos); - } - } -#endif - - break; - - case NGX_QUIC_FT_MAX_DATA: - p = ngx_slprintf(p, last, "MAX_DATA max_data:%uL on recv", - f->u.max_data.max_data); - break; - - case NGX_QUIC_FT_RESET_STREAM: - p = ngx_slprintf(p, last, "RESET_STREAM" - " id:0x%xL error_code:0x%xL final_size:0x%xL", - f->u.reset_stream.id, f->u.reset_stream.error_code, - f->u.reset_stream.final_size); - break; - - case NGX_QUIC_FT_STOP_SENDING: - p = ngx_slprintf(p, last, "STOP_SENDING id:0x%xL err:0x%xL", - f->u.stop_sending.id, f->u.stop_sending.error_code); - break; - - case NGX_QUIC_FT_STREAMS_BLOCKED: - case NGX_QUIC_FT_STREAMS_BLOCKED2: - p = ngx_slprintf(p, last, "STREAMS_BLOCKED limit:%uL bidi:%ui", - f->u.streams_blocked.limit, f->u.streams_blocked.bidi); - break; - - case NGX_QUIC_FT_MAX_STREAMS: - case NGX_QUIC_FT_MAX_STREAMS2: - p = ngx_slprintf(p, last, "MAX_STREAMS limit:%uL bidi:%ui", - f->u.max_streams.limit, f->u.max_streams.bidi); - break; - - case NGX_QUIC_FT_MAX_STREAM_DATA: - p = ngx_slprintf(p, last, "MAX_STREAM_DATA id:0x%xL limit:%uL", - f->u.max_stream_data.id, f->u.max_stream_data.limit); - break; - - - case NGX_QUIC_FT_DATA_BLOCKED: - p = ngx_slprintf(p, last, "DATA_BLOCKED limit:%uL", - f->u.data_blocked.limit); - break; - - case NGX_QUIC_FT_STREAM_DATA_BLOCKED: - p = ngx_slprintf(p, last, "STREAM_DATA_BLOCKED id:0x%xL limit:%uL", - f->u.stream_data_blocked.id, - f->u.stream_data_blocked.limit); - break; - - case NGX_QUIC_FT_PATH_CHALLENGE: - p = ngx_slprintf(p, last, "PATH_CHALLENGE data:0x%*xs", - sizeof(f->u.path_challenge.data), - f->u.path_challenge.data); - break; - - case NGX_QUIC_FT_PATH_RESPONSE: - p = ngx_slprintf(p, last, "PATH_RESPONSE data:0x%*xs", - sizeof(f->u.path_challenge.data), - f->u.path_challenge.data); - break; - - case NGX_QUIC_FT_NEW_TOKEN: - p = ngx_slprintf(p, last, "NEW_TOKEN"); - break; - - case NGX_QUIC_FT_HANDSHAKE_DONE: - p = ngx_slprintf(p, last, "HANDSHAKE DONE"); - break; - - default: - p = ngx_slprintf(p, last, "unknown type 0x%xi", f->type); - break; - } - - ngx_log_debug4(NGX_LOG_DEBUG_EVENT, log, 0, "quic frame %s %s %*s", - tx ? "tx" : "rx", ngx_quic_level_name(f->level), - p - buf, buf); -} - - -static void -ngx_quic_connstate_dbg(ngx_connection_t *c) -{ - u_char *p, *last; - ngx_quic_connection_t *qc; - u_char buf[NGX_MAX_ERROR_STR]; - - p = buf; - last = p + sizeof(buf); - - qc = ngx_quic_get_connection(c); - - p = ngx_slprintf(p, last, "state:"); - - if (qc) { - - if (qc->error) { - p = ngx_slprintf(p, last, "%s", qc->error_app ? " app" : ""); - p = ngx_slprintf(p, last, " error:%ui", qc->error); - - if (qc->error_reason) { - p = ngx_slprintf(p, last, " \"%s\"", qc->error_reason); - } - } - - p = ngx_slprintf(p, last, "%s", qc->closing ? " closing" : ""); - p = ngx_slprintf(p, last, "%s", qc->draining ? " draining" : ""); - p = ngx_slprintf(p, last, "%s", qc->key_phase ? " kp" : ""); - p = ngx_slprintf(p, last, "%s", qc->in_retry ? " retry" : ""); - p = ngx_slprintf(p, last, "%s", qc->validated? " valid" : ""); - - } else { - p = ngx_slprintf(p, last, " early"); - } - - if (c->read->timer_set) { - p = ngx_slprintf(p, last, - qc && qc->send_timer_set ? " send:%M" : " read:%M", - c->read->timer.key - ngx_current_msec); - } - - if (qc) { - - if (qc->push.timer_set) { - p = ngx_slprintf(p, last, " push:%M", - qc->push.timer.key - ngx_current_msec); - } - - if (qc->pto.timer_set) { - p = ngx_slprintf(p, last, " pto:%M", - qc->pto.timer.key - ngx_current_msec); - } - - if (qc->close.timer_set) { - p = ngx_slprintf(p, last, " close:%M", - qc->close.timer.key - ngx_current_msec); - } - } - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic %*s", p - buf, buf); -} - -#else - -#define ngx_quic_log_frame(log, f, tx) -#define ngx_quic_connstate_dbg(c) - -#endif - - -#if BORINGSSL_API_VERSION >= 10 - -static int -ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, - const uint8_t *rsecret, size_t secret_len) -{ - ngx_connection_t *c; - ngx_quic_connection_t *qc; - - c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); - qc = ngx_quic_get_connection(c); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_set_read_secret() level:%d", level); -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic read secret len:%uz %*xs", secret_len, - secret_len, rsecret); -#endif - - return ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, - cipher, rsecret, secret_len); -} - - -static int -ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, - const uint8_t *wsecret, size_t secret_len) -{ - ngx_connection_t *c; - ngx_quic_connection_t *qc; - - c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); - qc = ngx_quic_get_connection(c); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_set_write_secret() level:%d", level); -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic write secret len:%uz %*xs", secret_len, - secret_len, wsecret); -#endif - - return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, - cipher, wsecret, secret_len); -} - -#else - -static int -ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, const uint8_t *rsecret, - const uint8_t *wsecret, size_t secret_len) -{ - ngx_connection_t *c; - const SSL_CIPHER *cipher; - ngx_quic_connection_t *qc; - - c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); - qc = ngx_quic_get_connection(c); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_set_encryption_secrets() level:%d", level); -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic read secret len:%uz %*xs", secret_len, - secret_len, rsecret); -#endif - - cipher = SSL_get_current_cipher(ssl_conn); - - if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, - cipher, rsecret, secret_len) - != 1) - { - return 0; - } - - if (level == ssl_encryption_early_data) { - return 1; - } - -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic write secret len:%uz %*xs", secret_len, - secret_len, wsecret); -#endif - - return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, - cipher, wsecret, secret_len); -} - -#endif - - -static int -ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, - enum ssl_encryption_level_t level, const uint8_t *data, size_t len) -{ - u_char *p, *end; - size_t client_params_len; - const uint8_t *client_params; - ngx_quic_frame_t *frame; - ngx_connection_t *c; - ngx_quic_connection_t *qc; - ngx_quic_frames_stream_t *fs; - - c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); - qc = ngx_quic_get_connection(c); - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_add_handshake_data"); - - if (!qc->client_tp_done) { - /* - * things to do once during handshake: check ALPN and transport - * parameters; we want to break handshake if something is wrong - * here; - */ - -#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) - if (qc->conf->require_alpn) { - unsigned int len; - const unsigned char *data; - - SSL_get0_alpn_selected(ssl_conn, &data, &len); - - if (len == 0) { - qc->error = 0x100 + SSL_AD_NO_APPLICATION_PROTOCOL; - qc->error_reason = "unsupported protocol in ALPN extension"; - - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic unsupported protocol in ALPN extension"); - return 0; - } - } -#endif - - SSL_get_peer_quic_transport_params(ssl_conn, &client_params, - &client_params_len); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic SSL_get_peer_quic_transport_params():" - " params_len:%ui", client_params_len); - - if (client_params_len == 0) { - /* quic-tls 8.2 */ - qc->error = NGX_QUIC_ERR_CRYPTO(SSL_AD_MISSING_EXTENSION); - qc->error_reason = "missing transport parameters"; - - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "missing transport parameters"); - return 0; - } - - p = (u_char *) client_params; - end = p + client_params_len; - - if (ngx_quic_parse_transport_params(p, end, &qc->ctp, c->log) - != NGX_OK) - { - qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; - qc->error_reason = "failed to process transport parameters"; - - return 0; - } - - if (qc->ctp.max_idle_timeout > 0 - && qc->ctp.max_idle_timeout < qc->tp.max_idle_timeout) - { - qc->tp.max_idle_timeout = qc->ctp.max_idle_timeout; - } - - if (qc->ctp.max_udp_payload_size < NGX_QUIC_MIN_INITIAL_SIZE - || qc->ctp.max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) - { - qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; - qc->error_reason = "invalid maximum packet size"; - - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic maximum packet size is invalid"); - return 0; - } - - if (qc->ctp.max_udp_payload_size > ngx_quic_max_udp_payload(c)) { - qc->ctp.max_udp_payload_size = ngx_quic_max_udp_payload(c); - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic client maximum packet size truncated"); - } - -#if (NGX_QUIC_DRAFT_VERSION >= 28) - if (qc->scid.len != qc->ctp.initial_scid.len - || ngx_memcmp(qc->scid.data, qc->ctp.initial_scid.data, - qc->scid.len) != 0) - { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic client initial_source_connection_id " - "mismatch"); - return 0; - } -#endif - - qc->streams.server_max_streams_bidi = qc->ctp.initial_max_streams_bidi; - qc->streams.server_max_streams_uni = qc->ctp.initial_max_streams_uni; - - qc->client_tp_done = 1; - } - - fs = &qc->crypto[level]; - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return 0; - } - - frame->data = ngx_quic_copy_buf(c, (u_char *) data, len); - if (frame->data == NGX_CHAIN_ERROR) { - return 0; - } - - frame->level = level; - frame->type = NGX_QUIC_FT_CRYPTO; - frame->u.crypto.offset = fs->sent; - frame->u.crypto.length = len; - - fs->sent += len; - - ngx_quic_queue_frame(qc, frame); - - return 1; -} - - -static int -ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn) -{ -#if (NGX_DEBUG) - ngx_connection_t *c; - - c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_flush_flight()"); -#endif - return 1; -} - - -static int -ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level, - uint8_t alert) -{ - ngx_connection_t *c; - ngx_quic_connection_t *qc; - - c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_send_alert() lvl:%d alert:%d", - (int) level, (int) alert); - - qc = ngx_quic_get_connection(c); - if (qc == NULL) { - return 1; - } - - qc->error_level = level; - qc->error = NGX_QUIC_ERR_CRYPTO(alert); - qc->error_reason = "TLS alert"; - qc->error_app = 0; - qc->error_ftype = 0; - - if (ngx_quic_send_cc(c) != NGX_OK) { - return 0; - } - - return 1; -} - - -void -ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) -{ - ngx_int_t rc; - ngx_quic_connection_t *qc; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); - - rc = ngx_quic_input(c, c->buffer, conf); - if (rc != NGX_OK) { - ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); - return; - } - - qc = ngx_quic_get_connection(c); - - ngx_add_timer(c->read, qc->in_retry ? NGX_QUIC_RETRY_TIMEOUT - : qc->tp.max_idle_timeout); - - c->read->handler = ngx_quic_input_handler; - - ngx_quic_connstate_dbg(c); - return; -} - - -static ngx_quic_connection_t * -ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, - ngx_quic_header_t *pkt) -{ - ngx_uint_t i; - ngx_quic_tp_t *ctp; - ngx_quic_client_id_t *cid; - ngx_quic_connection_t *qc; - - qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); - if (qc == NULL) { - return NULL; - } - - qc->keys = ngx_quic_keys_new(c->pool); - if (qc->keys == NULL) { - return NULL; - } - - qc->version = pkt->version; - - ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, - ngx_quic_rbtree_insert_stream); - - for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { - ngx_queue_init(&qc->send_ctx[i].frames); - ngx_queue_init(&qc->send_ctx[i].sent); - qc->send_ctx[i].largest_pn = NGX_QUIC_UNSET_PN; - qc->send_ctx[i].largest_ack = NGX_QUIC_UNSET_PN; - qc->send_ctx[i].largest_range = NGX_QUIC_UNSET_PN; - qc->send_ctx[i].pending_ack = NGX_QUIC_UNSET_PN; - } - - qc->send_ctx[0].level = ssl_encryption_initial; - qc->send_ctx[1].level = ssl_encryption_handshake; - qc->send_ctx[2].level = ssl_encryption_application; - - for (i = 0; i < NGX_QUIC_ENCRYPTION_LAST; i++) { - ngx_queue_init(&qc->crypto[i].frames); - } - - ngx_queue_init(&qc->free_frames); - ngx_queue_init(&qc->client_ids); - ngx_queue_init(&qc->server_ids); - ngx_queue_init(&qc->free_client_ids); - ngx_queue_init(&qc->free_server_ids); - - qc->avg_rtt = NGX_QUIC_INITIAL_RTT; - qc->rttvar = NGX_QUIC_INITIAL_RTT / 2; - qc->min_rtt = NGX_TIMER_INFINITE; - - /* - * qc->latest_rtt = 0 - * qc->nclient_ids = 0 - * qc->nserver_ids = 0 - * qc->max_retired_seqnum = 0 - */ - - qc->received = pkt->raw->last - pkt->raw->start; - - qc->pto.log = c->log; - qc->pto.data = c; - qc->pto.handler = ngx_quic_pto_handler; - qc->pto.cancelable = 1; - - qc->push.log = c->log; - qc->push.data = c; - qc->push.handler = ngx_quic_push_handler; - qc->push.cancelable = 1; - - qc->conf = conf; - qc->tp = conf->tp; - - if (qc->tp.disable_active_migration) { - qc->sockaddr = ngx_palloc(c->pool, c->socklen); - if (qc->sockaddr == NULL) { - return NULL; - } - - ngx_memcpy(qc->sockaddr, c->sockaddr, c->socklen); - qc->socklen = c->socklen; - } - - ctp = &qc->ctp; - ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); - ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; - ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; - - qc->streams.recv_max_data = qc->tp.initial_max_data; - - qc->streams.client_max_streams_uni = qc->tp.initial_max_streams_uni; - qc->streams.client_max_streams_bidi = qc->tp.initial_max_streams_bidi; - - qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, - ngx_max(2 * qc->tp.max_udp_payload_size, - 14720)); - qc->congestion.ssthresh = (size_t) -1; - qc->congestion.recovery_start = ngx_current_msec; - - qc->odcid.len = pkt->dcid.len; - qc->odcid.data = ngx_pstrdup(c->pool, &pkt->dcid); - if (qc->odcid.data == NULL) { - return NULL; - } - - qc->dcid.len = NGX_QUIC_SERVER_CID_LEN; - qc->dcid.data = ngx_pnalloc(c->pool, qc->dcid.len); - if (qc->dcid.data == NULL) { - return NULL; - } - - if (ngx_quic_create_server_id(c, qc->dcid.data) != NGX_OK) { - return NULL; - } - -#if (NGX_QUIC_DRAFT_VERSION >= 28) - qc->tp.original_dcid = qc->odcid; -#endif - qc->tp.initial_scid = qc->dcid; - - qc->scid.len = pkt->scid.len; - qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len); - if (qc->scid.data == NULL) { - return NULL; - } - ngx_memcpy(qc->scid.data, pkt->scid.data, qc->scid.len); - - cid = ngx_quic_alloc_client_id(c, qc); - if (cid == NULL) { - return NULL; - } - - cid->seqnum = 0; - cid->len = pkt->scid.len; - ngx_memcpy(cid->id, pkt->scid.data, pkt->scid.len); - - ngx_queue_insert_tail(&qc->client_ids, &cid->queue); - qc->nclient_ids++; - qc->client_seqnum = 0; - - qc->server_seqnum = NGX_QUIC_UNSET_PN; - - return qc; -} - - -static ngx_int_t -ngx_quic_send_stateless_reset(ngx_connection_t *c, ngx_quic_conf_t *conf, - ngx_quic_header_t *pkt) -{ - u_char *token; - size_t len, max; - uint16_t rndbytes; - u_char buf[NGX_QUIC_MAX_SR_PACKET]; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic handle stateless reset output"); - - if (pkt->len <= NGX_QUIC_MIN_PKT_LEN) { - return NGX_DECLINED; - } - - if (pkt->len <= NGX_QUIC_MIN_SR_PACKET) { - len = pkt->len - 1; - - } else { - max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len * 3); - - if (RAND_bytes((u_char *) &rndbytes, sizeof(rndbytes)) != 1) { - return NGX_ERROR; - } - - len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET + 1)) - + NGX_QUIC_MIN_SR_PACKET; - } - - if (RAND_bytes(buf, len - NGX_QUIC_SR_TOKEN_LEN) != 1) { - return NGX_ERROR; - } - - buf[0] &= ~NGX_QUIC_PKT_LONG; - buf[0] |= NGX_QUIC_PKT_FIXED_BIT; - - token = &buf[len - NGX_QUIC_SR_TOKEN_LEN]; - - if (ngx_quic_new_sr_token(c, &pkt->dcid, &conf->sr_token_key, token) - != NGX_OK) - { - return NGX_ERROR; - } - - (void) ngx_quic_send(c, buf, len); - - return NGX_DECLINED; -} - - -static ngx_int_t -ngx_quic_process_stateless_reset(ngx_connection_t *c, ngx_quic_header_t *pkt) -{ - u_char *tail, ch; - ngx_uint_t i; - ngx_queue_t *q; - ngx_quic_client_id_t *cid; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - /* A stateless reset uses an entire UDP datagram */ - if (pkt->raw->start != pkt->data) { - return NGX_DECLINED; - } - - tail = pkt->raw->last - NGX_QUIC_SR_TOKEN_LEN; - - for (q = ngx_queue_head(&qc->client_ids); - q != ngx_queue_sentinel(&qc->client_ids); - q = ngx_queue_next(q)) - { - cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); - - if (cid->seqnum == 0) { - /* no stateless reset token in initial connection id */ - continue; - } - - /* constant time comparison */ - - for (ch = 0, i = 0; i < NGX_QUIC_SR_TOKEN_LEN; i++) { - ch |= tail[i] ^ cid->sr_token[i]; - } - - if (ch == 0) { - return NGX_OK; - } - } - - return NGX_DECLINED; -} - - -static ngx_int_t -ngx_quic_negotiate_version(ngx_connection_t *c, ngx_quic_header_t *inpkt) -{ - size_t len; - ngx_quic_header_t pkt; - static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "sending version negotiation packet"); - - pkt.log = c->log; - pkt.flags = NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_FIXED_BIT; - pkt.dcid = inpkt->scid; - pkt.scid = inpkt->dcid; - - len = ngx_quic_create_version_negotiation(&pkt, buf); - -#ifdef NGX_QUIC_DEBUG_PACKETS - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic vnego packet to send len:%uz %*xs", len, len, buf); -#endif - - (void) ngx_quic_send(c, buf, len); - - return NGX_ERROR; -} - - -static ngx_int_t -ngx_quic_create_server_id(ngx_connection_t *c, u_char *id) -{ - if (RAND_bytes(id, NGX_QUIC_SERVER_CID_LEN) != 1) { - return NGX_ERROR; - } - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic create server id %*xs", - (size_t) NGX_QUIC_SERVER_CID_LEN, id); - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_send_retry(ngx_connection_t *c) -{ - ssize_t len; - ngx_str_t res, token; - ngx_quic_header_t pkt; - ngx_quic_connection_t *qc; - u_char buf[NGX_QUIC_RETRY_BUFFER_SIZE]; - - qc = ngx_quic_get_connection(c); - - if (ngx_quic_new_token(c, &token) != NGX_OK) { - return NGX_ERROR; - } - - ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); - pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_RETRY; - pkt.version = qc->version; - pkt.log = c->log; - pkt.odcid = qc->odcid; - pkt.dcid = qc->scid; - pkt.scid = qc->dcid; - pkt.token = token; - - res.data = buf; - - if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) { - return NGX_ERROR; - } - -#ifdef NGX_QUIC_DEBUG_PACKETS - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic packet to send len:%uz %xV", res.len, &res); -#endif - - len = ngx_quic_send(c, res.data, res.len); - if (len == NGX_ERROR) { - return NGX_ERROR; - } - - qc->token = token; -#if (NGX_QUIC_DRAFT_VERSION < 28) - qc->tp.original_dcid = qc->odcid; -#endif - qc->tp.retry_scid = qc->dcid; - qc->in_retry = 1; - - if (ngx_quic_insert_server_id(c, &qc->dcid) == NULL) { - return NGX_ERROR; - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token) -{ - int len, iv_len; - u_char *data, *p, *key, *iv; - ngx_msec_t now; - EVP_CIPHER_CTX *ctx; - const EVP_CIPHER *cipher; - struct sockaddr_in *sin; -#if (NGX_HAVE_INET6) - struct sockaddr_in6 *sin6; -#endif - ngx_quic_connection_t *qc; - u_char in[NGX_QUIC_MAX_TOKEN_SIZE]; - - switch (c->sockaddr->sa_family) { - -#if (NGX_HAVE_INET6) - case AF_INET6: - sin6 = (struct sockaddr_in6 *) c->sockaddr; - - len = sizeof(struct in6_addr); - data = sin6->sin6_addr.s6_addr; - - break; -#endif - -#if (NGX_HAVE_UNIX_DOMAIN) - case AF_UNIX: - - len = ngx_min(c->addr_text.len, NGX_QUIC_MAX_TOKEN_SIZE - sizeof(now)); - data = c->addr_text.data; - - break; -#endif - - default: /* AF_INET */ - sin = (struct sockaddr_in *) c->sockaddr; - - len = sizeof(in_addr_t); - data = (u_char *) &sin->sin_addr; - - break; - } - - p = ngx_cpymem(in, data, len); - - now = ngx_current_msec; - len += sizeof(now); - ngx_memcpy(p, &now, sizeof(now)); - - cipher = EVP_aes_256_cbc(); - iv_len = EVP_CIPHER_iv_length(cipher); - - token->len = iv_len + len + EVP_CIPHER_block_size(cipher); - token->data = ngx_pnalloc(c->pool, token->len); - if (token->data == NULL) { - return NGX_ERROR; - } - - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) { - return NGX_ERROR; - } - - qc = ngx_quic_get_connection(c); - key = qc->conf->token_key; - iv = token->data; - - if (RAND_bytes(iv, iv_len) <= 0 - || !EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv)) - { - EVP_CIPHER_CTX_free(ctx); - return NGX_ERROR; - } - - token->len = iv_len; - - if (EVP_EncryptUpdate(ctx, token->data + token->len, &len, in, len) != 1) { - EVP_CIPHER_CTX_free(ctx); - return NGX_ERROR; - } - - token->len += len; - - if (EVP_EncryptFinal_ex(ctx, token->data + token->len, &len) <= 0) { - EVP_CIPHER_CTX_free(ctx); - return NGX_ERROR; - } - - token->len += len; - - EVP_CIPHER_CTX_free(ctx); - -#ifdef NGX_QUIC_DEBUG_PACKETS - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic new token len:%uz %xV", token->len, token); -#endif - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_validate_token(ngx_connection_t *c, ngx_quic_header_t *pkt) -{ - int len, tlen, iv_len; - u_char *key, *iv, *p, *data; - ngx_msec_t msec; - EVP_CIPHER_CTX *ctx; - const EVP_CIPHER *cipher; - struct sockaddr_in *sin; -#if (NGX_HAVE_INET6) - struct sockaddr_in6 *sin6; -#endif - ngx_quic_connection_t *qc; - u_char tdec[NGX_QUIC_MAX_TOKEN_SIZE]; - - qc = ngx_quic_get_connection(c); - - /* Retry token */ - - if (qc->token.len) { - if (pkt->token.len != qc->token.len) { - goto bad_token; - } - - if (ngx_memcmp(pkt->token.data, qc->token.data, pkt->token.len) != 0) { - goto bad_token; - } - - return NGX_OK; - } - - /* NEW_TOKEN in a previous connection */ - - cipher = EVP_aes_256_cbc(); - key = qc->conf->token_key; - iv = pkt->token.data; - iv_len = EVP_CIPHER_iv_length(cipher); - - /* sanity checks */ - - if (pkt->token.len < (size_t) iv_len + EVP_CIPHER_block_size(cipher)) { - goto bad_token; - } - - if (pkt->token.len > (size_t) iv_len + NGX_QUIC_MAX_TOKEN_SIZE) { - goto bad_token; - } - - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) { - return NGX_ERROR; - } - - if (!EVP_DecryptInit_ex(ctx, cipher, NULL, key, iv)) { - EVP_CIPHER_CTX_free(ctx); - return NGX_ERROR; - } - - p = pkt->token.data + iv_len; - len = pkt->token.len - iv_len; - - if (EVP_DecryptUpdate(ctx, tdec, &len, p, len) != 1) { - EVP_CIPHER_CTX_free(ctx); - goto bad_token; - } - - if (EVP_DecryptFinal_ex(ctx, tdec + len, &tlen) <= 0) { - EVP_CIPHER_CTX_free(ctx); - goto bad_token; - } - - EVP_CIPHER_CTX_free(ctx); - - switch (c->sockaddr->sa_family) { - -#if (NGX_HAVE_INET6) - case AF_INET6: - sin6 = (struct sockaddr_in6 *) c->sockaddr; - - len = sizeof(struct in6_addr); - data = sin6->sin6_addr.s6_addr; - - break; -#endif - -#if (NGX_HAVE_UNIX_DOMAIN) - case AF_UNIX: - - len = ngx_min(c->addr_text.len, NGX_QUIC_MAX_TOKEN_SIZE - sizeof(msec)); - data = c->addr_text.data; - - break; -#endif - - default: /* AF_INET */ - sin = (struct sockaddr_in *) c->sockaddr; - - len = sizeof(in_addr_t); - data = (u_char *) &sin->sin_addr; - - break; - } - - if (ngx_memcmp(tdec, data, len) != 0) { - goto bad_token; - } - - ngx_memcpy(&msec, tdec + len, sizeof(msec)); - - if (ngx_current_msec - msec > NGX_QUIC_RETRY_LIFETIME) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic expired token"); - return NGX_DECLINED; - } - - return NGX_OK; - -bad_token: - - ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic invalid token"); - - qc->error = NGX_QUIC_ERR_INVALID_TOKEN; - qc->error_reason = "invalid_token"; - - return NGX_DECLINED; -} - - -static ngx_int_t -ngx_quic_init_connection(ngx_connection_t *c) -{ - u_char *p; - size_t clen; - ssize_t len; - ngx_ssl_conn_t *ssl_conn; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (ngx_ssl_create_connection(qc->conf->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { - return NGX_ERROR; - } - - c->ssl->no_wait_shutdown = 1; - - ssl_conn = c->ssl->connection; - - if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic SSL_set_quic_method() failed"); - return NGX_ERROR; - } - -#ifdef SSL_READ_EARLY_DATA_SUCCESS - if (SSL_CTX_get_max_early_data(qc->conf->ssl->ctx)) { - SSL_set_quic_early_data_enabled(ssl_conn, 1); - } -#endif - - if (ngx_quic_new_sr_token(c, &qc->dcid, &qc->conf->sr_token_key, - qc->tp.sr_token) - != NGX_OK) - { - return NGX_ERROR; - } - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stateless reset token %*xs", - (size_t) NGX_QUIC_SR_TOKEN_LEN, qc->tp.sr_token); - - len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp, &clen); - /* always succeeds */ - - p = ngx_pnalloc(c->pool, len); - if (p == NULL) { - return NGX_ERROR; - } - - len = ngx_quic_create_transport_params(p, p + len, &qc->tp, NULL); - if (len < 0) { - return NGX_ERROR; - } - -#ifdef NGX_QUIC_DEBUG_PACKETS - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic transport parameters len:%uz %*xs", len, len, p); -#endif - - if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic SSL_set_quic_transport_params() failed"); - return NGX_ERROR; - } - -#if NGX_OPENSSL_QUIC_ZRTT_CTX - if (SSL_set_quic_early_data_context(ssl_conn, p, clen) == 0) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic SSL_set_quic_early_data_context() failed"); - return NGX_ERROR; - } -#endif - - return NGX_OK; -} - - -static ngx_inline size_t -ngx_quic_max_udp_payload(ngx_connection_t *c) -{ - /* TODO: path MTU discovery */ - -#if (NGX_HAVE_INET6) - if (c->sockaddr->sa_family == AF_INET6) { - return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6; - } -#endif - - return NGX_QUIC_MAX_UDP_PAYLOAD_OUT; -} - - -static void -ngx_quic_input_handler(ngx_event_t *rev) -{ - ssize_t n; - ngx_int_t rc; - ngx_buf_t b; - ngx_connection_t *c; - ngx_quic_connection_t *qc; - static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); - - ngx_memzero(&b, sizeof(ngx_buf_t)); - b.start = buf; - b.end = buf + sizeof(buf); - b.pos = b.last = b.start; - b.memory = 1; - - c = rev->data; - qc = ngx_quic_get_connection(c); - - c->log->action = "handling quic input"; - - if (rev->timedout) { - ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, - "quic client timed out"); - ngx_quic_close_connection(c, NGX_DONE); - return; - } - - if (c->close) { - qc->error_reason = "graceful shutdown"; - ngx_quic_close_connection(c, NGX_OK); - return; - } - - n = c->recv(c, b.start, b.end - b.start); - - if (n == NGX_AGAIN) { - if (qc->closing) { - ngx_quic_close_connection(c, NGX_OK); - } - return; - } - - if (n == NGX_ERROR) { - c->read->eof = 1; - ngx_quic_close_connection(c, NGX_ERROR); - return; - } - - if (qc->tp.disable_active_migration) { - if (c->socklen != qc->socklen - || ngx_memcmp(c->sockaddr, qc->sockaddr, c->socklen) != 0) - { - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic dropping packet from new address"); - return; - } - } - - b.last += n; - qc->received += n; - - rc = ngx_quic_input(c, &b, NULL); - - if (rc == NGX_ERROR) { - ngx_quic_close_connection(c, NGX_ERROR); - return; - } - - if (rc == NGX_DECLINED) { - return; - } - - /* rc == NGX_OK */ - - qc->send_timer_set = 0; - ngx_add_timer(rev, qc->tp.max_idle_timeout); - - ngx_quic_connstate_dbg(c); -} - - -static void -ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) -{ - ngx_pool_t *pool; - ngx_quic_connection_t *qc; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_close_connection rc:%i", rc); - - qc = ngx_quic_get_connection(c); - - if (qc == NULL) { - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic close connection early error"); - - } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { - return; - } - - if (c->ssl) { - (void) ngx_ssl_shutdown(c); - } - - if (c->read->timer_set) { - ngx_del_timer(c->read); - } - -#if (NGX_STAT_STUB) - (void) ngx_atomic_fetch_add(ngx_stat_active, -1); -#endif - - c->destroyed = 1; - - pool = c->pool; - - ngx_close_connection(c); - - ngx_destroy_pool(pool); -} - - -static ngx_int_t -ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc) -{ - ngx_uint_t i; - ngx_queue_t *q; - ngx_quic_send_ctx_t *ctx; - ngx_quic_server_id_t *sid; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (!qc->closing) { - - /* drop packets from retransmit queues, no ack is expected */ - for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { - ngx_quic_free_frames(c, &qc->send_ctx[i].sent); - } - - if (rc == NGX_DONE) { - - /* - * 10.2. Idle Timeout - * - * If the idle timeout is enabled by either peer, a connection is - * silently closed and its state is discarded when it remains idle - */ - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic closing %s connection", - qc->draining ? "drained" : "idle"); - - } else { - - /* - * 10.3. Immediate Close - * - * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) - * to terminate the connection immediately. - */ - - qc->error_level = c->ssl ? SSL_quic_read_level(c->ssl->connection) - : ssl_encryption_initial; - - if (rc == NGX_OK) { - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic immediate close drain:%d", - qc->draining); - - qc->close.log = c->log; - qc->close.data = c; - qc->close.handler = ngx_quic_close_timer_handler; - qc->close.cancelable = 1; - - ctx = ngx_quic_get_send_ctx(qc, qc->error_level); - - ngx_add_timer(&qc->close, 3 * ngx_quic_pto(c, ctx)); - - qc->error = NGX_QUIC_ERR_NO_ERROR; - - } else { - if (qc->error == 0 && !qc->error_app) { - qc->error = NGX_QUIC_ERR_INTERNAL_ERROR; - } - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic immediate close due to %s error: %ui %s", - qc->error_app ? "app " : "", qc->error, - qc->error_reason ? qc->error_reason : ""); - } - - (void) ngx_quic_send_cc(c); - - if (qc->error_level == ssl_encryption_handshake) { - /* for clients that might not have handshake keys */ - qc->error_level = ssl_encryption_initial; - (void) ngx_quic_send_cc(c); - } - } - - qc->closing = 1; - } - - if (rc == NGX_ERROR && qc->close.timer_set) { - /* do not wait for timer in case of fatal error */ - ngx_del_timer(&qc->close); - } - - if (ngx_quic_close_streams(c, qc) == NGX_AGAIN) { - return NGX_AGAIN; - } - - if (qc->push.timer_set) { - ngx_del_timer(&qc->push); - } - - if (qc->pto.timer_set) { - ngx_del_timer(&qc->pto); - } - - if (qc->push.posted) { - ngx_delete_posted_event(&qc->push); - } - - while (!ngx_queue_empty(&qc->server_ids)) { - q = ngx_queue_head(&qc->server_ids); - sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); - - ngx_queue_remove(q); - ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); - qc->nserver_ids--; - } - - if (qc->close.timer_set) { - return NGX_AGAIN; - } - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic part of connection is terminated"); - - /* may be tested from SSL callback during SSL shutdown */ - c->udp = NULL; - - return NGX_OK; -} - - -void -ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, - const char *reason) -{ - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - qc->error = err; - qc->error_reason = reason; - qc->error_app = 1; - qc->error_ftype = 0; - - ngx_quic_close_connection(c, NGX_ERROR); -} - - -static void -ngx_quic_close_timer_handler(ngx_event_t *ev) -{ - ngx_connection_t *c; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic close timer"); - - c = ev->data; - ngx_quic_close_connection(c, NGX_DONE); -} - - -static ngx_int_t -ngx_quic_close_streams(ngx_connection_t *c, ngx_quic_connection_t *qc) -{ - ngx_event_t *rev, *wev; - ngx_rbtree_t *tree; - ngx_rbtree_node_t *node; - ngx_quic_stream_t *qs; - -#if (NGX_DEBUG) - ngx_uint_t ns; -#endif - - tree = &qc->streams.tree; - - if (tree->root == tree->sentinel) { - return NGX_OK; - } - -#if (NGX_DEBUG) - ns = 0; -#endif - - for (node = ngx_rbtree_min(tree->root, tree->sentinel); - node; - node = ngx_rbtree_next(tree, node)) - { - qs = (ngx_quic_stream_t *) node; - - rev = qs->c->read; - rev->error = 1; - rev->ready = 1; - - wev = qs->c->write; - wev->error = 1; - wev->ready = 1; - - ngx_post_event(rev, &ngx_posted_events); - - if (rev->timer_set) { - ngx_del_timer(rev); - } - -#if (NGX_DEBUG) - ns++; -#endif - } - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic connection has %ui active streams", ns); - - return NGX_AGAIN; -} - - -static ngx_int_t -ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) -{ - u_char *p; - ngx_int_t rc; - ngx_uint_t good; - ngx_quic_header_t pkt; - ngx_quic_connection_t *qc; - - good = 0; - - p = b->pos; - - while (p < b->last) { - - ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); - pkt.raw = b; - pkt.data = p; - pkt.len = b->last - p; - pkt.log = c->log; - pkt.flags = p[0]; - pkt.raw->pos++; - - qc = ngx_quic_get_connection(c); - if (qc) { - qc->error = 0; - qc->error_reason = 0; - } - - rc = ngx_quic_process_packet(c, conf, &pkt); - -#if (NGX_DEBUG) - if (pkt.parsed) { - ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic packet %s done decr:%d pn:%L perr:%ui rc:%i", - ngx_quic_level_name(pkt.level), pkt.decrypted, - pkt.pn, pkt.error, rc); - } else { - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic packet done parse failed rc:%i", rc); - } -#endif - - if (rc == NGX_ERROR) { - return NGX_ERROR; - } - - if (rc == NGX_OK) { - good = 1; - } - - /* NGX_OK || NGX_DECLINED */ - - /* - * we get NGX_DECLINED when there are no keys [yet] available - * to decrypt packet. - * Instead of queueing it, we ignore it and rely on the sender's - * retransmission: - * - * 12.2. Coalescing Packets: - * - * For example, if decryption fails (because the keys are - * not available or any other reason), the receiver MAY either - * discard or buffer the packet for later processing and MUST - * attempt to process the remaining packets. - * - * We also skip packets that don't match connection state - * or cannot be parsed properly. - */ - - /* b->pos is at header end, adjust by actual packet length */ - b->pos = pkt.data + pkt.len; - - /* firefox workaround: skip zero padding at the end of quic packet */ - while (b->pos < b->last && *(b->pos) == 0) { - b->pos++; - } - - p = b->pos; - } - - return good ? NGX_OK : NGX_DECLINED; -} - - -static ngx_int_t -ngx_quic_process_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, - ngx_quic_header_t *pkt) -{ - ngx_int_t rc; - ngx_quic_send_ctx_t *ctx; - ngx_quic_connection_t *qc; - - static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; - - c->log->action = "parsing quic packet"; - - rc = ngx_quic_parse_packet(pkt); - - if (rc == NGX_DECLINED || rc == NGX_ERROR) { - return rc; - } - - pkt->parsed = 1; - - c->log->action = "processing quic packet"; - - qc = ngx_quic_get_connection(c); - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic packet rx dcid len:%uz %xV", - pkt->dcid.len, &pkt->dcid); - -#if (NGX_DEBUG) - if (pkt->level != ssl_encryption_application) { - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic packet rx scid len:%uz %xV", - pkt->scid.len, &pkt->scid); - } - - if (pkt->level == ssl_encryption_initial) { - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic token len:%uz %xV", - pkt->token.len, &pkt->token); - } -#endif - - if (qc) { - - if (rc == NGX_ABORT) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic unsupported version: 0x%xD", pkt->version); - return NGX_DECLINED; - } - - if (pkt->level != ssl_encryption_application) { - if (pkt->version != qc->version) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic version mismatch: 0x%xD", pkt->version); - return NGX_DECLINED; - } - } - - if (ngx_quic_check_peer(qc, pkt) != NGX_OK) { - - if (pkt->level == ssl_encryption_application) { - if (ngx_quic_process_stateless_reset(c, pkt) == NGX_OK) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic stateless reset packet detected"); - - qc->draining = 1; - ngx_quic_close_connection(c, NGX_OK); - - return NGX_OK; - } - - return ngx_quic_send_stateless_reset(c, qc->conf, pkt); - } - - return NGX_DECLINED; - } - - if (qc->in_retry) { - - c->log->action = "retrying quic connection"; - - if (pkt->level != ssl_encryption_initial) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic discard late retry packet"); - return NGX_DECLINED; - } - - if (!pkt->token.len) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic discard retry packet without token"); - return NGX_DECLINED; - } - - qc->odcid.len = pkt->dcid.len; - qc->odcid.data = ngx_pstrdup(c->pool, &pkt->dcid); - if (qc->odcid.data == NULL) { - return NGX_ERROR; - } - - ngx_quic_clear_temp_server_ids(c); - - qc->dcid.len = NGX_QUIC_SERVER_CID_LEN; - qc->dcid.data = ngx_pnalloc(c->pool, qc->dcid.len); - if (qc->dcid.data == NULL) { - return NGX_ERROR; - } - - if (ngx_quic_create_server_id(c, qc->dcid.data) != NGX_OK) { - return NGX_ERROR; - } - - qc->server_seqnum = 0; - - if (ngx_quic_insert_server_id(c, &qc->dcid) == NULL) { - return NGX_ERROR; - } - - qc->tp.initial_scid = qc->dcid; - qc->in_retry = 0; - - if (ngx_quic_init_secrets(c) != NGX_OK) { - return NGX_ERROR; - } - - if (ngx_quic_validate_token(c, pkt) != NGX_OK) { - return NGX_ERROR; - } - - qc->validated = 1; - } - - } else { - - if (rc == NGX_ABORT) { - return ngx_quic_negotiate_version(c, pkt); - } - - if (pkt->level == ssl_encryption_initial) { - - c->log->action = "creating quic connection"; - - if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { - /* 7.2. Negotiating Connection IDs */ - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic too short dcid in initial" - " packet: len:%i", pkt->dcid.len); - return NGX_ERROR; - } - - qc = ngx_quic_new_connection(c, conf, pkt); - if (qc == NULL) { - return NGX_ERROR; - } - - c->udp = &qc->udp; - - if (ngx_terminate || ngx_exiting) { - qc->error = NGX_QUIC_ERR_CONNECTION_REFUSED; - return NGX_ERROR; - } - - if (pkt->token.len) { - rc = ngx_quic_validate_token(c, pkt); - - if (rc == NGX_OK) { - qc->validated = 1; - - } else if (rc == NGX_ERROR) { - return NGX_ERROR; - - } else { - /* NGX_DECLINED */ - if (conf->retry) { - return ngx_quic_send_retry(c); - } - } - - } else if (conf->retry) { - return ngx_quic_send_retry(c); - } - - if (ngx_quic_init_secrets(c) != NGX_OK) { - return NGX_ERROR; - } - - if (ngx_quic_insert_server_id(c, &qc->odcid) == NULL) { - return NGX_ERROR; - } - - qc->server_seqnum = 0; - - if (ngx_quic_insert_server_id(c, &qc->dcid) == NULL) { - return NGX_ERROR; - } - - } else if (pkt->level == ssl_encryption_application) { - return ngx_quic_send_stateless_reset(c, conf, pkt); - - } else { - return NGX_ERROR; - } - } - - c->log->action = "decrypting packet"; - - if (!ngx_quic_keys_available(qc->keys, pkt->level)) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic no level %d keys yet, ignoring packet", pkt->level); - return NGX_DECLINED; - } - - pkt->keys = qc->keys; - pkt->key_phase = qc->key_phase; - pkt->plaintext = buf; - - ctx = ngx_quic_get_send_ctx(qc, pkt->level); - - rc = ngx_quic_decrypt(pkt, &ctx->largest_pn); - if (rc != NGX_OK) { - qc->error = pkt->error; - qc->error_reason = "failed to decrypt packet"; - return rc; - } - - pkt->decrypted = 1; - - if (c->ssl == NULL) { - if (ngx_quic_init_connection(c) != NGX_OK) { - return NGX_ERROR; - } - } - - if (pkt->level == ssl_encryption_handshake) { - /* - * 4.10.1. The successful use of Handshake packets indicates - * that no more Initial packets need to be exchanged - */ - ngx_quic_discard_ctx(c, ssl_encryption_initial); - - if (qc->validated == 0) { - qc->validated = 1; - ngx_post_event(&qc->push, &ngx_posted_events); - } - } - - pkt->received = ngx_current_msec; - - c->log->action = "handling payload"; - - if (pkt->level != ssl_encryption_application) { - return ngx_quic_payload_handler(c, pkt); - } - - if (!pkt->key_update) { - return ngx_quic_payload_handler(c, pkt); - } - - /* switch keys and generate next on Key Phase change */ - - qc->key_phase ^= 1; - ngx_quic_keys_switch(c, qc->keys); - - rc = ngx_quic_payload_handler(c, pkt); - if (rc != NGX_OK) { - return rc; - } - - return ngx_quic_keys_update(c, qc->keys); -} - - -static ngx_int_t -ngx_quic_init_secrets(ngx_connection_t *c) -{ - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (ngx_quic_keys_set_initial_secret(c->pool, qc->keys, &qc->odcid) - != NGX_OK) - { - return NGX_ERROR; - } - - qc->initialized = 1; - - return NGX_OK; -} - - -static void -ngx_quic_discard_ctx(ngx_connection_t *c, enum ssl_encryption_level_t level) -{ - ngx_queue_t *q; - ngx_quic_frame_t *f; - ngx_quic_send_ctx_t *ctx; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (!ngx_quic_keys_available(qc->keys, level)) { - return; - } - - ngx_quic_keys_discard(qc->keys, level); - - qc->pto_count = 0; - - ctx = ngx_quic_get_send_ctx(qc, level); - - while (!ngx_queue_empty(&ctx->sent)) { - q = ngx_queue_head(&ctx->sent); - ngx_queue_remove(q); - - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - ngx_quic_congestion_ack(c, f); - ngx_quic_free_frame(c, f); - } - - while (!ngx_queue_empty(&ctx->frames)) { - q = ngx_queue_head(&ctx->frames); - ngx_queue_remove(q); - - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - ngx_quic_congestion_ack(c, f); - ngx_quic_free_frame(c, f); - } - - if (level == ssl_encryption_initial) { - ngx_quic_clear_temp_server_ids(c); - } - - ctx->send_ack = 0; -} - - -static ngx_int_t -ngx_quic_check_peer(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) -{ - ngx_queue_t *q; - ngx_quic_client_id_t *cid; - - if (pkt->level == ssl_encryption_application) { - return NGX_OK; - } - - for (q = ngx_queue_head(&qc->client_ids); - q != ngx_queue_sentinel(&qc->client_ids); - q = ngx_queue_next(q)) - { - cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); - - if (pkt->scid.len == cid->len - && ngx_memcmp(pkt->scid.data, cid->id, cid->len) == 0) - { - return NGX_OK; - } - } - - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); - return NGX_ERROR; -} - - -static ngx_int_t -ngx_quic_payload_handler(ngx_connection_t *c, ngx_quic_header_t *pkt) -{ - u_char *end, *p; - ssize_t len; - ngx_buf_t buf; - ngx_uint_t do_close; - ngx_chain_t chain; - ngx_quic_frame_t frame; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (qc->closing) { - /* - * 10.1 Closing and Draining Connection States - * ... delayed or reordered packets are properly discarded. - * - * An endpoint retains only enough information to generate - * a packet containing a CONNECTION_CLOSE frame and to identify - * packets as belonging to the connection. - */ - - qc->error_level = pkt->level; - qc->error = NGX_QUIC_ERR_NO_ERROR; - qc->error_reason = "connection is closing, packet discarded"; - qc->error_ftype = 0; - qc->error_app = 0; - - return ngx_quic_send_cc(c); - } - - p = pkt->payload.data; - end = p + pkt->payload.len; - - do_close = 0; - - while (p < end) { - - c->log->action = "parsing frames"; - - ngx_memzero(&buf, sizeof(ngx_buf_t)); - buf.temporary = 1; - - chain.buf = &buf; - chain.next = NULL; - frame.data = &chain; - - len = ngx_quic_parse_frame(pkt, p, end, &frame); - - if (len < 0) { - qc->error = pkt->error; - return NGX_ERROR; - } - - ngx_quic_log_frame(c->log, &frame, 0); - - c->log->action = "handling frames"; - - p += len; - - switch (frame.type) { - - case NGX_QUIC_FT_ACK: - if (ngx_quic_handle_ack_frame(c, pkt, &frame) != NGX_OK) { - return NGX_ERROR; - } - - continue; - - case NGX_QUIC_FT_PADDING: - /* no action required */ - continue; - - case NGX_QUIC_FT_CONNECTION_CLOSE: - case NGX_QUIC_FT_CONNECTION_CLOSE_APP: - do_close = 1; - continue; - } - - /* got there with ack-eliciting packet */ - pkt->need_ack = 1; - - switch (frame.type) { - - case NGX_QUIC_FT_CRYPTO: - - if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_PING: - break; - - case NGX_QUIC_FT_STREAM0: - case NGX_QUIC_FT_STREAM1: - case NGX_QUIC_FT_STREAM2: - case NGX_QUIC_FT_STREAM3: - case NGX_QUIC_FT_STREAM4: - case NGX_QUIC_FT_STREAM5: - case NGX_QUIC_FT_STREAM6: - case NGX_QUIC_FT_STREAM7: - - if (ngx_quic_handle_stream_frame(c, pkt, &frame) != NGX_OK) { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_MAX_DATA: - - if (ngx_quic_handle_max_data_frame(c, &frame.u.max_data) != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_STREAMS_BLOCKED: - case NGX_QUIC_FT_STREAMS_BLOCKED2: - - if (ngx_quic_handle_streams_blocked_frame(c, pkt, - &frame.u.streams_blocked) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_STREAM_DATA_BLOCKED: - - if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, - &frame.u.stream_data_blocked) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_MAX_STREAM_DATA: - - if (ngx_quic_handle_max_stream_data_frame(c, pkt, - &frame.u.max_stream_data) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_RESET_STREAM: - - if (ngx_quic_handle_reset_stream_frame(c, pkt, - &frame.u.reset_stream) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_STOP_SENDING: - - if (ngx_quic_handle_stop_sending_frame(c, pkt, - &frame.u.stop_sending) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_MAX_STREAMS: - case NGX_QUIC_FT_MAX_STREAMS2: - - if (ngx_quic_handle_max_streams_frame(c, pkt, &frame.u.max_streams) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_PATH_CHALLENGE: - - if (ngx_quic_handle_path_challenge_frame(c, pkt, - &frame.u.path_challenge) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_NEW_CONNECTION_ID: - - if (ngx_quic_handle_new_connection_id_frame(c, pkt, &frame.u.ncid) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_RETIRE_CONNECTION_ID: - - if (ngx_quic_handle_retire_connection_id_frame(c, pkt, - &frame.u.retire_cid) - != NGX_OK) - { - return NGX_ERROR; - } - - break; - - case NGX_QUIC_FT_PATH_RESPONSE: - - /* TODO: handle */ - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic frame handler not implemented"); - break; - - default: - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic missing frame handler"); - return NGX_ERROR; - } - } - - if (p != end) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic trailing garbage in payload:%ui bytes", end - p); - - qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; - return NGX_ERROR; - } - - if (do_close) { - qc->draining = 1; - ngx_quic_close_connection(c, NGX_OK); - } - - if (ngx_quic_ack_packet(c, pkt) != NGX_OK) { - return NGX_ERROR; - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_ack_packet(ngx_connection_t *c, ngx_quic_header_t *pkt) -{ - uint64_t base, largest, smallest, gs, ge, gap, range, pn; - uint64_t prev_pending; - ngx_uint_t i, nr; - ngx_quic_send_ctx_t *ctx; - ngx_quic_ack_range_t *r; - ngx_quic_connection_t *qc; - - c->log->action = "preparing ack"; - - qc = ngx_quic_get_connection(c); - - ctx = ngx_quic_get_send_ctx(qc, pkt->level); - - ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_ack_packet pn:%uL largest %L fr:%uL" - " nranges:%ui", pkt->pn, (int64_t) ctx->largest_range, - ctx->first_range, ctx->nranges); - - prev_pending = ctx->pending_ack; - - if (pkt->need_ack) { - - ngx_post_event(&qc->push, &ngx_posted_events); - - if (ctx->send_ack == 0) { - ctx->ack_delay_start = ngx_current_msec; - } - - ctx->send_ack++; - - if (ctx->pending_ack == NGX_QUIC_UNSET_PN - || ctx->pending_ack < pkt->pn) - { - ctx->pending_ack = pkt->pn; - } - } - - base = ctx->largest_range; - pn = pkt->pn; - - if (base == NGX_QUIC_UNSET_PN) { - ctx->largest_range = pn; - ctx->largest_received = pkt->received; - return NGX_OK; - } - - if (base == pn) { - return NGX_OK; - } - - largest = base; - smallest = largest - ctx->first_range; - - if (pn > base) { - - if (pn - base == 1) { - ctx->first_range++; - ctx->largest_range = pn; - ctx->largest_received = pkt->received; - - return NGX_OK; - - } else { - /* new gap in front of current largest */ - - /* no place for new range, send current range as is */ - if (ctx->nranges == NGX_QUIC_MAX_RANGES) { - - if (prev_pending != NGX_QUIC_UNSET_PN) { - if (ngx_quic_send_ack(c, ctx) != NGX_OK) { - return NGX_ERROR; - } - } - - if (prev_pending == ctx->pending_ack || !pkt->need_ack) { - ctx->pending_ack = NGX_QUIC_UNSET_PN; - } - } - - gap = pn - base - 2; - range = ctx->first_range; - - ctx->first_range = 0; - ctx->largest_range = pn; - ctx->largest_received = pkt->received; - - /* packet is out of order, force send */ - if (pkt->need_ack) { - ctx->send_ack = NGX_QUIC_MAX_ACK_GAP; - } - - i = 0; - - goto insert; - } - } - - /* pn < base, perform lookup in existing ranges */ - - /* packet is out of order */ - if (pkt->need_ack) { - ctx->send_ack = NGX_QUIC_MAX_ACK_GAP; - } - - if (pn >= smallest && pn <= largest) { - return NGX_OK; - } - -#if (NGX_SUPPRESS_WARN) - r = NULL; -#endif - - for (i = 0; i < ctx->nranges; i++) { - r = &ctx->ranges[i]; - - ge = smallest - 1; - gs = ge - r->gap; - - if (pn >= gs && pn <= ge) { - - if (gs == ge) { - /* gap size is exactly one packet, now filled */ - - /* data moves to previous range, current is removed */ - - if (i == 0) { - ctx->first_range += r->range + 2; - - } else { - ctx->ranges[i - 1].range += r->range + 2; - } - - nr = ctx->nranges - i - 1; - if (nr) { - ngx_memmove(&ctx->ranges[i], &ctx->ranges[i + 1], - sizeof(ngx_quic_ack_range_t) * nr); - } - - ctx->nranges--; - - } else if (pn == gs) { - /* current gap shrinks from tail (current range grows) */ - r->gap--; - r->range++; - - } else if (pn == ge) { - /* current gap shrinks from head (previous range grows) */ - r->gap--; - - if (i == 0) { - ctx->first_range++; - - } else { - ctx->ranges[i - 1].range++; - } - - } else { - /* current gap is split into two parts */ - - gap = ge - pn - 1; - range = 0; - - if (ctx->nranges == NGX_QUIC_MAX_RANGES) { - if (prev_pending != NGX_QUIC_UNSET_PN) { - if (ngx_quic_send_ack(c, ctx) != NGX_OK) { - return NGX_ERROR; - } - } - - if (prev_pending == ctx->pending_ack || !pkt->need_ack) { - ctx->pending_ack = NGX_QUIC_UNSET_PN; - } - } - - r->gap = pn - gs - 1; - goto insert; - } - - return NGX_OK; - } - - largest = smallest - r->gap - 2; - smallest = largest - r->range; - - if (pn >= smallest && pn <= largest) { - /* this packet number is already known */ - return NGX_OK; - } - - } - - if (pn == smallest - 1) { - /* extend first or last range */ - - if (i == 0) { - ctx->first_range++; - - } else { - r->range++; - } - - return NGX_OK; - } - - /* nothing found, add new range at the tail */ - - if (ctx->nranges == NGX_QUIC_MAX_RANGES) { - /* packet is too old to keep it */ - - if (pkt->need_ack) { - return ngx_quic_send_ack_range(c, ctx, pn, pn); - } - - return NGX_OK; - } - - gap = smallest - 2 - pn; - range = 0; - -insert: - - if (ctx->nranges < NGX_QUIC_MAX_RANGES) { - ctx->nranges++; - } - - ngx_memmove(&ctx->ranges[i + 1], &ctx->ranges[i], - sizeof(ngx_quic_ack_range_t) * (ctx->nranges - i - 1)); - - ctx->ranges[i].gap = gap; - ctx->ranges[i].range = range; - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_send_ack_range(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, - uint64_t smallest, uint64_t largest) -{ - ngx_quic_frame_t *frame; - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - frame->level = ctx->level; - frame->type = NGX_QUIC_FT_ACK; - frame->u.ack.largest = largest; - frame->u.ack.delay = 0; - frame->u.ack.range_count = 0; - frame->u.ack.first_range = largest - smallest; - - return NGX_OK; -} - - -static void -ngx_quic_drop_ack_ranges(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, - uint64_t pn) -{ - uint64_t base; - ngx_uint_t i, smallest, largest; - ngx_quic_ack_range_t *r; - - ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_drop_ack_ranges pn:%uL largest:%uL" - " fr:%uL nranges:%ui", pn, ctx->largest_range, - ctx->first_range, ctx->nranges); - - base = ctx->largest_range; - - if (base == NGX_QUIC_UNSET_PN) { - return; - } - - if (ctx->pending_ack != NGX_QUIC_UNSET_PN && pn >= ctx->pending_ack) { - ctx->pending_ack = NGX_QUIC_UNSET_PN; - } - - largest = base; - smallest = largest - ctx->first_range; - - if (pn >= largest) { - ctx->largest_range = NGX_QUIC_UNSET_PN; - ctx->first_range = 0; - ctx->nranges = 0; - return; - } - - if (pn >= smallest) { - ctx->first_range = largest - pn - 1; - ctx->nranges = 0; - return; - } - - for (i = 0; i < ctx->nranges; i++) { - r = &ctx->ranges[i]; - - largest = smallest - r->gap - 2; - smallest = largest - r->range; - - if (pn >= largest) { - ctx->nranges = i; - return; - } - if (pn >= smallest) { - r->range = largest - pn - 1; - ctx->nranges = i + 1; - return; - } - } -} - - -static ngx_int_t -ngx_quic_send_ack(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) -{ - size_t len, left; - uint64_t ack_delay; - ngx_buf_t *b; - ngx_uint_t i; - ngx_chain_t *cl, **ll; - ngx_quic_frame_t *frame; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - ack_delay = ngx_current_msec - ctx->largest_received; - ack_delay *= 1000; - ack_delay >>= qc->ctp.ack_delay_exponent; - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - ll = &frame->data; - b = NULL; - - for (i = 0; i < ctx->nranges; i++) { - len = ngx_quic_create_ack_range(NULL, ctx->ranges[i].gap, - ctx->ranges[i].range); - - left = b ? b->end - b->last : 0; - - if (left < len) { - cl = ngx_quic_alloc_buf(c); - if (cl == NULL) { - return NGX_ERROR; - } - - *ll = cl; - ll = &cl->next; - - b = cl->buf; - left = b->end - b->last; - - if (left < len) { - return NGX_ERROR; - } - } - - b->last += ngx_quic_create_ack_range(b->last, ctx->ranges[i].gap, - ctx->ranges[i].range); - - frame->u.ack.ranges_length += len; - } - - *ll = NULL; - - frame->level = ctx->level; - frame->type = NGX_QUIC_FT_ACK; - frame->u.ack.largest = ctx->largest_range; - frame->u.ack.delay = ack_delay; - frame->u.ack.range_count = ctx->nranges; - frame->u.ack.first_range = ctx->first_range; - - ngx_quic_queue_frame(qc, frame); - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_send_cc(ngx_connection_t *c) -{ - ngx_quic_frame_t *frame; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (qc->draining) { - return NGX_OK; - } - - if (!qc->initialized) { - /* try to initialize secrets to send an early error */ - if (ngx_quic_init_secrets(c) != NGX_OK) { - return NGX_OK; - } - } - - if (qc->closing - && ngx_current_msec - qc->last_cc < NGX_QUIC_CC_MIN_INTERVAL) - { - /* dot not send CC too often */ - return NGX_OK; - } - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - frame->level = qc->error_level; - frame->type = NGX_QUIC_FT_CONNECTION_CLOSE; - frame->u.close.error_code = qc->error; - frame->u.close.frame_type = qc->error_ftype; - frame->u.close.app = qc->error_app; - - if (qc->error_reason) { - frame->u.close.reason.len = ngx_strlen(qc->error_reason); - frame->u.close.reason.data = (u_char *) qc->error_reason; - } - - ngx_quic_queue_frame(qc, frame); - - qc->last_cc = ngx_current_msec; - - return ngx_quic_output(c); -} - - -static ngx_int_t -ngx_quic_send_new_token(ngx_connection_t *c) -{ - ngx_str_t token; - ngx_quic_frame_t *frame; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (!qc->conf->retry) { - return NGX_OK; - } - - if (ngx_quic_new_token(c, &token) != NGX_OK) { - return NGX_ERROR; - } - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_NEW_TOKEN; - frame->u.token.length = token.len; - frame->u.token.data = token.data; - - ngx_quic_queue_frame(qc, frame); - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_ack_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, - ngx_quic_frame_t *f) -{ - ssize_t n; - u_char *pos, *end; - uint64_t min, max, gap, range; - ngx_msec_t send_time; - ngx_uint_t i; - ngx_quic_send_ctx_t *ctx; - ngx_quic_ack_frame_t *ack; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - ctx = ngx_quic_get_send_ctx(qc, pkt->level); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_handle_ack_frame level:%d", pkt->level); - - ack = &f->u.ack; - - /* - * If any computed packet number is negative, an endpoint MUST - * generate a connection error of type FRAME_ENCODING_ERROR. - * (19.3.1) - */ - - if (ack->first_range > ack->largest) { - qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic invalid first range in ack frame"); - return NGX_ERROR; - } - - min = ack->largest - ack->first_range; - max = ack->largest; - - if (ngx_quic_handle_ack_frame_range(c, ctx, min, max, &send_time) - != NGX_OK) - { - return NGX_ERROR; - } - - /* 13.2.3. Receiver Tracking of ACK Frames */ - if (ctx->largest_ack < max || ctx->largest_ack == NGX_QUIC_UNSET_PN) { - ctx->largest_ack = max; - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic updated largest received ack:%uL", max); - - /* - * An endpoint generates an RTT sample on receiving an - * ACK frame that meets the following two conditions: - * - * - the largest acknowledged packet number is newly acknowledged - * - at least one of the newly acknowledged packets was ack-eliciting. - */ - - if (send_time != NGX_TIMER_INFINITE) { - ngx_quic_rtt_sample(c, ack, pkt->level, send_time); - } - } - - if (f->data) { - pos = f->data->buf->pos; - end = f->data->buf->last; - - } else { - pos = NULL; - end = NULL; - } - - for (i = 0; i < ack->range_count; i++) { - - n = ngx_quic_parse_ack_range(pkt->log, pos, end, &gap, &range); - if (n == NGX_ERROR) { - return NGX_ERROR; - } - pos += n; - - if (gap + 2 > min) { - qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic invalid range:%ui in ack frame", i); - return NGX_ERROR; - } - - max = min - gap - 2; - - if (range > max) { - qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic invalid range:%ui in ack frame", i); - return NGX_ERROR; - } - - min = max - range; - - if (ngx_quic_handle_ack_frame_range(c, ctx, min, max, &send_time) - != NGX_OK) - { - return NGX_ERROR; - } - } - - return ngx_quic_detect_lost(c); -} - - -static ngx_int_t -ngx_quic_handle_ack_frame_range(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, - uint64_t min, uint64_t max, ngx_msec_t *send_time) -{ - ngx_uint_t found; - ngx_queue_t *q; - ngx_quic_frame_t *f; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - *send_time = NGX_TIMER_INFINITE; - found = 0; - - q = ngx_queue_last(&ctx->sent); - - while (q != ngx_queue_sentinel(&ctx->sent)) { - - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - q = ngx_queue_prev(q); - - if (f->pnum >= min && f->pnum <= max) { - ngx_quic_congestion_ack(c, f); - - switch (f->type) { - case NGX_QUIC_FT_ACK: - case NGX_QUIC_FT_ACK_ECN: - ngx_quic_drop_ack_ranges(c, ctx, f->u.ack.largest); - break; - - case NGX_QUIC_FT_STREAM0: - case NGX_QUIC_FT_STREAM1: - case NGX_QUIC_FT_STREAM2: - case NGX_QUIC_FT_STREAM3: - case NGX_QUIC_FT_STREAM4: - case NGX_QUIC_FT_STREAM5: - case NGX_QUIC_FT_STREAM6: - case NGX_QUIC_FT_STREAM7: - ngx_quic_handle_stream_ack(c, f); - break; - } - - if (f->pnum == max) { - *send_time = f->last; - } - - ngx_queue_remove(&f->queue); - ngx_quic_free_frame(c, f); - found = 1; - } - } - - if (!found) { - - if (max < ctx->pnum) { - /* duplicate ACK or ACK for non-ack-eliciting frame */ - return NGX_OK; - } - - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic ACK for the packet not sent"); - - qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; - qc->error_ftype = NGX_QUIC_FT_ACK; - qc->error_reason = "unknown packet number"; - - return NGX_ERROR; - } - - if (!qc->push.timer_set) { - ngx_post_event(&qc->push, &ngx_posted_events); - } - - qc->pto_count = 0; - - return NGX_OK; -} - - -static void -ngx_quic_rtt_sample(ngx_connection_t *c, ngx_quic_ack_frame_t *ack, - enum ssl_encryption_level_t level, ngx_msec_t send_time) -{ - ngx_msec_t latest_rtt, ack_delay, adjusted_rtt, rttvar_sample; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - latest_rtt = ngx_current_msec - send_time; - qc->latest_rtt = latest_rtt; - - if (qc->min_rtt == NGX_TIMER_INFINITE) { - qc->min_rtt = latest_rtt; - qc->avg_rtt = latest_rtt; - qc->rttvar = latest_rtt / 2; - - } else { - qc->min_rtt = ngx_min(qc->min_rtt, latest_rtt); - - ack_delay = ack->delay * (1 << qc->ctp.ack_delay_exponent) / 1000; - - if (c->ssl->handshaked) { - ack_delay = ngx_min(ack_delay, qc->ctp.max_ack_delay); - } - - adjusted_rtt = latest_rtt; - - if (qc->min_rtt + ack_delay < latest_rtt) { - adjusted_rtt -= ack_delay; - } - - qc->avg_rtt = 0.875 * qc->avg_rtt + 0.125 * adjusted_rtt; - rttvar_sample = ngx_abs((ngx_msec_int_t) (qc->avg_rtt - adjusted_rtt)); - qc->rttvar = 0.75 * qc->rttvar + 0.25 * rttvar_sample; - } - - ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic rtt sample latest:%M min:%M avg:%M var:%M", - latest_rtt, qc->min_rtt, qc->avg_rtt, qc->rttvar); -} - - -static ngx_inline ngx_msec_t -ngx_quic_pto(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) -{ - ngx_msec_t duration; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - /* PTO calculation: quic-recovery, Appendix 8 */ - duration = qc->avg_rtt; - - duration += ngx_max(4 * qc->rttvar, NGX_QUIC_TIME_GRANULARITY); - duration <<= qc->pto_count; - - if (qc->congestion.in_flight == 0) { /* no in-flight packets */ - return duration; - } - - if (ctx->level == ssl_encryption_application && c->ssl->handshaked) { - duration += qc->ctp.max_ack_delay << qc->pto_count; - } - - return duration; -} - - -static void -ngx_quic_handle_stream_ack(ngx_connection_t *c, ngx_quic_frame_t *f) -{ - uint64_t sent, unacked; - ngx_event_t *wev; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - sn = ngx_quic_find_stream(&qc->streams.tree, f->u.stream.stream_id); - if (sn == NULL) { - return; - } - - wev = sn->c->write; - sent = sn->c->sent; - unacked = sent - sn->acked; - - if (unacked >= NGX_QUIC_STREAM_BUFSIZE && wev->active) { - wev->ready = 1; - ngx_post_event(wev, &ngx_posted_events); - } - - sn->acked += f->u.stream.length; - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, sn->c->log, 0, - "quic stream ack len:%uL acked:%uL unacked:%uL", - f->u.stream.length, sn->acked, sent - sn->acked); -} - - -static ngx_int_t -ngx_quic_handle_ordered_frame(ngx_connection_t *c, ngx_quic_frames_stream_t *fs, - ngx_quic_frame_t *frame, ngx_quic_frame_handler_pt handler, void *data) -{ - size_t full_len; - ngx_int_t rc; - ngx_queue_t *q; - ngx_quic_ordered_frame_t *f; - - f = &frame->u.ord; - - if (f->offset > fs->received) { - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic out-of-order frame: expecting:%uL got:%uL", - fs->received, f->offset); - - return ngx_quic_buffer_frame(c, fs, frame); - } - - if (f->offset < fs->received) { - - if (ngx_quic_adjust_frame_offset(c, frame, fs->received) - == NGX_DONE) - { - /* old/duplicate data range */ - return handler == ngx_quic_crypto_input ? NGX_DECLINED : NGX_OK; - } - - /* intersecting data range, frame modified */ - } - - /* f->offset == fs->received */ - - rc = handler(c, frame, data); - if (rc == NGX_ERROR) { - return NGX_ERROR; - - } else if (rc == NGX_DONE) { - /* handler destroyed stream, queue no longer exists */ - return NGX_OK; - } - - /* rc == NGX_OK */ - - fs->received += f->length; - - /* now check the queue if we can continue with buffered frames */ - - do { - q = ngx_queue_head(&fs->frames); - if (q == ngx_queue_sentinel(&fs->frames)) { - break; - } - - frame = ngx_queue_data(q, ngx_quic_frame_t, queue); - f = &frame->u.ord; - - if (f->offset > fs->received) { - /* gap found, nothing more to do */ - break; - } - - full_len = f->length; - - if (f->offset < fs->received) { - - if (ngx_quic_adjust_frame_offset(c, frame, fs->received) - == NGX_DONE) - { - /* old/duplicate data range */ - ngx_queue_remove(q); - fs->total -= f->length; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic skipped buffered frame, total:%ui", - fs->total); - ngx_quic_free_frame(c, frame); - continue; - } - - /* frame was adjusted, proceed to input */ - } - - /* f->offset == fs->received */ - - rc = handler(c, frame, data); - - if (rc == NGX_ERROR) { - return NGX_ERROR; - - } else if (rc == NGX_DONE) { - /* handler destroyed stream, queue no longer exists */ - return NGX_OK; - } - - fs->received += f->length; - fs->total -= full_len; - - ngx_queue_remove(q); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic consumed buffered frame, total:%ui", fs->total); - - ngx_quic_free_frame(c, frame); - - } while (1); - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_adjust_frame_offset(ngx_connection_t *c, ngx_quic_frame_t *frame, - uint64_t offset_in) -{ - size_t tail, n; - ngx_buf_t *b; - ngx_chain_t *cl; - ngx_quic_ordered_frame_t *f; - - f = &frame->u.ord; - - tail = offset_in - f->offset; - - if (tail >= f->length) { - /* range preceeding already received data or duplicate, ignore */ - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic old or duplicate data in ordered frame, ignored"); - return NGX_DONE; - } - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic adjusted ordered frame data start to expected offset"); - - /* intersecting range: adjust data size */ - - f->offset += tail; - f->length -= tail; - - for (cl = frame->data; cl; cl = cl->next) { - b = cl->buf; - n = ngx_buf_size(b); - - if (n >= tail) { - b->pos += tail; - break; - } - - cl->buf->pos = cl->buf->last; - tail -= n; - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_buffer_frame(ngx_connection_t *c, ngx_quic_frames_stream_t *fs, - ngx_quic_frame_t *frame) -{ - ngx_queue_t *q; - ngx_quic_frame_t *dst, *item; - ngx_quic_ordered_frame_t *f, *df; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ngx_quic_buffer_frame"); - - f = &frame->u.ord; - - /* frame start offset is in the future, buffer it */ - - dst = ngx_quic_alloc_frame(c); - if (dst == NULL) { - return NGX_ERROR; - } - - ngx_memcpy(dst, frame, sizeof(ngx_quic_frame_t)); - - dst->data = ngx_quic_copy_chain(c, frame->data, 0); - if (dst->data == NGX_CHAIN_ERROR) { - return NGX_ERROR; - } - - df = &dst->u.ord; - - fs->total += f->length; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ordered frame with unexpected offset:" - " buffered total:%ui", fs->total); - - if (ngx_queue_empty(&fs->frames)) { - ngx_queue_insert_after(&fs->frames, &dst->queue); - return NGX_OK; - } - - for (q = ngx_queue_last(&fs->frames); - q != ngx_queue_sentinel(&fs->frames); - q = ngx_queue_prev(q)) - { - item = ngx_queue_data(q, ngx_quic_frame_t, queue); - f = &item->u.ord; - - if (f->offset < df->offset) { - ngx_queue_insert_after(q, &dst->queue); - return NGX_OK; - } - } - - ngx_queue_insert_after(&fs->frames, &dst->queue); - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_crypto_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, - ngx_quic_frame_t *frame) -{ - uint64_t last; - ngx_int_t rc; - ngx_quic_send_ctx_t *ctx; - ngx_quic_connection_t *qc; - ngx_quic_crypto_frame_t *f; - ngx_quic_frames_stream_t *fs; - - qc = ngx_quic_get_connection(c); - fs = &qc->crypto[pkt->level]; - f = &frame->u.crypto; - - /* no overflow since both values are 62-bit */ - last = f->offset + f->length; - - if (last > fs->received && last - fs->received > NGX_QUIC_MAX_BUFFERED) { - qc->error = NGX_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED; - return NGX_ERROR; - } - - rc = ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_crypto_input, - NULL); - if (rc != NGX_DECLINED) { - return rc; - } - - /* speeding up handshake completion */ - - if (pkt->level == ssl_encryption_initial) { - ctx = ngx_quic_get_send_ctx(qc, pkt->level); - - if (!ngx_queue_empty(&ctx->sent)) { - ngx_quic_resend_frames(c, ctx); - - ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_handshake); - while (!ngx_queue_empty(&ctx->sent)) { - ngx_quic_resend_frames(c, ctx); - } - } - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) -{ - int n, sslerr; - ngx_buf_t *b; - ngx_chain_t *cl; - ngx_ssl_conn_t *ssl_conn; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - ssl_conn = c->ssl->connection; - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic SSL_quic_read_level:%d SSL_quic_write_level:%d", - (int) SSL_quic_read_level(ssl_conn), - (int) SSL_quic_write_level(ssl_conn)); - - for (cl = frame->data; cl; cl = cl->next) { - b = cl->buf; - - if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn), - b->pos, b->last - b->pos)) - { - ngx_ssl_error(NGX_LOG_INFO, c->log, 0, - "SSL_provide_quic_data() failed"); - return NGX_ERROR; - } - } - - n = SSL_do_handshake(ssl_conn); - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic SSL_quic_read_level:%d SSL_quic_write_level:%d", - (int) SSL_quic_read_level(ssl_conn), - (int) SSL_quic_write_level(ssl_conn)); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); - - if (n <= 0) { - sslerr = SSL_get_error(ssl_conn, n); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", - sslerr); - - if (sslerr != SSL_ERROR_WANT_READ) { - ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); - return NGX_ERROR; - } - - return NGX_OK; - } - - if (SSL_in_init(ssl_conn)) { - return NGX_OK; - } - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic ssl cipher:%s", SSL_get_cipher(ssl_conn)); - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic handshake completed successfully"); - - c->ssl->handshaked = 1; - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - /* 12.4 Frames and frame types, figure 8 */ - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_HANDSHAKE_DONE; - ngx_quic_queue_frame(qc, frame); - - if (ngx_quic_send_new_token(c) != NGX_OK) { - return NGX_ERROR; - } - - /* - * Generating next keys before a key update is received. - * See quic-tls 9.4 Header Protection Timing Side-Channels. - */ - - if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) { - return NGX_ERROR; - } - - /* - * 4.10.2 An endpoint MUST discard its handshake keys - * when the TLS handshake is confirmed - */ - ngx_quic_discard_ctx(c, ssl_encryption_handshake); - - if (ngx_quic_issue_server_ids(c) != NGX_OK) { - return NGX_ERROR; - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_stream_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, - ngx_quic_frame_t *frame) -{ - size_t window; - uint64_t last; - ngx_buf_t *b; - ngx_pool_t *pool; - ngx_connection_t *sc; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - ngx_quic_stream_frame_t *f; - ngx_quic_frames_stream_t *fs; - - qc = ngx_quic_get_connection(c); - f = &frame->u.stream; - - if ((f->stream_id & NGX_QUIC_STREAM_UNIDIRECTIONAL) - && (f->stream_id & NGX_QUIC_STREAM_SERVER_INITIATED)) - { - qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; - return NGX_ERROR; - } - - /* no overflow since both values are 62-bit */ - last = f->offset + f->length; - - sn = ngx_quic_find_stream(&qc->streams.tree, f->stream_id); - - if (sn == NULL) { - sn = ngx_quic_create_client_stream(c, f->stream_id); - - if (sn == NULL) { - return NGX_ERROR; - } - - if (sn == NGX_QUIC_STREAM_GONE) { - return NGX_OK; - } - - sc = sn->c; - fs = &sn->fs; - b = sn->b; - window = b->end - b->last; - - if (last > window) { - qc->error = NGX_QUIC_ERR_FLOW_CONTROL_ERROR; - goto cleanup; - } - - if (ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, - sn) - != NGX_OK) - { - goto cleanup; - } - - sc->listening->handler(sc); - - return NGX_OK; - } - - fs = &sn->fs; - b = sn->b; - window = (b->pos - b->start) + (b->end - b->last); - - if (last > fs->received && last - fs->received > window) { - qc->error = NGX_QUIC_ERR_FLOW_CONTROL_ERROR; - return NGX_ERROR; - } - - return ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, - sn); - -cleanup: - - pool = sc->pool; - - ngx_close_connection(sc); - ngx_destroy_pool(pool); - - return NGX_ERROR; -} - - -static ngx_int_t -ngx_quic_stream_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) -{ - uint64_t id; - ngx_buf_t *b; - ngx_event_t *rev; - ngx_chain_t *cl; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - ngx_quic_stream_frame_t *f; - - qc = ngx_quic_get_connection(c); - sn = data; - - f = &frame->u.stream; - id = f->stream_id; - - b = sn->b; - - if ((size_t) ((b->pos - b->start) + (b->end - b->last)) < f->length) { - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic no space in stream buffer"); - return NGX_ERROR; - } - - if ((size_t) (b->end - b->last) < f->length) { - b->last = ngx_movemem(b->start, b->pos, b->last - b->pos); - b->pos = b->start; - } - - for (cl = frame->data; cl; cl = cl->next) { - b->last = ngx_cpymem(b->last, cl->buf->pos, - cl->buf->last - cl->buf->pos); - } - - rev = sn->c->read; - rev->ready = 1; - - if (f->fin) { - rev->pending_eof = 1; - } - - if (rev->active) { - rev->handler(rev); - } - - /* check if stream was destroyed by handler */ - if (ngx_quic_find_stream(&qc->streams.tree, id) == NULL) { - return NGX_DONE; - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_max_data_frame(ngx_connection_t *c, - ngx_quic_max_data_frame_t *f) -{ - ngx_event_t *wev; - ngx_rbtree_t *tree; - ngx_rbtree_node_t *node; - ngx_quic_stream_t *qs; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - tree = &qc->streams.tree; - - if (f->max_data <= qc->streams.send_max_data) { - return NGX_OK; - } - - if (qc->streams.sent >= qc->streams.send_max_data) { - - for (node = ngx_rbtree_min(tree->root, tree->sentinel); - node; - node = ngx_rbtree_next(tree, node)) - { - qs = (ngx_quic_stream_t *) node; - wev = qs->c->write; - - if (wev->active) { - wev->ready = 1; - ngx_post_event(wev, &ngx_posted_events); - } - } - } - - qc->streams.send_max_data = f->max_data; - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f) -{ - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_stream_data_blocked_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_stream_data_blocked_frame_t *f) -{ - size_t n; - ngx_buf_t *b; - ngx_quic_frame_t *frame; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) - && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) - { - qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; - return NGX_ERROR; - } - - sn = ngx_quic_find_stream(&qc->streams.tree, f->id); - - if (sn == NULL) { - sn = ngx_quic_create_client_stream(c, f->id); - - if (sn == NULL) { - return NGX_ERROR; - } - - if (sn == NGX_QUIC_STREAM_GONE) { - return NGX_OK; - } - - b = sn->b; - n = b->end - b->last; - - sn->c->listening->handler(sn->c); - - } else { - b = sn->b; - n = sn->fs.received + (b->pos - b->start) + (b->end - b->last); - } - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - frame->level = pkt->level; - frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; - frame->u.max_stream_data.id = f->id; - frame->u.max_stream_data.limit = n; - - ngx_quic_queue_frame(qc, frame); - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_max_stream_data_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_max_stream_data_frame_t *f) -{ - uint64_t sent; - ngx_event_t *wev; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) - && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) - { - qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; - return NGX_ERROR; - } - - sn = ngx_quic_find_stream(&qc->streams.tree, f->id); - - if (sn == NULL) { - sn = ngx_quic_create_client_stream(c, f->id); - - if (sn == NULL) { - return NGX_ERROR; - } - - if (sn == NGX_QUIC_STREAM_GONE) { - return NGX_OK; - } - - if (f->limit > sn->send_max_data) { - sn->send_max_data = f->limit; - } - - sn->c->listening->handler(sn->c); - - return NGX_OK; - } - - if (f->limit <= sn->send_max_data) { - return NGX_OK; - } - - sent = sn->c->sent; - - if (sent >= sn->send_max_data) { - wev = sn->c->write; - - if (wev->active) { - wev->ready = 1; - ngx_post_event(wev, &ngx_posted_events); - } - } - - sn->send_max_data = f->limit; - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_reset_stream_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_reset_stream_frame_t *f) -{ - ngx_event_t *rev; - ngx_connection_t *sc; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) - && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) - { - qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; - return NGX_ERROR; - } - - sn = ngx_quic_find_stream(&qc->streams.tree, f->id); - - if (sn == NULL) { - sn = ngx_quic_create_client_stream(c, f->id); - - if (sn == NULL) { - return NGX_ERROR; - } - - if (sn == NGX_QUIC_STREAM_GONE) { - return NGX_OK; - } - - sc = sn->c; - - rev = sc->read; - rev->error = 1; - rev->ready = 1; - - sc->listening->handler(sc); - - return NGX_OK; - } - - rev = sn->c->read; - rev->error = 1; - rev->ready = 1; - - if (rev->active) { - rev->handler(rev); - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_stop_sending_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_stop_sending_frame_t *f) -{ - ngx_event_t *wev; - ngx_connection_t *sc; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) - && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) - { - qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; - return NGX_ERROR; - } - - sn = ngx_quic_find_stream(&qc->streams.tree, f->id); - - if (sn == NULL) { - sn = ngx_quic_create_client_stream(c, f->id); - - if (sn == NULL) { - return NGX_ERROR; - } - - if (sn == NGX_QUIC_STREAM_GONE) { - return NGX_OK; - } - - sc = sn->c; - - wev = sc->write; - wev->error = 1; - wev->ready = 1; - - sc->listening->handler(sc); - - return NGX_OK; - } - - wev = sn->c->write; - wev->error = 1; - wev->ready = 1; - - if (wev->active) { - wev->handler(wev); - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_max_streams_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_max_streams_frame_t *f) -{ - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (f->bidi) { - if (qc->streams.server_max_streams_bidi < f->limit) { - qc->streams.server_max_streams_bidi = f->limit; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic max_streams_bidi:%uL", f->limit); - } - - } else { - if (qc->streams.server_max_streams_uni < f->limit) { - qc->streams.server_max_streams_uni = f->limit; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic max_streams_uni:%uL", f->limit); - } - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f) -{ - ngx_quic_frame_t *frame; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - frame->level = pkt->level; - frame->type = NGX_QUIC_FT_PATH_RESPONSE; - frame->u.path_response = *f; - - ngx_quic_queue_frame(qc, frame); - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_new_connection_id_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_new_conn_id_frame_t *f) -{ - ngx_queue_t *q; - ngx_quic_client_id_t *cid, *item; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (f->seqnum < qc->max_retired_seqnum) { - /* - * An endpoint that receives a NEW_CONNECTION_ID frame with - * a sequence number smaller than the Retire Prior To field - * of a previously received NEW_CONNECTION_ID frame MUST send - * a corresponding RETIRE_CONNECTION_ID frame that retires - * the newly received connection ID, unless it has already - * done so for that sequence number. - */ - - if (ngx_quic_retire_connection_id(c, pkt->level, f->seqnum) != NGX_OK) { - return NGX_ERROR; - } - - goto retire; - } - - cid = NULL; - - for (q = ngx_queue_head(&qc->client_ids); - q != ngx_queue_sentinel(&qc->client_ids); - q = ngx_queue_next(q)) - { - item = ngx_queue_data(q, ngx_quic_client_id_t, queue); - - if (item->seqnum == f->seqnum) { - cid = item; - break; - } - } - - if (cid) { - /* - * Transmission errors, timeouts and retransmissions might cause the - * same NEW_CONNECTION_ID frame to be received multiple times - */ - - if (cid->len != f->len - || ngx_strncmp(cid->id, f->cid, f->len) != 0 - || ngx_strncmp(cid->sr_token, f->srt, NGX_QUIC_SR_TOKEN_LEN) != 0) - { - /* - * ..a sequence number is used for different connection IDs, - * the endpoint MAY treat that receipt as a connection error - * of type PROTOCOL_VIOLATION. - */ - qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; - qc->error_reason = "seqnum refers to different connection id/token"; - return NGX_ERROR; - } - - } else { - - cid = ngx_quic_alloc_client_id(c, qc); - if (cid == NULL) { - return NGX_ERROR; - } - - cid->seqnum = f->seqnum; - cid->len = f->len; - ngx_memcpy(cid->id, f->cid, f->len); - - ngx_memcpy(cid->sr_token, f->srt, NGX_QUIC_SR_TOKEN_LEN); - - ngx_queue_insert_tail(&qc->client_ids, &cid->queue); - qc->nclient_ids++; - - /* always use latest available connection id */ - if (f->seqnum > qc->client_seqnum) { - qc->scid.len = cid->len; - qc->scid.data = cid->id; - qc->client_seqnum = f->seqnum; - } - } - -retire: - - if (qc->max_retired_seqnum && f->retire <= qc->max_retired_seqnum) { - /* - * Once a sender indicates a Retire Prior To value, smaller values sent - * in subsequent NEW_CONNECTION_ID frames have no effect. A receiver - * MUST ignore any Retire Prior To fields that do not increase the - * largest received Retire Prior To value. - */ - goto done; - } - - qc->max_retired_seqnum = f->retire; - - q = ngx_queue_head(&qc->client_ids); - - while (q != ngx_queue_sentinel(&qc->client_ids)) { - - cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); - q = ngx_queue_next(q); - - if (cid->seqnum >= f->retire) { - continue; - } - - /* this connection id must be retired */ - - if (ngx_quic_retire_connection_id(c, pkt->level, cid->seqnum) - != NGX_OK) - { - return NGX_ERROR; - } - - ngx_queue_remove(&cid->queue); - ngx_queue_insert_head(&qc->free_client_ids, &cid->queue); - qc->nclient_ids--; - } - -done: - - if (qc->nclient_ids > qc->tp.active_connection_id_limit) { - /* - * After processing a NEW_CONNECTION_ID frame and - * adding and retiring active connection IDs, if the number of active - * connection IDs exceeds the value advertised in its - * active_connection_id_limit transport parameter, an endpoint MUST - * close the connection with an error of type CONNECTION_ID_LIMIT_ERROR. - */ - qc->error = NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR; - qc->error_reason = "too many connection ids received"; - return NGX_ERROR; - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_retire_connection_id(ngx_connection_t *c, - enum ssl_encryption_level_t level, uint64_t seqnum) -{ - ngx_quic_frame_t *frame; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - frame->level = level; - frame->type = NGX_QUIC_FT_RETIRE_CONNECTION_ID; - frame->u.retire_cid.sequence_number = seqnum; - - ngx_quic_queue_frame(qc, frame); - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_handle_retire_connection_id_frame(ngx_connection_t *c, - ngx_quic_header_t *pkt, ngx_quic_retire_cid_frame_t *f) -{ - ngx_queue_t *q; - ngx_quic_server_id_t *sid; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - for (q = ngx_queue_head(&qc->server_ids); - q != ngx_queue_sentinel(&qc->server_ids); - q = ngx_queue_next(q)) - { - sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); - - if (sid->seqnum == f->sequence_number) { - ngx_queue_remove(q); - ngx_queue_insert_tail(&qc->free_server_ids, &sid->queue); - ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); - qc->nserver_ids--; - break; - } - } - - return ngx_quic_issue_server_ids(c); -} - - -static ngx_int_t -ngx_quic_issue_server_ids(ngx_connection_t *c) -{ - ngx_str_t dcid; - ngx_uint_t n; - ngx_quic_frame_t *frame; - ngx_quic_server_id_t *sid; - ngx_quic_connection_t *qc; - u_char id[NGX_QUIC_SERVER_CID_LEN]; - - qc = ngx_quic_get_connection(c); - - n = ngx_min(NGX_QUIC_MAX_SERVER_IDS, qc->ctp.active_connection_id_limit); - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic issue server ids has:%ui max:%ui", qc->nserver_ids, n); - - while (qc->nserver_ids < n) { - if (ngx_quic_create_server_id(c, id) != NGX_OK) { - return NGX_ERROR; - } - - dcid.len = NGX_QUIC_SERVER_CID_LEN; - dcid.data = id; - - sid = ngx_quic_insert_server_id(c, &dcid); - if (sid == NULL) { - return NGX_ERROR; - } - - frame = ngx_quic_alloc_frame(c); - if (frame == NULL) { - return NGX_ERROR; - } - - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_NEW_CONNECTION_ID; - frame->u.ncid.seqnum = sid->seqnum; - frame->u.ncid.retire = 0; - frame->u.ncid.len = NGX_QUIC_SERVER_CID_LEN; - ngx_memcpy(frame->u.ncid.cid, id, NGX_QUIC_SERVER_CID_LEN); - - if (ngx_quic_new_sr_token(c, &dcid, &qc->conf->sr_token_key, - frame->u.ncid.srt) - != NGX_OK) - { - return NGX_ERROR; - } - - ngx_quic_queue_frame(qc, frame); - } - - return NGX_OK; -} - - -static void -ngx_quic_clear_temp_server_ids(ngx_connection_t *c) -{ - ngx_queue_t *q, *next; - ngx_quic_server_id_t *sid; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic clear temp server ids"); - - for (q = ngx_queue_head(&qc->server_ids); - q != ngx_queue_sentinel(&qc->server_ids); - q = next) - { - next = ngx_queue_next(q); - sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); - - if (sid->seqnum != NGX_QUIC_UNSET_PN) { - continue; - } - - ngx_queue_remove(q); - ngx_queue_insert_tail(&qc->free_server_ids, &sid->queue); - ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); - qc->nserver_ids--; - } -} - - -static ngx_quic_server_id_t * -ngx_quic_insert_server_id(ngx_connection_t *c, ngx_str_t *id) -{ - ngx_str_t dcid; - ngx_quic_server_id_t *sid; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - sid = ngx_quic_alloc_server_id(c, qc); - if (sid == NULL) { - return NULL; - } - - sid->seqnum = qc->server_seqnum; - - if (qc->server_seqnum != NGX_QUIC_UNSET_PN) { - qc->server_seqnum++; - } - - sid->len = id->len; - ngx_memcpy(sid->id, id->data, id->len); - - ngx_queue_insert_tail(&qc->server_ids, &sid->queue); - qc->nserver_ids++; - - dcid.data = sid->id; - dcid.len = sid->len; - - ngx_insert_udp_connection(c, &sid->udp, &dcid); - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic insert server id seqnum:%uL id len:%uz %xV", - sid->seqnum, id->len, id); - - return sid; -} - - -static ngx_quic_client_id_t * -ngx_quic_alloc_client_id(ngx_connection_t *c, ngx_quic_connection_t *qc) -{ - ngx_queue_t *q; - ngx_quic_client_id_t *cid; - - if (!ngx_queue_empty(&qc->free_client_ids)) { - - q = ngx_queue_head(&qc->free_client_ids); - cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); - - ngx_queue_remove(&cid->queue); - - ngx_memzero(cid, sizeof(ngx_quic_client_id_t)); - - } else { - - cid = ngx_pcalloc(c->pool, sizeof(ngx_quic_client_id_t)); - if (cid == NULL) { - return NULL; - } - } - - return cid; -} - - -static ngx_quic_server_id_t * -ngx_quic_alloc_server_id(ngx_connection_t *c, ngx_quic_connection_t *qc) -{ - ngx_queue_t *q; - ngx_quic_server_id_t *sid; - - if (!ngx_queue_empty(&qc->free_server_ids)) { - - q = ngx_queue_head(&qc->free_server_ids); - sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); - - ngx_queue_remove(&sid->queue); - - ngx_memzero(sid, sizeof(ngx_quic_server_id_t)); - - } else { - - sid = ngx_pcalloc(c->pool, sizeof(ngx_quic_server_id_t)); - if (sid == NULL) { - return NULL; - } - } - - return sid; -} - - -static void -ngx_quic_queue_frame(ngx_quic_connection_t *qc, ngx_quic_frame_t *frame) -{ - ngx_quic_send_ctx_t *ctx; - - ctx = ngx_quic_get_send_ctx(qc, frame->level); - - ngx_queue_insert_tail(&ctx->frames, &frame->queue); - - frame->len = ngx_quic_create_frame(NULL, frame); - /* always succeeds */ - - if (qc->closing) { - return; - } - - ngx_post_event(&qc->push, &ngx_posted_events); -} - - -static ngx_int_t -ngx_quic_output(ngx_connection_t *c) -{ - off_t max; - size_t len, min; - ssize_t n; - u_char *p; - ngx_uint_t i, pad; - ngx_quic_send_ctx_t *ctx; - ngx_quic_connection_t *qc; - static u_char dst[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; - - c->log->action = "sending frames"; - - qc = ngx_quic_get_connection(c); - - for ( ;; ) { - p = dst; - - len = ngx_min(qc->ctp.max_udp_payload_size, - NGX_QUIC_MAX_UDP_PAYLOAD_SIZE); - - if (!qc->validated) { - max = qc->received * 3; - max = (c->sent >= max) ? 0 : max - c->sent; - len = ngx_min(len, (size_t) max); - } - - pad = ngx_quic_get_padding_level(c); - - for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { - - ctx = &qc->send_ctx[i]; - - if (ngx_quic_generate_ack(c, ctx) != NGX_OK) { - return NGX_ERROR; - } - - min = (i == pad && p - dst < NGX_QUIC_MIN_INITIAL_SIZE) - ? NGX_QUIC_MIN_INITIAL_SIZE - (p - dst) : 0; - - n = ngx_quic_output_packet(c, ctx, p, len, min); - if (n == NGX_ERROR) { - return NGX_ERROR; - } - - p += n; - len -= n; - } - - len = p - dst; - if (len == 0) { - break; - } - - n = ngx_quic_send(c, dst, len); - if (n == NGX_ERROR) { - return NGX_ERROR; - } - - if (!qc->send_timer_set && !qc->closing) { - qc->send_timer_set = 1; - ngx_add_timer(c->read, qc->tp.max_idle_timeout); - } - } - - return NGX_OK; -} - - -static ngx_uint_t -ngx_quic_get_padding_level(ngx_connection_t *c) -{ - ngx_queue_t *q; - ngx_quic_frame_t *f; - ngx_quic_send_ctx_t *ctx; - ngx_quic_connection_t *qc; - - /* - * 14.1. Initial Datagram Size - * - * Similarly, a server MUST expand the payload of all UDP datagrams - * carrying ack-eliciting Initial packets to at least the smallest - * allowed maximum datagram size of 1200 bytes - */ - - qc = ngx_quic_get_connection(c); - ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_initial); - - for (q = ngx_queue_head(&ctx->frames); - q != ngx_queue_sentinel(&ctx->frames); - q = ngx_queue_next(q)) - { - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - - if (f->need_ack) { - ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_handshake); - - if (ngx_queue_empty(&ctx->frames)) { - return 0; - } - - return 1; - } - } - - return NGX_QUIC_SEND_CTX_LAST; -} - - -static ngx_int_t -ngx_quic_generate_ack(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) -{ - ngx_msec_t delay; - ngx_quic_connection_t *qc; - - if (!ctx->send_ack) { - return NGX_OK; - } - - if (ctx->level == ssl_encryption_application) { - - delay = ngx_current_msec - ctx->ack_delay_start; - qc = ngx_quic_get_connection(c); - - if (ctx->send_ack < NGX_QUIC_MAX_ACK_GAP - && delay < qc->tp.max_ack_delay) - { - if (!qc->push.timer_set && !qc->closing) { - ngx_add_timer(&qc->push, - qc->tp.max_ack_delay - delay); - } - - return NGX_OK; - } - } - - if (ngx_quic_send_ack(c, ctx) != NGX_OK) { - return NGX_ERROR; - } - - ctx->send_ack = 0; - - return NGX_OK; -} - - -static ssize_t -ngx_quic_output_packet(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, - u_char *data, size_t max, size_t min) -{ - size_t len, hlen, pad_len; - u_char *p; - ssize_t flen; - ngx_str_t out, res; - ngx_int_t rc; - ngx_uint_t nframes; - ngx_msec_t now; - ngx_queue_t *q; - ngx_quic_frame_t *f; - ngx_quic_header_t pkt; - ngx_quic_congestion_t *cg; - ngx_quic_connection_t *qc; - static u_char src[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; - - if (ngx_queue_empty(&ctx->frames)) { - return 0; - } - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic output %s packet max:%uz min:%uz", - ngx_quic_level_name(ctx->level), max, min); - - qc = ngx_quic_get_connection(c); - cg = &qc->congestion; - - hlen = (ctx->level == ssl_encryption_application) - ? NGX_QUIC_MAX_SHORT_HEADER - : NGX_QUIC_MAX_LONG_HEADER; - - hlen += EVP_GCM_TLS_TAG_LEN; - hlen -= NGX_QUIC_MAX_CID_LEN - qc->scid.len; - - ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); - - now = ngx_current_msec; - nframes = 0; - p = src; - len = 0; - - for (q = ngx_queue_head(&ctx->frames); - q != ngx_queue_sentinel(&ctx->frames); - q = ngx_queue_next(q)) - { - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - - if (!pkt.need_ack && f->need_ack && max > cg->window) { - max = cg->window; - } - - if (hlen + len >= max) { - break; - } - - if (hlen + len + f->len > max) { - rc = ngx_quic_split_frame(c, f, max - hlen - len); - - if (rc == NGX_ERROR) { - return NGX_ERROR; - } - - if (rc == NGX_DECLINED) { - break; - } - } - - if (f->need_ack) { - pkt.need_ack = 1; - } - - ngx_quic_log_frame(c->log, f, 1); - - flen = ngx_quic_create_frame(p, f); - if (flen == -1) { - return NGX_ERROR; - } - - len += flen; - p += flen; - - f->pnum = ctx->pnum; - f->first = now; - f->last = now; - f->plen = 0; - - nframes++; - } - - if (nframes == 0) { - return 0; - } - - out.data = src; - out.len = len; - - pkt.keys = qc->keys; - pkt.flags = NGX_QUIC_PKT_FIXED_BIT; - - if (ctx->level == ssl_encryption_initial) { - pkt.flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_INITIAL; - - } else if (ctx->level == ssl_encryption_handshake) { - pkt.flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_HANDSHAKE; - - } else { - if (qc->key_phase) { - pkt.flags |= NGX_QUIC_PKT_KPHASE; - } - } - - ngx_quic_set_packet_number(&pkt, ctx); - - pkt.version = qc->version; - pkt.log = c->log; - pkt.level = ctx->level; - pkt.dcid = qc->scid; - pkt.scid = qc->dcid; - - pad_len = 4; - - if (min) { - hlen = EVP_GCM_TLS_TAG_LEN - + ngx_quic_create_header(&pkt, NULL, out.len, NULL); - - if (min > hlen + pad_len) { - pad_len = min - hlen; - } - } - - if (out.len < pad_len) { - ngx_memset(p, NGX_QUIC_FT_PADDING, pad_len - out.len); - out.len = pad_len; - } - - pkt.payload = out; - - res.data = data; - - ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic packet tx %s bytes:%ui" - " need_ack:%d number:%L encoded nl:%d trunc:0x%xD", - ngx_quic_level_name(ctx->level), out.len, pkt.need_ack, - pkt.number, pkt.num_len, pkt.trunc); - - if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) { - return NGX_ERROR; - } - - ctx->pnum++; - - if (pkt.need_ack) { - /* move frames into the sent queue to wait for ack */ - - if (!qc->closing) { - q = ngx_queue_head(&ctx->frames); - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - f->plen = res.len; - - do { - q = ngx_queue_head(&ctx->frames); - ngx_queue_remove(q); - ngx_queue_insert_tail(&ctx->sent, q); - } while (--nframes); - - if (qc->pto.timer_set) { - ngx_del_timer(&qc->pto); - } - - ngx_add_timer(&qc->pto, ngx_quic_pto(c, ctx)); - } - - cg->in_flight += res.len; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic congestion send if:%uz", cg->in_flight); - } - - while (nframes--) { - q = ngx_queue_head(&ctx->frames); - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - - ngx_queue_remove(q); - ngx_quic_free_frame(c, f); - } - - return res.len; -} - - -static ngx_int_t -ngx_quic_split_frame(ngx_connection_t *c, ngx_quic_frame_t *f, size_t len) -{ - size_t shrink; - ngx_quic_frame_t *nf; - ngx_quic_ordered_frame_t *of, *onf; - - switch (f->type) { - case NGX_QUIC_FT_CRYPTO: - case NGX_QUIC_FT_STREAM0: - case NGX_QUIC_FT_STREAM1: - case NGX_QUIC_FT_STREAM2: - case NGX_QUIC_FT_STREAM3: - case NGX_QUIC_FT_STREAM4: - case NGX_QUIC_FT_STREAM5: - case NGX_QUIC_FT_STREAM6: - case NGX_QUIC_FT_STREAM7: - break; - - default: - return NGX_DECLINED; - } - - if ((size_t) f->len <= len) { - return NGX_OK; - } - - shrink = f->len - len; - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic split frame now:%uz need:%uz shrink:%uz", - f->len, len, shrink); - - of = &f->u.ord; - - if (of->length <= shrink) { - return NGX_DECLINED; - } - - of->length -= shrink; - f->len = ngx_quic_create_frame(NULL, f); - - if ((size_t) f->len > len) { - ngx_log_error(NGX_LOG_ERR, c->log, 0, "could not split QUIC frame"); - return NGX_ERROR; - } - - nf = ngx_quic_alloc_frame(c); - if (nf == NULL) { - return NGX_ERROR; - } - - *nf = *f; - onf = &nf->u.ord; - onf->offset += of->length; - onf->length = shrink; - nf->len = ngx_quic_create_frame(NULL, nf); - - nf->data = ngx_quic_split_bufs(c, f->data, of->length); - if (nf->data == NGX_CHAIN_ERROR) { - return NGX_ERROR; - } - - ngx_queue_insert_after(&f->queue, &nf->queue); - - return NGX_OK; -} - - -static void -ngx_quic_free_frames(ngx_connection_t *c, ngx_queue_t *frames) -{ - ngx_queue_t *q; - ngx_quic_frame_t *f; - - do { - q = ngx_queue_head(frames); - - if (q == ngx_queue_sentinel(frames)) { - break; - } - - ngx_queue_remove(q); - - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - - ngx_quic_free_frame(c, f); - } while (1); -} - - -static ssize_t -ngx_quic_send(ngx_connection_t *c, u_char *buf, size_t len) -{ - ngx_buf_t b; - ngx_chain_t cl, *res; - - ngx_memzero(&b, sizeof(ngx_buf_t)); - - b.pos = b.start = buf; - b.last = b.end = buf + len; - b.last_buf = 1; - b.temporary = 1; - - cl.buf = &b; - cl.next= NULL; - - res = c->send_chain(c, &cl, 0); - if (res == NGX_CHAIN_ERROR) { - return NGX_ERROR; - } - - return len; -} - - -static void -ngx_quic_set_packet_number(ngx_quic_header_t *pkt, ngx_quic_send_ctx_t *ctx) -{ - uint64_t delta; - - delta = ctx->pnum - ctx->largest_ack; - pkt->number = ctx->pnum; - - if (delta <= 0x7F) { - pkt->num_len = 1; - pkt->trunc = ctx->pnum & 0xff; - - } else if (delta <= 0x7FFF) { - pkt->num_len = 2; - pkt->flags |= 0x1; - pkt->trunc = ctx->pnum & 0xffff; - - } else if (delta <= 0x7FFFFF) { - pkt->num_len = 3; - pkt->flags |= 0x2; - pkt->trunc = ctx->pnum & 0xffffff; - - } else { - pkt->num_len = 4; - pkt->flags |= 0x3; - pkt->trunc = ctx->pnum & 0xffffffff; - } -} - - -static void -ngx_quic_pto_handler(ngx_event_t *ev) -{ - ngx_uint_t i; - ngx_queue_t *q; - ngx_connection_t *c; - ngx_quic_frame_t *start; - ngx_quic_send_ctx_t *ctx; - ngx_quic_connection_t *qc; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic pto timer"); - - c = ev->data; - qc = ngx_quic_get_connection(c); - - qc->pto_count++; - - for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { - - ctx = &qc->send_ctx[i]; - - if (ngx_queue_empty(&ctx->sent)) { - continue; - } - - q = ngx_queue_head(&ctx->sent); - start = ngx_queue_data(q, ngx_quic_frame_t, queue); - - if (start->pnum <= ctx->largest_ack - && ctx->largest_ack != NGX_QUIC_UNSET_PN) - { - continue; - } - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic pto pnum:%uL pto_count:%ui level:%d", - start->pnum, qc->pto_count, start->level); - - ngx_quic_resend_frames(c, ctx); - } - - ngx_quic_connstate_dbg(c); -} - - -static void -ngx_quic_push_handler(ngx_event_t *ev) -{ - ngx_connection_t *c; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic push timer"); - - c = ev->data; - - if (ngx_quic_output(c) != NGX_OK) { - ngx_quic_close_connection(c, NGX_ERROR); - return; - } - - ngx_quic_connstate_dbg(c); -} - - -static -void ngx_quic_lost_handler(ngx_event_t *ev) -{ - ngx_connection_t *c; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic lost timer"); - - c = ev->data; - - if (ngx_quic_detect_lost(c) != NGX_OK) { - ngx_quic_close_connection(c, NGX_ERROR); - } - - ngx_quic_connstate_dbg(c); -} - - -static ngx_int_t -ngx_quic_detect_lost(ngx_connection_t *c) -{ - ngx_uint_t i; - ngx_msec_t now, wait, min_wait, thr; - ngx_queue_t *q; - ngx_quic_frame_t *start; - ngx_quic_send_ctx_t *ctx; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - now = ngx_current_msec; - - min_wait = 0; - - thr = NGX_QUIC_TIME_THR * ngx_max(qc->latest_rtt, qc->avg_rtt); - thr = ngx_max(thr, NGX_QUIC_TIME_GRANULARITY); - - for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { - - ctx = &qc->send_ctx[i]; - - if (ctx->largest_ack == NGX_QUIC_UNSET_PN) { - continue; - } - - while (!ngx_queue_empty(&ctx->sent)) { - - q = ngx_queue_head(&ctx->sent); - start = ngx_queue_data(q, ngx_quic_frame_t, queue); - - if (start->pnum > ctx->largest_ack) { - break; - } - - wait = start->last + thr - now; - - ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic detect_lost pnum:%uL thr:%M wait:%i level:%d", - start->pnum, thr, (ngx_int_t) wait, start->level); - - if ((ngx_msec_int_t) wait > 0 - && ctx->largest_ack - start->pnum < NGX_QUIC_PKT_THR) - { - - if (min_wait == 0 || wait < min_wait) { - min_wait = wait; - } - - break; - } - - ngx_quic_resend_frames(c, ctx); - } - } - - /* no more preceeding packets */ - - if (min_wait == 0) { - qc->pto.handler = ngx_quic_pto_handler; - return NGX_OK; - } - - qc->pto.handler = ngx_quic_lost_handler; - - if (qc->pto.timer_set) { - ngx_del_timer(&qc->pto); - } - - ngx_add_timer(&qc->pto, min_wait); - - return NGX_OK; -} - - -static void -ngx_quic_resend_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) -{ - size_t n; - ngx_buf_t *b; - ngx_queue_t *q; - ngx_quic_frame_t *f, *start; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - q = ngx_queue_head(&ctx->sent); - start = ngx_queue_data(q, ngx_quic_frame_t, queue); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic resend packet pnum:%uL", start->pnum); - - ngx_quic_congestion_lost(c, start); - - do { - f = ngx_queue_data(q, ngx_quic_frame_t, queue); - - if (f->pnum != start->pnum) { - break; - } - - q = ngx_queue_next(q); - - ngx_queue_remove(&f->queue); - - switch (f->type) { - case NGX_QUIC_FT_ACK: - case NGX_QUIC_FT_ACK_ECN: - /* force generation of most recent acknowledgment */ - ctx->send_ack = NGX_QUIC_MAX_ACK_GAP; - ngx_quic_free_frame(c, f); - break; - - case NGX_QUIC_FT_PING: - case NGX_QUIC_FT_PATH_RESPONSE: - case NGX_QUIC_FT_CONNECTION_CLOSE: - ngx_quic_free_frame(c, f); - break; - - case NGX_QUIC_FT_MAX_DATA: - f->u.max_data.max_data = qc->streams.recv_max_data; - ngx_quic_queue_frame(qc, f); - break; - - case NGX_QUIC_FT_MAX_STREAMS: - case NGX_QUIC_FT_MAX_STREAMS2: - f->u.max_streams.limit = f->u.max_streams.bidi - ? qc->streams.client_max_streams_bidi - : qc->streams.client_max_streams_uni; - ngx_quic_queue_frame(qc, f); - break; - - case NGX_QUIC_FT_MAX_STREAM_DATA: - sn = ngx_quic_find_stream(&qc->streams.tree, - f->u.max_stream_data.id); - if (sn == NULL) { - ngx_quic_free_frame(c, f); - break; - } - - b = sn->b; - n = sn->fs.received + (b->pos - b->start) + (b->end - b->last); - - if (f->u.max_stream_data.limit < n) { - f->u.max_stream_data.limit = n; - } - - ngx_quic_queue_frame(qc, f); - break; - - case NGX_QUIC_FT_STREAM0: - case NGX_QUIC_FT_STREAM1: - case NGX_QUIC_FT_STREAM2: - case NGX_QUIC_FT_STREAM3: - case NGX_QUIC_FT_STREAM4: - case NGX_QUIC_FT_STREAM5: - case NGX_QUIC_FT_STREAM6: - case NGX_QUIC_FT_STREAM7: - sn = ngx_quic_find_stream(&qc->streams.tree, f->u.stream.stream_id); - - if (sn && sn->c->write->error) { - /* RESET_STREAM was sent */ - ngx_quic_free_frame(c, f); - break; - } - - /* fall through */ - - default: - ngx_queue_insert_tail(&ctx->frames, &f->queue); - } - - } while (q != ngx_queue_sentinel(&ctx->sent)); - - if (qc->closing) { - return; - } - - ngx_post_event(&qc->push, &ngx_posted_events); -} - - -ngx_connection_t * -ngx_quic_open_stream(ngx_connection_t *c, ngx_uint_t bidi) -{ - size_t rcvbuf_size; - uint64_t id; - ngx_quic_stream_t *qs, *sn; - ngx_quic_connection_t *qc; - - qs = c->quic; - qc = ngx_quic_get_connection(qs->parent); - - if (bidi) { - if (qc->streams.server_streams_bidi - >= qc->streams.server_max_streams_bidi) - { - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic too many server bidi streams:%uL", - qc->streams.server_streams_bidi); - return NULL; - } - - id = (qc->streams.server_streams_bidi << 2) - | NGX_QUIC_STREAM_SERVER_INITIATED; - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic creating server bidi stream" - " streams:%uL max:%uL id:0x%xL", - qc->streams.server_streams_bidi, - qc->streams.server_max_streams_bidi, id); - - qc->streams.server_streams_bidi++; - rcvbuf_size = qc->tp.initial_max_stream_data_bidi_local; - - } else { - if (qc->streams.server_streams_uni - >= qc->streams.server_max_streams_uni) - { - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic too many server uni streams:%uL", - qc->streams.server_streams_uni); - return NULL; - } - - id = (qc->streams.server_streams_uni << 2) - | NGX_QUIC_STREAM_SERVER_INITIATED - | NGX_QUIC_STREAM_UNIDIRECTIONAL; - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic creating server uni stream" - " streams:%uL max:%uL id:0x%xL", - qc->streams.server_streams_uni, - qc->streams.server_max_streams_uni, id); - - qc->streams.server_streams_uni++; - rcvbuf_size = 0; - } - - sn = ngx_quic_create_stream(qs->parent, id, rcvbuf_size); - if (sn == NULL) { - return NULL; - } - - return sn->c; -} - - -static void -ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, - ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel) -{ - ngx_rbtree_node_t **p; - ngx_quic_stream_t *qn, *qnt; - - for ( ;; ) { - qn = (ngx_quic_stream_t *) node; - qnt = (ngx_quic_stream_t *) temp; - - p = (qn->id < qnt->id) ? &temp->left : &temp->right; - - if (*p == sentinel) { - break; - } - - temp = *p; - } - - *p = node; - node->parent = temp; - node->left = sentinel; - node->right = sentinel; - ngx_rbt_red(node); -} - - -static ngx_quic_stream_t * -ngx_quic_find_stream(ngx_rbtree_t *rbtree, uint64_t id) -{ - ngx_rbtree_node_t *node, *sentinel; - ngx_quic_stream_t *qn; - - node = rbtree->root; - sentinel = rbtree->sentinel; - - while (node != sentinel) { - qn = (ngx_quic_stream_t *) node; - - if (id == qn->id) { - return qn; - } - - node = (id < qn->id) ? node->left : node->right; - } - - return NULL; -} - - -static ngx_quic_stream_t * -ngx_quic_create_client_stream(ngx_connection_t *c, uint64_t id) -{ - size_t n; - uint64_t min_id; - ngx_quic_stream_t *sn; - ngx_quic_connection_t *qc; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stream id:0x%xL is new", id); - - qc = ngx_quic_get_connection(c); - - if (id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { - - if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { - if ((id >> 2) < qc->streams.server_streams_uni) { - return NGX_QUIC_STREAM_GONE; - } - - qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; - return NULL; - } - - if ((id >> 2) < qc->streams.client_streams_uni) { - return NGX_QUIC_STREAM_GONE; - } - - if ((id >> 2) >= qc->streams.client_max_streams_uni) { - qc->error = NGX_QUIC_ERR_STREAM_LIMIT_ERROR; - return NULL; - } - - min_id = (qc->streams.client_streams_uni << 2) - | NGX_QUIC_STREAM_UNIDIRECTIONAL; - qc->streams.client_streams_uni = (id >> 2) + 1; - n = qc->tp.initial_max_stream_data_uni; - - } else { - - if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { - if ((id >> 2) < qc->streams.server_streams_bidi) { - return NGX_QUIC_STREAM_GONE; - } - - qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; - return NULL; - } - - if ((id >> 2) < qc->streams.client_streams_bidi) { - return NGX_QUIC_STREAM_GONE; - } - - if ((id >> 2) >= qc->streams.client_max_streams_bidi) { - qc->error = NGX_QUIC_ERR_STREAM_LIMIT_ERROR; - return NULL; - } - - min_id = (qc->streams.client_streams_bidi << 2); - qc->streams.client_streams_bidi = (id >> 2) + 1; - n = qc->tp.initial_max_stream_data_bidi_remote; - } - - if (n < NGX_QUIC_STREAM_BUFSIZE) { - n = NGX_QUIC_STREAM_BUFSIZE; - } - - /* - * 2.1. Stream Types and Identifiers - * - * Within each type, streams are created with numerically increasing - * stream IDs. A stream ID that is used out of order results in all - * streams of that type with lower-numbered stream IDs also being - * opened. - */ - - for ( /* void */ ; min_id < id; min_id += 0x04) { - - sn = ngx_quic_create_stream(c, min_id, n); - if (sn == NULL) { - return NULL; - } - - sn->c->listening->handler(sn->c); - } - - return ngx_quic_create_stream(c, id, n); -} - - -static ngx_quic_stream_t * -ngx_quic_create_stream(ngx_connection_t *c, uint64_t id, size_t rcvbuf_size) -{ - ngx_log_t *log; - ngx_pool_t *pool; - ngx_quic_stream_t *sn; - ngx_pool_cleanup_t *cln; - ngx_quic_connection_t *qc; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stream id:0x%xL create", id); - - qc = ngx_quic_get_connection(c); - - pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); - if (pool == NULL) { - return NULL; - } - - sn = ngx_pcalloc(pool, sizeof(ngx_quic_stream_t)); - if (sn == NULL) { - ngx_destroy_pool(pool); - return NULL; - } - - sn->node.key = id; - sn->parent = c; - sn->id = id; - - sn->b = ngx_create_temp_buf(pool, rcvbuf_size); - if (sn->b == NULL) { - ngx_destroy_pool(pool); - return NULL; - } - - ngx_queue_init(&sn->fs.frames); - - log = ngx_palloc(pool, sizeof(ngx_log_t)); - if (log == NULL) { - ngx_destroy_pool(pool); - return NULL; - } - - *log = *c->log; - pool->log = log; - - sn->c = ngx_get_connection(-1, log); - if (sn->c == NULL) { - ngx_destroy_pool(pool); - return NULL; - } - - sn->c->quic = sn; - sn->c->type = SOCK_STREAM; - sn->c->pool = pool; - sn->c->ssl = c->ssl; - sn->c->sockaddr = c->sockaddr; - sn->c->listening = c->listening; - sn->c->addr_text = c->addr_text; - sn->c->local_sockaddr = c->local_sockaddr; - sn->c->local_socklen = c->local_socklen; - sn->c->number = ngx_atomic_fetch_add(ngx_connection_counter, 1); - - sn->c->recv = ngx_quic_stream_recv; - sn->c->send = ngx_quic_stream_send; - sn->c->send_chain = ngx_quic_stream_send_chain; - - sn->c->read->log = log; - sn->c->write->log = log; - - log->connection = sn->c->number; - - if ((id & NGX_QUIC_STREAM_UNIDIRECTIONAL) == 0 - || (id & NGX_QUIC_STREAM_SERVER_INITIATED)) - { - sn->c->write->ready = 1; - } - - if (id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { - if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { - sn->send_max_data = qc->ctp.initial_max_stream_data_uni; - } - - } else { - if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { - sn->send_max_data = qc->ctp.initial_max_stream_data_bidi_remote; - } else { - sn->send_max_data = qc->ctp.initial_max_stream_data_bidi_local; - } - } - - cln = ngx_pool_cleanup_add(pool, 0); - if (cln == NULL) { - ngx_close_connection(sn->c); - ngx_destroy_pool(pool); - return NULL; - } - - cln->handler = ngx_quic_stream_cleanup_handler; - cln->data = sn->c; - - ngx_rbtree_insert(&qc->streams.tree, &sn->node); - - return sn; -} - - -static ssize_t -ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, size_t size) -{ - ssize_t len; - ngx_buf_t *b; - ngx_event_t *rev; - ngx_connection_t *pc; - ngx_quic_frame_t *frame; - ngx_quic_stream_t *qs; - ngx_quic_connection_t *qc; - - qs = c->quic; - b = qs->b; - pc = qs->parent; - qc = ngx_quic_get_connection(pc); - rev = c->read; - - if (rev->error) { - return NGX_ERROR; - } - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stream recv id:0x%xL eof:%d avail:%z", - qs->id, rev->pending_eof, b->last - b->pos); - - if (b->pos == b->last) { - rev->ready = 0; - - if (rev->pending_eof) { - rev->eof = 1; - return 0; - } - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stream id:0x%xL recv() not ready", qs->id); - return NGX_AGAIN; - } - - len = ngx_min(b->last - b->pos, (ssize_t) size); - - ngx_memcpy(buf, b->pos, len); - - b->pos += len; - qc->streams.received += len; - - if (b->pos == b->last) { - b->pos = b->start; - b->last = b->start; - rev->ready = rev->pending_eof; - } - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stream id:0x%xL recv len:%z of size:%uz", - qs->id, len, size); - - if (!rev->pending_eof) { - frame = ngx_quic_alloc_frame(pc); - if (frame == NULL) { - return NGX_ERROR; - } - - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; - frame->u.max_stream_data.id = qs->id; - frame->u.max_stream_data.limit = qs->fs.received + (b->pos - b->start) - + (b->end - b->last); - - ngx_quic_queue_frame(qc, frame); - } - - if ((qc->streams.recv_max_data / 2) < qc->streams.received) { - - frame = ngx_quic_alloc_frame(pc); - - if (frame == NULL) { - return NGX_ERROR; - } - - qc->streams.recv_max_data *= 2; - - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_MAX_DATA; - frame->u.max_data.max_data = qc->streams.recv_max_data; - - ngx_quic_queue_frame(qc, frame); - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stream id:0x%xL recv: increased max_data:%uL", - qs->id, qc->streams.recv_max_data); - } - - return len; -} - - -static ssize_t -ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, size_t size) -{ - ngx_buf_t b; - ngx_chain_t cl; - - ngx_memzero(&b, sizeof(ngx_buf_t)); - - b.memory = 1; - b.pos = buf; - b.last = buf + size; - - cl.buf = &b; - cl.next = NULL; - - if (ngx_quic_stream_send_chain(c, &cl, 0) == NGX_CHAIN_ERROR) { - return NGX_ERROR; - } - - if (b.pos == buf) { - return NGX_AGAIN; - } - - return b.pos - buf; -} - - -static ngx_chain_t * -ngx_quic_stream_send_chain(ngx_connection_t *c, ngx_chain_t *in, off_t limit) -{ - size_t n, flow; - ngx_event_t *wev; - ngx_chain_t *cl; - ngx_connection_t *pc; - ngx_quic_frame_t *frame; - ngx_quic_stream_t *qs; - ngx_quic_connection_t *qc; - - qs = c->quic; - pc = qs->parent; - qc = ngx_quic_get_connection(pc); - wev = c->write; - - if (wev->error) { - return NGX_CHAIN_ERROR; - } - - flow = ngx_quic_max_stream_flow(c); - if (flow == 0) { - wev->ready = 0; - return in; - } - - n = (limit && (size_t) limit < flow) ? (size_t) limit : flow; - - frame = ngx_quic_alloc_frame(pc); - if (frame == NULL) { - return NGX_CHAIN_ERROR; - } - - frame->data = ngx_quic_copy_chain(pc, in, n); - if (frame->data == NGX_CHAIN_ERROR) { - return NGX_CHAIN_ERROR; - } - - for (n = 0, cl = frame->data; cl; cl = cl->next) { - n += ngx_buf_size(cl->buf); - } - - while (in && ngx_buf_size(in->buf) == 0) { - in = in->next; - } - - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_STREAM6; /* OFF=1 LEN=1 FIN=0 */ - frame->u.stream.off = 1; - frame->u.stream.len = 1; - frame->u.stream.fin = 0; - - frame->u.stream.type = frame->type; - frame->u.stream.stream_id = qs->id; - frame->u.stream.offset = c->sent; - frame->u.stream.length = n; - - c->sent += n; - qc->streams.sent += n; - - ngx_quic_queue_frame(qc, frame); - - wev->ready = (n < flow) ? 1 : 0; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic send_chain sent:%uz", n); - - return in; -} - - -static size_t -ngx_quic_max_stream_flow(ngx_connection_t *c) -{ - size_t size; - uint64_t sent, unacked; - ngx_quic_stream_t *qs; - ngx_quic_connection_t *qc; - - qs = c->quic; - qc = ngx_quic_get_connection(qs->parent); - - size = NGX_QUIC_STREAM_BUFSIZE; - sent = c->sent; - unacked = sent - qs->acked; - - if (qc->streams.send_max_data == 0) { - qc->streams.send_max_data = qc->ctp.initial_max_data; - } - - if (unacked >= NGX_QUIC_STREAM_BUFSIZE) { - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic send flow hit buffer size"); - return 0; - } - - if (unacked + size > NGX_QUIC_STREAM_BUFSIZE) { - size = NGX_QUIC_STREAM_BUFSIZE - unacked; - } - - if (qc->streams.sent >= qc->streams.send_max_data) { - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic send flow hit MAX_DATA"); - return 0; - } - - if (qc->streams.sent + size > qc->streams.send_max_data) { - size = qc->streams.send_max_data - qc->streams.sent; - } - - if (sent >= qs->send_max_data) { - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic send flow hit MAX_STREAM_DATA"); - return 0; - } - - if (sent + size > qs->send_max_data) { - size = qs->send_max_data - sent; - } - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic send flow:%uz", size); - - return size; -} - - -static void -ngx_quic_stream_cleanup_handler(void *data) -{ - ngx_connection_t *c = data; - - ngx_connection_t *pc; - ngx_quic_frame_t *frame; - ngx_quic_stream_t *qs; - ngx_quic_connection_t *qc; - - qs = c->quic; - pc = qs->parent; - qc = ngx_quic_get_connection(pc); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stream id:0x%xL cleanup", qs->id); - - ngx_rbtree_delete(&qc->streams.tree, &qs->node); - ngx_quic_free_frames(pc, &qs->fs.frames); - - if (qc->closing) { - /* schedule handler call to continue ngx_quic_close_connection() */ - ngx_post_event(pc->read, &ngx_posted_events); - return; - } - - if ((qs->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0 - || (qs->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) == 0) - { - if (!c->read->pending_eof && !c->read->error) { - frame = ngx_quic_alloc_frame(pc); - if (frame == NULL) { - return; - } - - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_STOP_SENDING; - frame->u.stop_sending.id = qs->id; - frame->u.stop_sending.error_code = 0x100; /* HTTP/3 no error */ - - ngx_quic_queue_frame(qc, frame); - } - } - - if ((qs->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) { - frame = ngx_quic_alloc_frame(pc); - if (frame == NULL) { - return; - } - - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_MAX_STREAMS; - - if (qs->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { - frame->u.max_streams.limit = ++qc->streams.client_max_streams_uni; - frame->u.max_streams.bidi = 0; - - } else { - frame->u.max_streams.limit = ++qc->streams.client_max_streams_bidi; - frame->u.max_streams.bidi = 1; - } - - ngx_quic_queue_frame(qc, frame); - - if (qs->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { - /* do not send fin for client unidirectional streams */ - return; - } - } - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stream id:0x%xL send fin", qs->id); - - frame = ngx_quic_alloc_frame(pc); - if (frame == NULL) { - return; - } - - frame->level = ssl_encryption_application; - frame->type = NGX_QUIC_FT_STREAM7; /* OFF=1 LEN=1 FIN=1 */ - frame->u.stream.off = 1; - frame->u.stream.len = 1; - frame->u.stream.fin = 1; - - frame->u.stream.type = frame->type; - frame->u.stream.stream_id = qs->id; - frame->u.stream.offset = c->sent; - frame->u.stream.length = 0; - - ngx_quic_queue_frame(qc, frame); - - (void) ngx_quic_output(pc); -} - - -static ngx_quic_frame_t * -ngx_quic_alloc_frame(ngx_connection_t *c) -{ - ngx_queue_t *q; - ngx_quic_frame_t *frame; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (!ngx_queue_empty(&qc->free_frames)) { - - q = ngx_queue_head(&qc->free_frames); - frame = ngx_queue_data(q, ngx_quic_frame_t, queue); - - ngx_queue_remove(&frame->queue); - -#ifdef NGX_QUIC_DEBUG_ALLOC - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic reuse frame n:%ui", qc->nframes); -#endif - - } else { - frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); - if (frame == NULL) { - return NULL; - } - -#ifdef NGX_QUIC_DEBUG_ALLOC - ++qc->nframes; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic alloc frame n:%ui", qc->nframes); -#endif - } - - ngx_memzero(frame, sizeof(ngx_quic_frame_t)); - - return frame; -} - - -static void -ngx_quic_congestion_ack(ngx_connection_t *c, ngx_quic_frame_t *f) -{ - ngx_msec_t timer; - ngx_quic_congestion_t *cg; - ngx_quic_connection_t *qc; - - if (f->plen == 0) { - return; - } - - qc = ngx_quic_get_connection(c); - cg = &qc->congestion; - - cg->in_flight -= f->plen; - - timer = f->last - cg->recovery_start; - - if ((ngx_msec_int_t) timer <= 0) { - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic congestion ack recovery win:%uz ss:%z if:%uz", - cg->window, cg->ssthresh, cg->in_flight); - - return; - } - - if (cg->window < cg->ssthresh) { - cg->window += f->plen; - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic congestion slow start win:%uz ss:%z if:%uz", - cg->window, cg->ssthresh, cg->in_flight); - - } else { - cg->window += qc->tp.max_udp_payload_size * f->plen / cg->window; - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic congestion avoidance win:%uz ss:%z if:%uz", - cg->window, cg->ssthresh, cg->in_flight); - } - - /* prevent recovery_start from wrapping */ - - timer = cg->recovery_start - ngx_current_msec + qc->tp.max_idle_timeout * 2; - - if ((ngx_msec_int_t) timer < 0) { - cg->recovery_start = ngx_current_msec - qc->tp.max_idle_timeout * 2; - } -} - - -static void -ngx_quic_congestion_lost(ngx_connection_t *c, ngx_quic_frame_t *f) -{ - ngx_msec_t timer; - ngx_quic_congestion_t *cg; - ngx_quic_connection_t *qc; - - if (f->plen == 0) { - return; - } - - qc = ngx_quic_get_connection(c); - cg = &qc->congestion; - - cg->in_flight -= f->plen; - f->plen = 0; - - timer = f->last - cg->recovery_start; - - if ((ngx_msec_int_t) timer <= 0) { - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic congestion lost recovery win:%uz ss:%z if:%uz", - cg->window, cg->ssthresh, cg->in_flight); - - return; - } - - cg->recovery_start = ngx_current_msec; - cg->window /= 2; - - if (cg->window < qc->tp.max_udp_payload_size * 2) { - cg->window = qc->tp.max_udp_payload_size * 2; - } - - cg->ssthresh = cg->window; - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic congestion lost win:%uz ss:%z if:%uz", - cg->window, cg->ssthresh, cg->in_flight); -} - - -static void -ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame) -{ - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (frame->data) { - ngx_quic_free_bufs(c, frame->data); - } - - ngx_queue_insert_head(&qc->free_frames, &frame->queue); - -#ifdef NGX_QUIC_DEBUG_ALLOC - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic free frame n:%ui", qc->nframes); -#endif -} - - -uint32_t -ngx_quic_version(ngx_connection_t *c) -{ - uint32_t version; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - version = qc->version; - - return (version & 0xff000000) == 0xff000000 ? version & 0xff : version; -} - - -static ngx_chain_t * -ngx_quic_alloc_buf(ngx_connection_t *c) -{ - ngx_buf_t *b; - ngx_chain_t *cl; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - if (qc->free_bufs) { - cl = qc->free_bufs; - qc->free_bufs = cl->next; - - b = cl->buf; - b->pos = b->start; - b->last = b->start; - -#ifdef NGX_QUIC_DEBUG_ALLOC - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic reuse buffer n:%ui", qc->nbufs); -#endif - - return cl; - } - - cl = ngx_alloc_chain_link(c->pool); - if (cl == NULL) { - return NULL; - } - - b = ngx_create_temp_buf(c->pool, NGX_QUIC_BUFFER_SIZE); - if (b == NULL) { - return NULL; - } - - b->tag = (ngx_buf_tag_t) &ngx_quic_alloc_buf; - - cl->buf = b; - -#ifdef NGX_QUIC_DEBUG_ALLOC - ++qc->nbufs; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic alloc buffer n:%ui", qc->nbufs); -#endif - - return cl; -} - - -static void -ngx_quic_free_bufs(ngx_connection_t *c, ngx_chain_t *in) -{ - ngx_buf_t *b, *shadow; - ngx_chain_t *cl; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - while (in) { -#ifdef NGX_QUIC_DEBUG_ALLOC - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic free buffer n:%ui", qc->nbufs); -#endif - - cl = in; - in = in->next; - b = cl->buf; - - if (b->shadow) { - if (!b->last_shadow) { - b->recycled = 1; - ngx_free_chain(c->pool, cl); - continue; - } - - do { - shadow = b->shadow; - b->shadow = qc->free_shadow_bufs; - qc->free_shadow_bufs = b; - b = shadow; - } while (b->recycled); - - if (b->shadow) { - b->last_shadow = 1; - ngx_free_chain(c->pool, cl); - continue; - } - - cl->buf = b; - } - - cl->next = qc->free_bufs; - qc->free_bufs = cl; - } -} - - -static ngx_chain_t * -ngx_quic_copy_buf(ngx_connection_t *c, u_char *data, size_t len) -{ - size_t n; - ngx_buf_t *b; - ngx_chain_t *cl, *out, **ll; - - out = NULL; - ll = &out; - - while (len) { - cl = ngx_quic_alloc_buf(c); - if (cl == NULL) { - return NGX_CHAIN_ERROR; - } - - b = cl->buf; - n = ngx_min((size_t) (b->end - b->last), len); - - b->last = ngx_cpymem(b->last, data, n); - - data += n; - len -= n; - - *ll = cl; - ll = &cl->next; - } - - *ll = NULL; - - return out; -} - - -static ngx_chain_t * -ngx_quic_copy_chain(ngx_connection_t *c, ngx_chain_t *in, size_t limit) -{ - size_t n; - ngx_buf_t *b; - ngx_chain_t *cl, *out, **ll; - - out = NULL; - ll = &out; - - while (in) { - if (!ngx_buf_in_memory(in->buf) || ngx_buf_size(in->buf) == 0) { - in = in->next; - continue; - } - - cl = ngx_quic_alloc_buf(c); - if (cl == NULL) { - return NGX_CHAIN_ERROR; - } - - *ll = cl; - ll = &cl->next; - - b = cl->buf; - - while (in && b->last != b->end) { - - n = ngx_min(in->buf->last - in->buf->pos, b->end - b->last); - - if (limit > 0 && n > limit) { - n = limit; - } - - b->last = ngx_cpymem(b->last, in->buf->pos, n); - - in->buf->pos += n; - if (in->buf->pos == in->buf->last) { - in = in->next; - } - - if (limit > 0) { - if (limit == n) { - goto done; - } - - limit -= n; - } - } - - } - -done: - - *ll = NULL; - - return out; -} - - -static ngx_chain_t * -ngx_quic_split_bufs(ngx_connection_t *c, ngx_chain_t *in, size_t len) -{ - size_t n; - ngx_buf_t *b; - ngx_chain_t *out; - ngx_quic_connection_t *qc; - - qc = ngx_quic_get_connection(c); - - while (in) { - n = ngx_buf_size(in->buf); - - if (n == len) { - out = in->next; - in->next = NULL; - return out; - } - - if (n > len) { - break; - } - - len -= n; - in = in->next; - } - - if (in == NULL) { - return NULL; - } - - /* split in->buf by creating shadow bufs which reference it */ - - if (in->buf->shadow == NULL) { - if (qc->free_shadow_bufs) { - b = qc->free_shadow_bufs; - qc->free_shadow_bufs = b->shadow; - - } else { - b = ngx_alloc_buf(c->pool); - if (b == NULL) { - return NGX_CHAIN_ERROR; - } - } - - *b = *in->buf; - b->shadow = in->buf; - b->last_shadow = 1; - in->buf = b; - } - - out = ngx_alloc_chain_link(c->pool); - if (out == NULL) { - return NGX_CHAIN_ERROR; - } - - if (qc->free_shadow_bufs) { - b = qc->free_shadow_bufs; - qc->free_shadow_bufs = b->shadow; - - } else { - b = ngx_alloc_buf(c->pool); - if (b == NULL) { - ngx_free_chain(c->pool, out); - return NGX_CHAIN_ERROR; - } - } - - out->buf = b; - out->next = in->next; - in->next = NULL; - - *b = *in->buf; - b->last_shadow = 0; - b->pos = b->pos + len; - - in->buf->shadow = b; - in->buf->last = in->buf->pos + len; - - return out; -}
--- a/src/event/ngx_event_quic.h Tue Dec 22 16:41:56 2020 +0300 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,143 +0,0 @@ - -/* - * Copyright (C) Nginx, Inc. - */ - - -#ifndef _NGX_EVENT_QUIC_H_INCLUDED_ -#define _NGX_EVENT_QUIC_H_INCLUDED_ - - -#include <ngx_config.h> -#include <ngx_core.h> - - -/* Supported drafts: 27, 28, 29 */ -#ifndef NGX_QUIC_DRAFT_VERSION -#define NGX_QUIC_DRAFT_VERSION 29 -#endif - -#define NGX_QUIC_MAX_SHORT_HEADER 25 /* 1 flags + 20 dcid + 4 pn */ -#define NGX_QUIC_MAX_LONG_HEADER 56 - /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */ - -#define NGX_QUIC_MAX_UDP_PAYLOAD_SIZE 65527 -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT 1252 -#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT6 1232 - -#define NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT 3 -#define NGX_QUIC_DEFAULT_MAX_ACK_DELAY 25 -#define NGX_QUIC_DEFAULT_SRT_KEY_LEN 32 - -#define NGX_QUIC_RETRY_TIMEOUT 3000 -#define NGX_QUIC_RETRY_LIFETIME 30000 -#define NGX_QUIC_RETRY_BUFFER_SIZE 128 - /* 1 flags + 4 version + 3 x (1 + 20) s/o/dcid + itag + token(44) */ -#define NGX_QUIC_MAX_TOKEN_SIZE 32 - /* sizeof(struct in6_addr) + sizeof(ngx_msec_t) up to AES-256 block size */ - -/* quic-recovery, section 6.2.2, kInitialRtt */ -#define NGX_QUIC_INITIAL_RTT 333 /* ms */ - -/* quic-recovery, section 6.1.1, Packet Threshold */ -#define NGX_QUIC_PKT_THR 3 /* packets */ -/* quic-recovery, section 6.1.2, Time Threshold */ -#define NGX_QUIC_TIME_THR 1.125 -#define NGX_QUIC_TIME_GRANULARITY 1 /* ms */ - -#define NGX_QUIC_CC_MIN_INTERVAL 1000 /* 1s */ - -#define NGX_QUIC_MIN_INITIAL_SIZE 1200 - -#define NGX_QUIC_STREAM_SERVER_INITIATED 0x01 -#define NGX_QUIC_STREAM_UNIDIRECTIONAL 0x02 - -#define NGX_QUIC_STREAM_BUFSIZE 65536 - -#define NGX_QUIC_MAX_CID_LEN 20 -#define NGX_QUIC_SERVER_CID_LEN NGX_QUIC_MAX_CID_LEN - -#define NGX_QUIC_SR_TOKEN_LEN 16 - -#define NGX_QUIC_MAX_SERVER_IDS 8 - -#define NGX_QUIC_BUFFER_SIZE 4096 - -#define ngx_quic_get_connection(c) ((ngx_quic_connection_t *)(c)->udp) - - -typedef struct { - /* configurable */ - ngx_msec_t max_idle_timeout; - ngx_msec_t max_ack_delay; - - size_t max_udp_payload_size; - size_t initial_max_data; - size_t initial_max_stream_data_bidi_local; - size_t initial_max_stream_data_bidi_remote; - size_t initial_max_stream_data_uni; - ngx_uint_t initial_max_streams_bidi; - ngx_uint_t initial_max_streams_uni; - ngx_uint_t ack_delay_exponent; - ngx_uint_t active_connection_id_limit; - ngx_flag_t disable_active_migration; - ngx_str_t original_dcid; - ngx_str_t initial_scid; - ngx_str_t retry_scid; - u_char sr_token[NGX_QUIC_SR_TOKEN_LEN]; - - /* TODO */ - void *preferred_address; -} ngx_quic_tp_t; - - -typedef struct { - ngx_ssl_t *ssl; - ngx_quic_tp_t tp; - ngx_flag_t retry; - ngx_flag_t require_alpn; - u_char token_key[32]; /* AES 256 */ - ngx_str_t sr_token_key; /* stateless reset token key */ -} ngx_quic_conf_t; - - -typedef struct { - uint64_t sent; - uint64_t received; - ngx_queue_t frames; /* reorder queue */ - size_t total; /* size of buffered data */ -} ngx_quic_frames_stream_t; - - -struct ngx_quic_stream_s { - ngx_rbtree_node_t node; - ngx_connection_t *parent; - ngx_connection_t *c; - uint64_t id; - uint64_t acked; - uint64_t send_max_data; - ngx_buf_t *b; - ngx_quic_frames_stream_t fs; -}; - - -typedef struct ngx_quic_keys_s ngx_quic_keys_t; - - -void ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf); -ngx_connection_t *ngx_quic_open_stream(ngx_connection_t *c, ngx_uint_t bidi); -void ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, - const char *reason); -uint32_t ngx_quic_version(ngx_connection_t *c); -ngx_int_t ngx_quic_get_packet_dcid(ngx_log_t *log, u_char *data, size_t len, - ngx_str_t *dcid); - - -/********************************* DEBUG *************************************/ - -/* #define NGX_QUIC_DEBUG_PACKETS */ /* dump packet contents */ -/* #define NGX_QUIC_DEBUG_FRAMES */ /* dump frames contents */ -/* #define NGX_QUIC_DEBUG_ALLOC */ /* log frames and bufs alloc */ -/* #define NGX_QUIC_DEBUG_CRYPTO */ - -#endif /* _NGX_EVENT_QUIC_H_INCLUDED_ */
--- a/src/event/ngx_event_quic_protection.c Tue Dec 22 16:41:56 2020 +0300 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1188 +0,0 @@ - -/* - * Copyright (C) Nginx, Inc. - */ - - -#include <ngx_config.h> -#include <ngx_core.h> -#include <ngx_event.h> -#include <ngx_event_quic_transport.h> -#include <ngx_event_quic_protection.h> - - -#define NGX_QUIC_IV_LEN 12 - -#define NGX_AES_128_GCM_SHA256 0x1301 -#define NGX_AES_256_GCM_SHA384 0x1302 -#define NGX_CHACHA20_POLY1305_SHA256 0x1303 - - -#ifdef OPENSSL_IS_BORINGSSL -#define ngx_quic_cipher_t EVP_AEAD -#else -#define ngx_quic_cipher_t EVP_CIPHER -#endif - - -typedef struct { - const ngx_quic_cipher_t *c; - const EVP_CIPHER *hp; - const EVP_MD *d; -} ngx_quic_ciphers_t; - - -typedef struct ngx_quic_secret_s { - ngx_str_t secret; - ngx_str_t key; - ngx_str_t iv; - ngx_str_t hp; -} ngx_quic_secret_t; - - -typedef struct { - ngx_quic_secret_t client; - ngx_quic_secret_t server; -} ngx_quic_secrets_t; - - -struct ngx_quic_keys_s { - ngx_quic_secrets_t secrets[NGX_QUIC_ENCRYPTION_LAST]; - ngx_quic_secrets_t next_key; - ngx_uint_t cipher; -}; - - -static ngx_int_t ngx_hkdf_expand(u_char *out_key, size_t out_len, - const EVP_MD *digest, const u_char *prk, size_t prk_len, - const u_char *info, size_t info_len); -static ngx_int_t ngx_hkdf_extract(u_char *out_key, size_t *out_len, - const EVP_MD *digest, const u_char *secret, size_t secret_len, - const u_char *salt, size_t salt_len); - -static uint64_t ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask, - uint64_t *largest_pn); -static void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn); -static ngx_int_t ngx_quic_ciphers(ngx_uint_t id, - ngx_quic_ciphers_t *ciphers, enum ssl_encryption_level_t level); - -static ngx_int_t ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, - ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, - ngx_str_t *ad, ngx_log_t *log); -static ngx_int_t ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, - ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, - ngx_str_t *ad, ngx_log_t *log); -static ngx_int_t ngx_quic_tls_hp(ngx_log_t *log, const EVP_CIPHER *cipher, - ngx_quic_secret_t *s, u_char *out, u_char *in); -static ngx_int_t ngx_quic_hkdf_expand(ngx_pool_t *pool, const EVP_MD *digest, - ngx_str_t *out, ngx_str_t *label, const uint8_t *prk, size_t prk_len); - -static ngx_int_t ngx_quic_create_packet(ngx_quic_header_t *pkt, - ngx_str_t *res); -static ngx_int_t ngx_quic_create_retry_packet(ngx_quic_header_t *pkt, - ngx_str_t *res); - - -static ngx_int_t -ngx_quic_ciphers(ngx_uint_t id, ngx_quic_ciphers_t *ciphers, - enum ssl_encryption_level_t level) -{ - ngx_int_t len; - - if (level == ssl_encryption_initial) { - id = NGX_AES_128_GCM_SHA256; - } - - switch (id) { - - case NGX_AES_128_GCM_SHA256: -#ifdef OPENSSL_IS_BORINGSSL - ciphers->c = EVP_aead_aes_128_gcm(); -#else - ciphers->c = EVP_aes_128_gcm(); -#endif - ciphers->hp = EVP_aes_128_ctr(); - ciphers->d = EVP_sha256(); - len = 16; - break; - - case NGX_AES_256_GCM_SHA384: -#ifdef OPENSSL_IS_BORINGSSL - ciphers->c = EVP_aead_aes_256_gcm(); -#else - ciphers->c = EVP_aes_256_gcm(); -#endif - ciphers->hp = EVP_aes_256_ctr(); - ciphers->d = EVP_sha384(); - len = 32; - break; - - case NGX_CHACHA20_POLY1305_SHA256: -#ifdef OPENSSL_IS_BORINGSSL - ciphers->c = EVP_aead_chacha20_poly1305(); -#else - ciphers->c = EVP_chacha20_poly1305(); -#endif -#ifdef OPENSSL_IS_BORINGSSL - ciphers->hp = (const EVP_CIPHER *) EVP_aead_chacha20_poly1305(); -#else - ciphers->hp = EVP_chacha20(); -#endif - ciphers->d = EVP_sha256(); - len = 32; - break; - - default: - return NGX_ERROR; - } - - return len; -} - - -ngx_int_t -ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, ngx_quic_keys_t *keys, - ngx_str_t *secret) -{ - size_t is_len; - uint8_t is[SHA256_DIGEST_LENGTH]; - ngx_uint_t i; - const EVP_MD *digest; - const EVP_CIPHER *cipher; - ngx_quic_secret_t *client, *server; - - static const uint8_t salt[20] = -#if (NGX_QUIC_DRAFT_VERSION >= 29) - "\xaf\xbf\xec\x28\x99\x93\xd2\x4c\x9e\x97" - "\x86\xf1\x9c\x61\x11\xe0\x43\x90\xa8\x99"; -#else - "\xc3\xee\xf7\x12\xc7\x2e\xbb\x5a\x11\xa7" - "\xd2\x43\x2b\xb4\x63\x65\xbe\xf9\xf5\x02"; -#endif - - client = &keys->secrets[ssl_encryption_initial].client; - server = &keys->secrets[ssl_encryption_initial].server; - - /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ - - cipher = EVP_aes_128_gcm(); - digest = EVP_sha256(); - - if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len, - salt, sizeof(salt)) - != NGX_OK) - { - return NGX_ERROR; - } - - ngx_str_t iss = { - .data = is, - .len = is_len - }; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pool->log, 0, - "quic ngx_quic_set_initial_secret"); -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, - "quic salt len:%uz %*xs", sizeof(salt), sizeof(salt), salt); - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, - "quic initial secret len:%uz %*xs", is_len, is_len, is); -#endif - - /* draft-ietf-quic-tls-23#section-5.2 */ - client->secret.len = SHA256_DIGEST_LENGTH; - server->secret.len = SHA256_DIGEST_LENGTH; - - client->key.len = EVP_CIPHER_key_length(cipher); - server->key.len = EVP_CIPHER_key_length(cipher); - - client->hp.len = EVP_CIPHER_key_length(cipher); - server->hp.len = EVP_CIPHER_key_length(cipher); - - client->iv.len = EVP_CIPHER_iv_length(cipher); - server->iv.len = EVP_CIPHER_iv_length(cipher); - - struct { - ngx_str_t label; - ngx_str_t *key; - ngx_str_t *prk; - } seq[] = { - - /* draft-ietf-quic-tls-23#section-5.2 */ - { ngx_string("tls13 client in"), &client->secret, &iss }, - { - ngx_string("tls13 quic key"), - &client->key, - &client->secret, - }, - { - ngx_string("tls13 quic iv"), - &client->iv, - &client->secret, - }, - { - /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ - ngx_string("tls13 quic hp"), - &client->hp, - &client->secret, - }, - { ngx_string("tls13 server in"), &server->secret, &iss }, - { - /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ - ngx_string("tls13 quic key"), - &server->key, - &server->secret, - }, - { - ngx_string("tls13 quic iv"), - &server->iv, - &server->secret, - }, - { - /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ - ngx_string("tls13 quic hp"), - &server->hp, - &server->secret, - }, - - }; - - for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { - - if (ngx_quic_hkdf_expand(pool, digest, seq[i].key, &seq[i].label, - seq[i].prk->data, seq[i].prk->len) - != NGX_OK) - { - return NGX_ERROR; - } - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_hkdf_expand(ngx_pool_t *pool, const EVP_MD *digest, ngx_str_t *out, - ngx_str_t *label, const uint8_t *prk, size_t prk_len) -{ - size_t info_len; - uint8_t *p; - uint8_t info[20]; - - if (out->data == NULL) { - out->data = ngx_pnalloc(pool, out->len); - if (out->data == NULL) { - return NGX_ERROR; - } - } - - info_len = 2 + 1 + label->len + 1; - - info[0] = 0; - info[1] = out->len; - info[2] = label->len; - p = ngx_cpymem(&info[3], label->data, label->len); - *p = '\0'; - - if (ngx_hkdf_expand(out->data, out->len, digest, - prk, prk_len, info, info_len) - != NGX_OK) - { - ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, - "ngx_hkdf_expand(%V) failed", label); - return NGX_ERROR; - } - -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, - "quic expand %V key len:%uz %xV", label, out->len, out); -#endif - - return NGX_OK; -} - - -static ngx_int_t -ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, - const uint8_t *prk, size_t prk_len, const u_char *info, size_t info_len) -{ -#ifdef OPENSSL_IS_BORINGSSL - if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) - == 0) - { - return NGX_ERROR; - } -#else - - EVP_PKEY_CTX *pctx; - - pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); - - if (EVP_PKEY_derive_init(pctx) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_CTX_set1_hkdf_key(pctx, prk, prk_len) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) { - return NGX_ERROR; - } - -#endif - - return NGX_OK; -} - - -static ngx_int_t -ngx_hkdf_extract(u_char *out_key, size_t *out_len, const EVP_MD *digest, - const u_char *secret, size_t secret_len, const u_char *salt, - size_t salt_len) -{ -#ifdef OPENSSL_IS_BORINGSSL - if (HKDF_extract(out_key, out_len, digest, secret, secret_len, salt, - salt_len) - == 0) - { - return NGX_ERROR; - } -#else - - EVP_PKEY_CTX *pctx; - - pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); - - if (EVP_PKEY_derive_init(pctx) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0) { - return NGX_ERROR; - } - - if (EVP_PKEY_derive(pctx, out_key, out_len) <= 0) { - return NGX_ERROR; - } - -#endif - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, - ngx_str_t *out, u_char *nonce, ngx_str_t *in, ngx_str_t *ad, - ngx_log_t *log) -{ - -#ifdef OPENSSL_IS_BORINGSSL - EVP_AEAD_CTX *ctx; - - ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len, - EVP_AEAD_DEFAULT_TAG_LENGTH); - if (ctx == NULL) { - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_new() failed"); - return NGX_ERROR; - } - - if (EVP_AEAD_CTX_open(ctx, out->data, &out->len, out->len, nonce, s->iv.len, - in->data, in->len, ad->data, ad->len) - != 1) - { - EVP_AEAD_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_open() failed"); - return NGX_ERROR; - } - - EVP_AEAD_CTX_free(ctx); -#else - int len; - u_char *tag; - EVP_CIPHER_CTX *ctx; - - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) { - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_CIPHER_CTX_new() failed"); - return NGX_ERROR; - } - - if (EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptInit_ex() failed"); - return NGX_ERROR; - } - - if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL) - == 0) - { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, - "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed"); - return NGX_ERROR; - } - - if (EVP_DecryptInit_ex(ctx, NULL, NULL, s->key.data, nonce) != 1) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptInit_ex() failed"); - return NGX_ERROR; - } - - if (EVP_DecryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptUpdate() failed"); - return NGX_ERROR; - } - - if (EVP_DecryptUpdate(ctx, out->data, &len, in->data, - in->len - EVP_GCM_TLS_TAG_LEN) - != 1) - { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptUpdate() failed"); - return NGX_ERROR; - } - - out->len = len; - tag = in->data + in->len - EVP_GCM_TLS_TAG_LEN; - - if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, EVP_GCM_TLS_TAG_LEN, tag) - == 0) - { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, - "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_TAG) failed"); - return NGX_ERROR; - } - - if (EVP_DecryptFinal_ex(ctx, out->data + len, &len) <= 0) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptFinal_ex failed"); - return NGX_ERROR; - } - - out->len += len; - - EVP_CIPHER_CTX_free(ctx); -#endif - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, - ngx_str_t *out, u_char *nonce, ngx_str_t *in, ngx_str_t *ad, ngx_log_t *log) -{ - -#ifdef OPENSSL_IS_BORINGSSL - EVP_AEAD_CTX *ctx; - - ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len, - EVP_AEAD_DEFAULT_TAG_LENGTH); - if (ctx == NULL) { - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_new() failed"); - return NGX_ERROR; - } - - if (EVP_AEAD_CTX_seal(ctx, out->data, &out->len, out->len, nonce, s->iv.len, - in->data, in->len, ad->data, ad->len) - != 1) - { - EVP_AEAD_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_seal() failed"); - return NGX_ERROR; - } - - EVP_AEAD_CTX_free(ctx); -#else - int len; - EVP_CIPHER_CTX *ctx; - - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) { - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_CIPHER_CTX_new() failed"); - return NGX_ERROR; - } - - if (EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); - return NGX_ERROR; - } - - if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL) - == 0) - { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, - "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed"); - return NGX_ERROR; - } - - if (EVP_EncryptInit_ex(ctx, NULL, NULL, s->key.data, nonce) != 1) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); - return NGX_ERROR; - } - - if (EVP_EncryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); - return NGX_ERROR; - } - - if (EVP_EncryptUpdate(ctx, out->data, &len, in->data, in->len) != 1) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); - return NGX_ERROR; - } - - out->len = len; - - if (EVP_EncryptFinal_ex(ctx, out->data + out->len, &len) <= 0) { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptFinal_ex failed"); - return NGX_ERROR; - } - - out->len += len; - - if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, EVP_GCM_TLS_TAG_LEN, - out->data + in->len) - == 0) - { - EVP_CIPHER_CTX_free(ctx); - ngx_ssl_error(NGX_LOG_INFO, log, 0, - "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_GET_TAG) failed"); - return NGX_ERROR; - } - - EVP_CIPHER_CTX_free(ctx); - - out->len += EVP_GCM_TLS_TAG_LEN; -#endif - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_tls_hp(ngx_log_t *log, const EVP_CIPHER *cipher, - ngx_quic_secret_t *s, u_char *out, u_char *in) -{ - int outlen; - EVP_CIPHER_CTX *ctx; - u_char zero[5] = {0}; - -#ifdef OPENSSL_IS_BORINGSSL - uint32_t counter; - - ngx_memcpy(&counter, in, sizeof(uint32_t)); - - if (cipher == (const EVP_CIPHER *) EVP_aead_chacha20_poly1305()) { - CRYPTO_chacha_20(out, zero, 5, s->hp.data, &in[4], counter); - return NGX_OK; - } -#endif - - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) { - return NGX_ERROR; - } - - if (EVP_EncryptInit_ex(ctx, cipher, NULL, s->hp.data, in) != 1) { - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); - goto failed; - } - - if (!EVP_EncryptUpdate(ctx, out, &outlen, zero, 5)) { - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); - goto failed; - } - - if (!EVP_EncryptFinal_ex(ctx, out + 5, &outlen)) { - ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptFinal_Ex() failed"); - goto failed; - } - - EVP_CIPHER_CTX_free(ctx); - - return NGX_OK; - -failed: - - EVP_CIPHER_CTX_free(ctx); - - return NGX_ERROR; -} - - -int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, - ngx_quic_keys_t *keys, enum ssl_encryption_level_t level, - const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len) -{ - ngx_int_t key_len; - ngx_uint_t i; - ngx_quic_secret_t *peer_secret; - ngx_quic_ciphers_t ciphers; - - peer_secret = is_write ? &keys->secrets[level].server - : &keys->secrets[level].client; - - keys->cipher = SSL_CIPHER_get_protocol_id(cipher); - - key_len = ngx_quic_ciphers(keys->cipher, &ciphers, level); - - if (key_len == NGX_ERROR) { - ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher"); - return 0; - } - - if (level == ssl_encryption_initial) { - return 0; - } - - peer_secret->secret.data = ngx_pnalloc(pool, secret_len); - if (peer_secret->secret.data == NULL) { - return NGX_ERROR; - } - - peer_secret->secret.len = secret_len; - ngx_memcpy(peer_secret->secret.data, secret, secret_len); - - peer_secret->key.len = key_len; - peer_secret->iv.len = NGX_QUIC_IV_LEN; - peer_secret->hp.len = key_len; - - struct { - ngx_str_t label; - ngx_str_t *key; - const uint8_t *secret; - } seq[] = { - { ngx_string("tls13 quic key"), &peer_secret->key, secret }, - { ngx_string("tls13 quic iv"), &peer_secret->iv, secret }, - { ngx_string("tls13 quic hp"), &peer_secret->hp, secret }, - }; - - for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { - - if (ngx_quic_hkdf_expand(pool, ciphers.d, seq[i].key, &seq[i].label, - seq[i].secret, secret_len) - != NGX_OK) - { - return 0; - } - } - - return 1; -} - - -ngx_quic_keys_t * -ngx_quic_keys_new(ngx_pool_t *pool) -{ - return ngx_pcalloc(pool, sizeof(ngx_quic_keys_t)); -} - - -ngx_uint_t -ngx_quic_keys_available(ngx_quic_keys_t *keys, - enum ssl_encryption_level_t level) -{ - return keys->secrets[level].client.key.len != 0; -} - - -void -ngx_quic_keys_discard(ngx_quic_keys_t *keys, - enum ssl_encryption_level_t level) -{ - keys->secrets[level].client.key.len = 0; -} - - -void -ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys) -{ - ngx_quic_secrets_t *current, *next, tmp; - - current = &keys->secrets[ssl_encryption_application]; - next = &keys->next_key; - - tmp = *current; - *current = *next; - *next = tmp; -} - - -ngx_int_t -ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys) -{ - ngx_uint_t i; - ngx_quic_ciphers_t ciphers; - ngx_quic_secrets_t *current, *next; - - current = &keys->secrets[ssl_encryption_application]; - next = &keys->next_key; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic key update"); - - if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application) - == NGX_ERROR) - { - return NGX_ERROR; - } - - next->client.secret.len = current->client.secret.len; - next->client.key.len = current->client.key.len; - next->client.iv.len = current->client.iv.len; - next->client.hp = current->client.hp; - - next->server.secret.len = current->server.secret.len; - next->server.key.len = current->server.key.len; - next->server.iv.len = current->server.iv.len; - next->server.hp = current->server.hp; - - struct { - ngx_str_t label; - ngx_str_t *key; - ngx_str_t *secret; - } seq[] = { - { - ngx_string("tls13 quic ku"), - &next->client.secret, - ¤t->client.secret, - }, - { - ngx_string("tls13 quic key"), - &next->client.key, - &next->client.secret, - }, - { - ngx_string("tls13 quic iv"), - &next->client.iv, - &next->client.secret, - }, - { - ngx_string("tls13 quic ku"), - &next->server.secret, - ¤t->server.secret, - }, - { - ngx_string("tls13 quic key"), - &next->server.key, - &next->server.secret, - }, - { - ngx_string("tls13 quic iv"), - &next->server.iv, - &next->server.secret, - }, - }; - - for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { - - if (ngx_quic_hkdf_expand(c->pool, ciphers.d, seq[i].key, &seq[i].label, - seq[i].secret->data, seq[i].secret->len) - != NGX_OK) - { - return NGX_ERROR; - } - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_create_packet(ngx_quic_header_t *pkt, ngx_str_t *res) -{ - u_char *pnp, *sample; - ngx_str_t ad, out; - ngx_uint_t i; - ngx_quic_secret_t *secret; - ngx_quic_ciphers_t ciphers; - u_char nonce[12], mask[16]; - - out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; - - ad.data = res->data; - ad.len = ngx_quic_create_header(pkt, ad.data, out.len, &pnp); - - out.data = res->data + ad.len; - -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic ad len:%uz %xV", ad.len, &ad); -#endif - - if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR) - { - return NGX_ERROR; - } - - secret = &pkt->keys->secrets[pkt->level].server; - - ngx_memcpy(nonce, secret->iv.data, secret->iv.len); - ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number); - - if (ngx_quic_tls_seal(ciphers.c, secret, &out, - nonce, &pkt->payload, &ad, pkt->log) - != NGX_OK) - { - return NGX_ERROR; - } - - sample = &out.data[4 - pkt->num_len]; - if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) - != NGX_OK) - { - return NGX_ERROR; - } - - /* quic-tls: 5.4.1. Header Protection Application */ - ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); - - for (i = 0; i < pkt->num_len; i++) { - pnp[i] ^= mask[i + 1]; - } - - res->len = ad.len + out.len; - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_create_retry_packet(ngx_quic_header_t *pkt, ngx_str_t *res) -{ - u_char *start; - ngx_str_t ad, itag; - ngx_quic_secret_t secret; - ngx_quic_ciphers_t ciphers; - - /* 5.8. Retry Packet Integrity */ - static u_char key[16] = -#if (NGX_QUIC_DRAFT_VERSION >= 29) - "\xcc\xce\x18\x7e\xd0\x9a\x09\xd0\x57\x28\x15\x5a\x6c\xb9\x6b\xe1"; -#else - "\x4d\x32\xec\xdb\x2a\x21\x33\xc8\x41\xe4\x04\x3d\xf2\x7d\x44\x30"; -#endif - static u_char nonce[12] = -#if (NGX_QUIC_DRAFT_VERSION >= 29) - "\xe5\x49\x30\xf9\x7f\x21\x36\xf0\x53\x0a\x8c\x1c"; -#else - "\x4d\x16\x11\xd0\x55\x13\xa5\x52\xc5\x87\xd5\x75"; -#endif - static ngx_str_t in = ngx_string(""); - - ad.data = res->data; - ad.len = ngx_quic_create_retry_itag(pkt, ad.data, &start); - - itag.data = ad.data + ad.len; - itag.len = EVP_GCM_TLS_TAG_LEN; - -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic retry itag len:%uz %xV", ad.len, &ad); -#endif - - if (ngx_quic_ciphers(0, &ciphers, pkt->level) == NGX_ERROR) { - return NGX_ERROR; - } - - secret.key.len = sizeof(key); - secret.key.data = key; - secret.iv.len = sizeof(nonce); - - if (ngx_quic_tls_seal(ciphers.c, &secret, &itag, nonce, &in, &ad, pkt->log) - != NGX_OK) - { - return NGX_ERROR; - } - - res->len = itag.data + itag.len - start; - res->data = start; - - return NGX_OK; -} - - -ngx_int_t -ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid, ngx_str_t *secret, - u_char *token) -{ - uint8_t *p; - size_t is_len, key_len, info_len; - ngx_str_t label; - const EVP_MD *digest; - uint8_t info[20]; - uint8_t is[SHA256_DIGEST_LENGTH]; - uint8_t key[SHA256_DIGEST_LENGTH]; - - /* 10.4.2. Calculating a Stateless Reset Token */ - - digest = EVP_sha256(); - ngx_str_set(&label, "sr_token_key"); - - if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len, - cid->data, cid->len) - != NGX_OK) - { - ngx_ssl_error(NGX_LOG_INFO, c->log, 0, - "ngx_hkdf_extract(%V) failed", &label); - return NGX_ERROR; - } - - key_len = SHA256_DIGEST_LENGTH; - - info_len = 2 + 1 + label.len + 1; - - info[0] = 0; - info[1] = key_len; - info[2] = label.len; - - p = ngx_cpymem(&info[3], label.data, label.len); - *p = '\0'; - - if (ngx_hkdf_expand(key, key_len, digest, is, is_len, info, info_len) - != NGX_OK) - { - ngx_ssl_error(NGX_LOG_INFO, c->log, 0, - "ngx_hkdf_expand(%V) failed", &label); - return NGX_ERROR; - } - - ngx_memcpy(token, key, NGX_QUIC_SR_TOKEN_LEN); - -#if (NGX_DEBUG) - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, - "quic stateless reset token %*xs", - (size_t) NGX_QUIC_SR_TOKEN_LEN, token); -#endif - - return NGX_OK; -} - - -static uint64_t -ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask, - uint64_t *largest_pn) -{ - u_char *p; - uint64_t truncated_pn, expected_pn, candidate_pn; - uint64_t pn_nbits, pn_win, pn_hwin, pn_mask; - - pn_nbits = ngx_min(len * 8, 62); - - p = *pos; - truncated_pn = *p++ ^ *mask++; - - while (--len) { - truncated_pn = (truncated_pn << 8) + (*p++ ^ *mask++); - } - - *pos = p; - - expected_pn = *largest_pn + 1; - pn_win = 1ULL << pn_nbits; - pn_hwin = pn_win / 2; - pn_mask = pn_win - 1; - - candidate_pn = (expected_pn & ~pn_mask) | truncated_pn; - - if ((int64_t) candidate_pn <= (int64_t) (expected_pn - pn_hwin) - && candidate_pn < (1ULL << 62) - pn_win) - { - candidate_pn += pn_win; - - } else if (candidate_pn > expected_pn + pn_hwin - && candidate_pn >= pn_win) - { - candidate_pn -= pn_win; - } - - *largest_pn = ngx_max((int64_t) *largest_pn, (int64_t) candidate_pn); - - return candidate_pn; -} - - -static void -ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn) -{ - nonce[len - 4] ^= (pn & 0xff000000) >> 24; - nonce[len - 3] ^= (pn & 0x00ff0000) >> 16; - nonce[len - 2] ^= (pn & 0x0000ff00) >> 8; - nonce[len - 1] ^= (pn & 0x000000ff); -} - - -ngx_int_t -ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res) -{ - if (ngx_quic_pkt_retry(pkt->flags)) { - return ngx_quic_create_retry_packet(pkt, res); - } - - return ngx_quic_create_packet(pkt, res); -} - - -ngx_int_t -ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn) -{ - u_char *p, *sample; - size_t len; - uint64_t pn, lpn; - ngx_int_t pnl, rc, key_phase; - ngx_str_t in, ad; - ngx_quic_secret_t *secret; - ngx_quic_ciphers_t ciphers; - uint8_t mask[16], nonce[12]; - - if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR) - { - return NGX_ERROR; - } - - secret = &pkt->keys->secrets[pkt->level].client; - - p = pkt->raw->pos; - len = pkt->data + pkt->len - p; - - /* draft-ietf-quic-tls-23#section-5.4.2: - * the Packet Number field is assumed to be 4 bytes long - * draft-ietf-quic-tls-23#section-5.4.[34]: - * AES-Based and ChaCha20-Based header protections sample 16 bytes - */ - - if (len < EVP_GCM_TLS_TAG_LEN + 4) { - return NGX_DECLINED; - } - - sample = p + 4; - - /* header protection */ - - if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) - != NGX_OK) - { - return NGX_DECLINED; - } - - pkt->flags ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); - - if (ngx_quic_short_pkt(pkt->flags)) { - key_phase = (pkt->flags & NGX_QUIC_PKT_KPHASE) != 0; - - if (key_phase != pkt->key_phase) { - secret = &pkt->keys->next_key.client; - pkt->key_update = 1; - } - } - - lpn = *largest_pn; - - pnl = (pkt->flags & 0x03) + 1; - pn = ngx_quic_parse_pn(&p, pnl, &mask[1], &lpn); - - pkt->pn = pn; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic packet rx clearflags:%xd", pkt->flags); - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic packet rx number:%uL len:%xi", pn, pnl); - - /* packet protection */ - - in.data = p; - in.len = len - pnl; - - ad.len = p - pkt->data; - ad.data = pkt->plaintext; - - ngx_memcpy(ad.data, pkt->data, ad.len); - ad.data[0] = pkt->flags; - - do { - ad.data[ad.len - pnl] = pn >> (8 * (pnl - 1)) % 256; - } while (--pnl); - - ngx_memcpy(nonce, secret->iv.data, secret->iv.len); - ngx_quic_compute_nonce(nonce, sizeof(nonce), pn); - -#ifdef NGX_QUIC_DEBUG_CRYPTO - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic ad len:%uz %xV", ad.len, &ad); -#endif - - pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN; - pkt->payload.data = pkt->plaintext + ad.len; - - rc = ngx_quic_tls_open(ciphers.c, secret, &pkt->payload, - nonce, &in, &ad, pkt->log); - if (rc != NGX_OK) { - return NGX_DECLINED; - } - - if (pkt->payload.len == 0) { - /* - * An endpoint MUST treat receipt of a packet containing no - * frames as a connection error of type PROTOCOL_VIOLATION. - */ - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic zero-length packet"); - pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; - return NGX_ERROR; - } - - if (pkt->flags & ngx_quic_pkt_rb_mask(pkt->flags)) { - /* - * An endpoint MUST treat receipt of a packet that has - * a non-zero value for these bits, after removing both - * packet and header protection, as a connection error - * of type PROTOCOL_VIOLATION. - */ - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic reserved bit set in packet"); - pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; - return NGX_ERROR; - } - -#if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS) - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic packet payload len:%uz %xV", - pkt->payload.len, &pkt->payload); -#endif - - *largest_pn = lpn; - - return NGX_OK; -} -
--- a/src/event/ngx_event_quic_protection.h Tue Dec 22 16:41:56 2020 +0300 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,38 +0,0 @@ - -/* - * Copyright (C) Nginx, Inc. - */ - - -#ifndef _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_ -#define _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_ - - -#include <ngx_config.h> -#include <ngx_core.h> - - -#define NGX_QUIC_ENCRYPTION_LAST ((ssl_encryption_application) + 1) - - -ngx_quic_keys_t *ngx_quic_keys_new(ngx_pool_t *pool); -ngx_int_t ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, - ngx_quic_keys_t *keys, ngx_str_t *secret); -int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, - ngx_quic_keys_t *keys, enum ssl_encryption_level_t level, - const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len); -ngx_uint_t ngx_quic_keys_available(ngx_quic_keys_t *keys, - enum ssl_encryption_level_t level); -void ngx_quic_keys_discard(ngx_quic_keys_t *keys, - enum ssl_encryption_level_t level); -void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys); -ngx_int_t ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys); - -ngx_int_t ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid, - ngx_str_t *key, u_char *token); - -ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res); -ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn); - - -#endif /* _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_ */
--- a/src/event/ngx_event_quic_transport.c Tue Dec 22 16:41:56 2020 +0300 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1983 +0,0 @@ - -/* - * Copyright (C) Nginx, Inc. - */ - - -#include <ngx_config.h> -#include <ngx_core.h> -#include <ngx_event.h> -#include <ngx_event_quic_transport.h> - - -#define NGX_QUIC_LONG_DCID_LEN_OFFSET 5 -#define NGX_QUIC_LONG_DCID_OFFSET 6 -#define NGX_QUIC_SHORT_DCID_OFFSET 1 - - -#if (NGX_HAVE_NONALIGNED) - -#define ngx_quic_parse_uint16(p) ntohs(*(uint16_t *) (p)) -#define ngx_quic_parse_uint32(p) ntohl(*(uint32_t *) (p)) - -#define ngx_quic_write_uint16 ngx_quic_write_uint16_aligned -#define ngx_quic_write_uint32 ngx_quic_write_uint32_aligned - -#else - -#define ngx_quic_parse_uint16(p) ((p)[0] << 8 | (p)[1]) -#define ngx_quic_parse_uint32(p) \ - ((uint32_t) (p)[0] << 24 | (p)[1] << 16 | (p)[2] << 8 | (p)[3]) - -#define ngx_quic_write_uint16(p, s) \ - ((p)[0] = (u_char) ((s) >> 8), \ - (p)[1] = (u_char) (s), \ - (p) + sizeof(uint16_t)) - -#define ngx_quic_write_uint32(p, s) \ - ((p)[0] = (u_char) ((s) >> 24), \ - (p)[1] = (u_char) ((s) >> 16), \ - (p)[2] = (u_char) ((s) >> 8), \ - (p)[3] = (u_char) (s), \ - (p) + sizeof(uint32_t)) - -#endif - -#define ngx_quic_write_uint24(p, s) \ - ((p)[0] = (u_char) ((s) >> 16), \ - (p)[1] = (u_char) ((s) >> 8), \ - (p)[2] = (u_char) (s), \ - (p) + 3) - -#define ngx_quic_write_uint16_aligned(p, s) \ - (*(uint16_t *) (p) = htons((uint16_t) (s)), (p) + sizeof(uint16_t)) - -#define ngx_quic_write_uint32_aligned(p, s) \ - (*(uint32_t *) (p) = htonl((uint32_t) (s)), (p) + sizeof(uint32_t)) - -#define NGX_QUIC_VERSION(c) (0xff000000 + (c)) - - -static u_char *ngx_quic_parse_int(u_char *pos, u_char *end, uint64_t *out); -static ngx_uint_t ngx_quic_varint_len(uint64_t value); -static void ngx_quic_build_int(u_char **pos, uint64_t value); - -static u_char *ngx_quic_read_uint8(u_char *pos, u_char *end, uint8_t *value); -static u_char *ngx_quic_read_uint32(u_char *pos, u_char *end, uint32_t *value); -static u_char *ngx_quic_read_bytes(u_char *pos, u_char *end, size_t len, - u_char **out); -static u_char *ngx_quic_copy_bytes(u_char *pos, u_char *end, size_t len, - u_char *dst); - -static ngx_int_t ngx_quic_parse_short_header(ngx_quic_header_t *pkt, - size_t dcid_len); -static ngx_int_t ngx_quic_parse_long_header(ngx_quic_header_t *pkt); -static ngx_int_t ngx_quic_supported_version(uint32_t version); -static ngx_int_t ngx_quic_parse_long_header_v1(ngx_quic_header_t *pkt); - -static size_t ngx_quic_create_long_header(ngx_quic_header_t *pkt, u_char *out, - size_t pkt_len, u_char **pnp); -static size_t ngx_quic_create_short_header(ngx_quic_header_t *pkt, u_char *out, - size_t pkt_len, u_char **pnp); - -static ngx_int_t ngx_quic_frame_allowed(ngx_quic_header_t *pkt, - ngx_uint_t frame_type); -static size_t ngx_quic_create_ack(u_char *p, ngx_quic_ack_frame_t *ack, - ngx_chain_t *ranges); -static size_t ngx_quic_create_stop_sending(u_char *p, - ngx_quic_stop_sending_frame_t *ss); -static size_t ngx_quic_create_crypto(u_char *p, - ngx_quic_crypto_frame_t *crypto, ngx_chain_t *data); -static size_t ngx_quic_create_hs_done(u_char *p); -static size_t ngx_quic_create_new_token(u_char *p, - ngx_quic_new_token_frame_t *token); -static size_t ngx_quic_create_stream(u_char *p, ngx_quic_stream_frame_t *sf, - ngx_chain_t *data); -static size_t ngx_quic_create_max_streams(u_char *p, - ngx_quic_max_streams_frame_t *ms); -static size_t ngx_quic_create_max_stream_data(u_char *p, - ngx_quic_max_stream_data_frame_t *ms); -static size_t ngx_quic_create_max_data(u_char *p, - ngx_quic_max_data_frame_t *md); -static size_t ngx_quic_create_path_response(u_char *p, - ngx_quic_path_challenge_frame_t *pc); -static size_t ngx_quic_create_new_connection_id(u_char *p, - ngx_quic_new_conn_id_frame_t *rcid); -static size_t ngx_quic_create_retire_connection_id(u_char *p, - ngx_quic_retire_cid_frame_t *rcid); -static size_t ngx_quic_create_close(u_char *p, ngx_quic_close_frame_t *cl); - -static ngx_int_t ngx_quic_parse_transport_param(u_char *p, u_char *end, - uint16_t id, ngx_quic_tp_t *dst); - - -uint32_t ngx_quic_versions[] = { -#if (NGX_QUIC_DRAFT_VERSION >= 29) - /* pretend we support all versions in range draft-29..v1 */ - NGX_QUIC_VERSION(29), - NGX_QUIC_VERSION(30), - NGX_QUIC_VERSION(31), - NGX_QUIC_VERSION(32), - /* QUICv1 */ - 0x00000001 -#else - NGX_QUIC_VERSION(NGX_QUIC_DRAFT_VERSION) -#endif -}; - -#define NGX_QUIC_NVERSIONS \ - (sizeof(ngx_quic_versions) / sizeof(ngx_quic_versions[0])) - - -/* literal errors indexed by corresponding value */ -static char *ngx_quic_errors[] = { - "NO_ERROR", - "INTERNAL_ERROR", - "CONNECTION_REFUSED", - "FLOW_CONTROL_ERROR", - "STREAM_LIMIT_ERROR", - "STREAM_STATE_ERROR", - "FINAL_SIZE_ERROR", - "FRAME_ENCODING_ERROR", - "TRANSPORT_PARAMETER_ERROR", - "CONNECTION_ID_LIMIT_ERROR", - "PROTOCOL_VIOLATION", - "INVALID_TOKEN", - "APPLICATION_ERROR", - "CRYPTO_BUFFER_EXCEEDED", - "KEY_UPDATE_ERROR", -}; - - -static ngx_inline u_char * -ngx_quic_parse_int(u_char *pos, u_char *end, uint64_t *out) -{ - u_char *p; - uint64_t value; - ngx_uint_t len; - - if (pos >= end) { - return NULL; - } - - p = pos; - len = 1 << (*p >> 6); - - value = *p++ & 0x3f; - - if ((size_t)(end - p) < (len - 1)) { - return NULL; - } - - while (--len) { - value = (value << 8) + *p++; - } - - *out = value; - - return p; -} - - -static ngx_inline u_char * -ngx_quic_read_uint8(u_char *pos, u_char *end, uint8_t *value) -{ - if ((size_t)(end - pos) < 1) { - return NULL; - } - - *value = *pos; - - return pos + 1; -} - - -static ngx_inline u_char * -ngx_quic_read_uint32(u_char *pos, u_char *end, uint32_t *value) -{ - if ((size_t)(end - pos) < sizeof(uint32_t)) { - return NULL; - } - - *value = ngx_quic_parse_uint32(pos); - - return pos + sizeof(uint32_t); -} - - -static ngx_inline u_char * -ngx_quic_read_bytes(u_char *pos, u_char *end, size_t len, u_char **out) -{ - if ((size_t)(end - pos) < len) { - return NULL; - } - - *out = pos; - - return pos + len; -} - - -static u_char * -ngx_quic_copy_bytes(u_char *pos, u_char *end, size_t len, u_char *dst) -{ - if ((size_t)(end - pos) < len) { - return NULL; - } - - ngx_memcpy(dst, pos, len); - - return pos + len; -} - - -static ngx_uint_t -ngx_quic_varint_len(uint64_t value) -{ - ngx_uint_t bits; - - bits = 0; - while (value >> ((8 << bits) - 2)) { - bits++; - } - - return 1 << bits; -} - - -static void -ngx_quic_build_int(u_char **pos, uint64_t value) -{ - u_char *p; - ngx_uint_t bits, len; - - p = *pos; - bits = 0; - - while (value >> ((8 << bits) - 2)) { - bits++; - } - - len = (1 << bits); - - while (len--) { - *p++ = value >> (len * 8); - } - - **pos |= bits << 6; - *pos = p; -} - - -u_char * -ngx_quic_error_text(uint64_t error_code) -{ - if (error_code >= NGX_QUIC_ERR_CRYPTO_ERROR) { - return (u_char *) "handshake error"; - } - - if (error_code >= NGX_QUIC_ERR_LAST) { - return (u_char *) "unknown error"; - } - - return (u_char *) ngx_quic_errors[error_code]; -} - - -ngx_int_t -ngx_quic_parse_packet(ngx_quic_header_t *pkt) -{ - if (!ngx_quic_long_pkt(pkt->flags)) { - pkt->level = ssl_encryption_application; - - if (ngx_quic_parse_short_header(pkt, NGX_QUIC_SERVER_CID_LEN) != NGX_OK) - { - return NGX_DECLINED; - } - - return NGX_OK; - } - - if (ngx_quic_parse_long_header(pkt) != NGX_OK) { - return NGX_DECLINED; - } - - if (!ngx_quic_supported_version(pkt->version)) { - return NGX_ABORT; - } - - if (ngx_quic_parse_long_header_v1(pkt) != NGX_OK) { - return NGX_DECLINED; - } - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_parse_short_header(ngx_quic_header_t *pkt, size_t dcid_len) -{ - u_char *p, *end; - - p = pkt->raw->pos; - end = pkt->data + pkt->len; - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic packet rx short flags:%xd", pkt->flags); - - if (!(pkt->flags & NGX_QUIC_PKT_FIXED_BIT)) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic fixed bit is not set"); - return NGX_ERROR; - } - - pkt->dcid.len = dcid_len; - - p = ngx_quic_read_bytes(p, end, dcid_len, &pkt->dcid.data); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet is too small to read dcid"); - return NGX_ERROR; - } - - pkt->raw->pos = p; - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_parse_long_header(ngx_quic_header_t *pkt) -{ - u_char *p, *end; - uint8_t idlen; - - p = pkt->raw->pos; - end = pkt->data + pkt->len; - - p = ngx_quic_read_uint32(p, end, &pkt->version); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet is too small to read version"); - return NGX_ERROR; - } - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic packet rx long flags:%xd version:%xD", - pkt->flags, pkt->version); - - if (!(pkt->flags & NGX_QUIC_PKT_FIXED_BIT)) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic fixed bit is not set"); - return NGX_ERROR; - } - - p = ngx_quic_read_uint8(p, end, &idlen); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet is too small to read dcid len"); - return NGX_ERROR; - } - - if (idlen > NGX_QUIC_CID_LEN_MAX) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet dcid is too long"); - return NGX_ERROR; - } - - pkt->dcid.len = idlen; - - p = ngx_quic_read_bytes(p, end, idlen, &pkt->dcid.data); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet is too small to read dcid"); - return NGX_ERROR; - } - - p = ngx_quic_read_uint8(p, end, &idlen); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet is too small to read scid len"); - return NGX_ERROR; - } - - if (idlen > NGX_QUIC_CID_LEN_MAX) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet scid is too long"); - return NGX_ERROR; - } - - pkt->scid.len = idlen; - - p = ngx_quic_read_bytes(p, end, idlen, &pkt->scid.data); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet is too small to read scid"); - return NGX_ERROR; - } - - pkt->raw->pos = p; - - return NGX_OK; -} - - -static ngx_int_t -ngx_quic_supported_version(uint32_t version) -{ - ngx_uint_t i; - - for (i = 0; i < NGX_QUIC_NVERSIONS; i++) { - if (ngx_quic_versions[i] == version) { - return 1; - } - } - - return 0; -} - - -static ngx_int_t -ngx_quic_parse_long_header_v1(ngx_quic_header_t *pkt) -{ - u_char *p, *end; - uint64_t varint; - - p = pkt->raw->pos; - end = pkt->raw->last; - - pkt->log->action = "parsing quic long header"; - - if (ngx_quic_pkt_in(pkt->flags)) { - - if (pkt->len < NGX_QUIC_MIN_INITIAL_SIZE) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic UDP datagram is too small for initial packet"); - return NGX_DECLINED; - } - - p = ngx_quic_parse_int(p, end, &varint); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic failed to parse token length"); - return NGX_ERROR; - } - - pkt->token.len = varint; - - p = ngx_quic_read_bytes(p, end, pkt->token.len, &pkt->token.data); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic packet too small to read token data"); - return NGX_ERROR; - } - - pkt->level = ssl_encryption_initial; - - } else if (ngx_quic_pkt_zrtt(pkt->flags)) { - pkt->level = ssl_encryption_early_data; - - } else if (ngx_quic_pkt_hs(pkt->flags)) { - pkt->level = ssl_encryption_handshake; - - } else { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic bad packet type"); - return NGX_DECLINED; - } - - p = ngx_quic_parse_int(p, end, &varint); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic bad packet length"); - return NGX_ERROR; - } - - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic packet rx %s len:%uL", - ngx_quic_level_name(pkt->level), varint); - - if (varint > (uint64_t) ((pkt->data + pkt->len) - p)) { - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic truncated %s packet", - ngx_quic_level_name(pkt->level)); - return NGX_ERROR; - } - - pkt->raw->pos = p; - pkt->len = p + varint - pkt->data; - - return NGX_OK; -} - - -ngx_int_t -ngx_quic_get_packet_dcid(ngx_log_t *log, u_char *data, size_t n, - ngx_str_t *dcid) -{ - size_t len, offset; - - if (n == 0) { - goto failed; - } - - if (ngx_quic_long_pkt(*data)) { - if (n < NGX_QUIC_LONG_DCID_LEN_OFFSET + 1) { - goto failed; - } - - len = data[NGX_QUIC_LONG_DCID_LEN_OFFSET]; - offset = NGX_QUIC_LONG_DCID_OFFSET; - - } else { - len = NGX_QUIC_SERVER_CID_LEN; - offset = NGX_QUIC_SHORT_DCID_OFFSET; - } - - if (n < len + offset) { - goto failed; - } - - dcid->len = len; - dcid->data = &data[offset]; - - return NGX_OK; - -failed: - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0, "quic malformed packet"); - - return NGX_ERROR; -} - - -size_t -ngx_quic_create_version_negotiation(ngx_quic_header_t *pkt, u_char *out) -{ - u_char *p, *start; - ngx_uint_t i; - - p = start = out; - - *p++ = pkt->flags; - - /* - * The Version field of a Version Negotiation packet - * MUST be set to 0x00000000 - */ - p = ngx_quic_write_uint32(p, 0); - - *p++ = pkt->dcid.len; - p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); - - *p++ = pkt->scid.len; - p = ngx_cpymem(p, pkt->scid.data, pkt->scid.len); - - for (i = 0; i < NGX_QUIC_NVERSIONS; i++) { - p = ngx_quic_write_uint32(p, ngx_quic_versions[i]); - } - - return p - start; -} - - -size_t -ngx_quic_create_header(ngx_quic_header_t *pkt, u_char *out, size_t pkt_len, - u_char **pnp) -{ - return ngx_quic_short_pkt(pkt->flags) - ? ngx_quic_create_short_header(pkt, out, pkt_len, pnp) - : ngx_quic_create_long_header(pkt, out, pkt_len, pnp); -} - - -static size_t -ngx_quic_create_long_header(ngx_quic_header_t *pkt, u_char *out, - size_t pkt_len, u_char **pnp) -{ - u_char *p, *start; - - if (out == NULL) { - return 5 + 2 + pkt->dcid.len + pkt->scid.len - + ngx_quic_varint_len(pkt_len + pkt->num_len) + pkt->num_len - + (pkt->level == ssl_encryption_initial ? 1 : 0); - } - - p = start = out; - - *p++ = pkt->flags; - - p = ngx_quic_write_uint32(p, pkt->version); - - *p++ = pkt->dcid.len; - p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); - - *p++ = pkt->scid.len; - p = ngx_cpymem(p, pkt->scid.data, pkt->scid.len); - - if (pkt->level == ssl_encryption_initial) { - ngx_quic_build_int(&p, 0); - } - - ngx_quic_build_int(&p, pkt_len + pkt->num_len); - - *pnp = p; - - switch (pkt->num_len) { - case 1: - *p++ = pkt->trunc; - break; - case 2: - p = ngx_quic_write_uint16(p, pkt->trunc); - break; - case 3: - p = ngx_quic_write_uint24(p, pkt->trunc); - break; - case 4: - p = ngx_quic_write_uint32(p, pkt->trunc); - break; - } - - return p - start; -} - - -static size_t -ngx_quic_create_short_header(ngx_quic_header_t *pkt, u_char *out, - size_t pkt_len, u_char **pnp) -{ - u_char *p, *start; - - if (out == NULL) { - return 1 + pkt->dcid.len + pkt->num_len; - } - - p = start = out; - - *p++ = pkt->flags; - - p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); - - *pnp = p; - - switch (pkt->num_len) { - case 1: - *p++ = pkt->trunc; - break; - case 2: - p = ngx_quic_write_uint16(p, pkt->trunc); - break; - case 3: - p = ngx_quic_write_uint24(p, pkt->trunc); - break; - case 4: - p = ngx_quic_write_uint32(p, pkt->trunc); - break; - } - - return p - start; -} - - -size_t -ngx_quic_create_retry_itag(ngx_quic_header_t *pkt, u_char *out, - u_char **start) -{ - u_char *p; - - p = out; - - *p++ = pkt->odcid.len; - p = ngx_cpymem(p, pkt->odcid.data, pkt->odcid.len); - - *start = p; - - *p++ = 0xff; - - p = ngx_quic_write_uint32(p, pkt->version); - - *p++ = pkt->dcid.len; - p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); - - *p++ = pkt->scid.len; - p = ngx_cpymem(p, pkt->scid.data, pkt->scid.len); - - p = ngx_cpymem(p, pkt->token.data, pkt->token.len); - - return p - out; -} - - -#define ngx_quic_stream_bit_off(val) (((val) & 0x04) ? 1 : 0) -#define ngx_quic_stream_bit_len(val) (((val) & 0x02) ? 1 : 0) -#define ngx_quic_stream_bit_fin(val) (((val) & 0x01) ? 1 : 0) - -ssize_t -ngx_quic_parse_frame(ngx_quic_header_t *pkt, u_char *start, u_char *end, - ngx_quic_frame_t *f) -{ - u_char *p; - uint64_t varint; - ngx_buf_t *b; - ngx_uint_t i; - - b = f->data->buf; - - p = start; - - p = ngx_quic_parse_int(p, end, &varint); - if (p == NULL) { - pkt->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic failed to obtain quic frame type"); - return NGX_ERROR; - } - - f->type = varint; - - if (ngx_quic_frame_allowed(pkt, f->type) != NGX_OK) { - pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; - return NGX_ERROR; - } - - switch (f->type) { - - case NGX_QUIC_FT_CRYPTO: - - p = ngx_quic_parse_int(p, end, &f->u.crypto.offset); - if (p == NULL) { - goto error; - } - - p = ngx_quic_parse_int(p, end, &f->u.crypto.length); - if (p == NULL) { - goto error; - } - - p = ngx_quic_read_bytes(p, end, f->u.crypto.length, &b->pos); - if (p == NULL) { - goto error; - } - - b->last = p; - - break; - - case NGX_QUIC_FT_PADDING: - - while (p < end && *p == NGX_QUIC_FT_PADDING) { - p++; - } - - break; - - case NGX_QUIC_FT_ACK: - case NGX_QUIC_FT_ACK_ECN: - - if (!((p = ngx_quic_parse_int(p, end, &f->u.ack.largest)) - && (p = ngx_quic_parse_int(p, end, &f->u.ack.delay)) - && (p = ngx_quic_parse_int(p, end, &f->u.ack.range_count)) - && (p = ngx_quic_parse_int(p, end, &f->u.ack.first_range)))) - { - goto error; - } - - b->pos = p; - - /* process all ranges to get bounds, values are ignored */ - for (i = 0; i < f->u.ack.range_count; i++) { - - p = ngx_quic_parse_int(p, end, &varint); - if (p) { - p = ngx_quic_parse_int(p, end, &varint); - } - - if (p == NULL) { - goto error; - } - } - - b->last = p; - - f->u.ack.ranges_length = b->last - b->pos; - - if (f->type == NGX_QUIC_FT_ACK_ECN) { - - if (!((p = ngx_quic_parse_int(p, end, &f->u.ack.ect0)) - && (p = ngx_quic_parse_int(p, end, &f->u.ack.ect1)) - && (p = ngx_quic_parse_int(p, end, &f->u.ack.ce)))) - { - goto error; - } - - ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pkt->log, 0, - "quic ACK ECN counters ect0:%uL ect1:%uL ce:%uL", - f->u.ack.ect0, f->u.ack.ect1, f->u.ack.ce); - } - - break; - - case NGX_QUIC_FT_PING: - break; - - case NGX_QUIC_FT_NEW_CONNECTION_ID: - - p = ngx_quic_parse_int(p, end, &f->u.ncid.seqnum); - if (p == NULL) { - goto error; - } - - p = ngx_quic_parse_int(p, end, &f->u.ncid.retire); - if (p == NULL) { - goto error; - } - - if (f->u.ncid.retire > f->u.ncid.seqnum) { - goto error; - } - - p = ngx_quic_read_uint8(p, end, &f->u.ncid.len); - if (p == NULL) { - goto error; - } - - if (f->u.ncid.len < 1 || f->u.ncid.len > NGX_QUIC_CID_LEN_MAX) { - goto error; - } - - p = ngx_quic_copy_bytes(p, end, f->u.ncid.len, f->u.ncid.cid); - if (p == NULL) { - goto error; - } - - p = ngx_quic_copy_bytes(p, end, NGX_QUIC_SR_TOKEN_LEN, f->u.ncid.srt); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_RETIRE_CONNECTION_ID: - - p = ngx_quic_parse_int(p, end, &f->u.retire_cid.sequence_number); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_CONNECTION_CLOSE: - case NGX_QUIC_FT_CONNECTION_CLOSE_APP: - - p = ngx_quic_parse_int(p, end, &f->u.close.error_code); - if (p == NULL) { - goto error; - } - - if (f->type == NGX_QUIC_FT_CONNECTION_CLOSE) { - p = ngx_quic_parse_int(p, end, &f->u.close.frame_type); - if (p == NULL) { - goto error; - } - } - - p = ngx_quic_parse_int(p, end, &varint); - if (p == NULL) { - goto error; - } - - f->u.close.reason.len = varint; - - p = ngx_quic_read_bytes(p, end, f->u.close.reason.len, - &f->u.close.reason.data); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_STREAM0: - case NGX_QUIC_FT_STREAM1: - case NGX_QUIC_FT_STREAM2: - case NGX_QUIC_FT_STREAM3: - case NGX_QUIC_FT_STREAM4: - case NGX_QUIC_FT_STREAM5: - case NGX_QUIC_FT_STREAM6: - case NGX_QUIC_FT_STREAM7: - - f->u.stream.type = f->type; - - f->u.stream.off = ngx_quic_stream_bit_off(f->type); - f->u.stream.len = ngx_quic_stream_bit_len(f->type); - f->u.stream.fin = ngx_quic_stream_bit_fin(f->type); - - p = ngx_quic_parse_int(p, end, &f->u.stream.stream_id); - if (p == NULL) { - goto error; - } - - if (f->type & 0x04) { - p = ngx_quic_parse_int(p, end, &f->u.stream.offset); - if (p == NULL) { - goto error; - } - - } else { - f->u.stream.offset = 0; - } - - if (f->type & 0x02) { - p = ngx_quic_parse_int(p, end, &f->u.stream.length); - if (p == NULL) { - goto error; - } - - } else { - f->u.stream.length = end - p; /* up to packet end */ - } - - p = ngx_quic_read_bytes(p, end, f->u.stream.length, &b->pos); - if (p == NULL) { - goto error; - } - - b->last = p; - break; - - case NGX_QUIC_FT_MAX_DATA: - - p = ngx_quic_parse_int(p, end, &f->u.max_data.max_data); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_RESET_STREAM: - - if (!((p = ngx_quic_parse_int(p, end, &f->u.reset_stream.id)) - && (p = ngx_quic_parse_int(p, end, &f->u.reset_stream.error_code)) - && (p = ngx_quic_parse_int(p, end, - &f->u.reset_stream.final_size)))) - { - goto error; - } - - break; - - case NGX_QUIC_FT_STOP_SENDING: - - p = ngx_quic_parse_int(p, end, &f->u.stop_sending.id); - if (p == NULL) { - goto error; - } - - p = ngx_quic_parse_int(p, end, &f->u.stop_sending.error_code); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_STREAMS_BLOCKED: - case NGX_QUIC_FT_STREAMS_BLOCKED2: - - p = ngx_quic_parse_int(p, end, &f->u.streams_blocked.limit); - if (p == NULL) { - goto error; - } - - f->u.streams_blocked.bidi = - (f->type == NGX_QUIC_FT_STREAMS_BLOCKED) ? 1 : 0; - break; - - case NGX_QUIC_FT_MAX_STREAMS: - case NGX_QUIC_FT_MAX_STREAMS2: - - p = ngx_quic_parse_int(p, end, &f->u.max_streams.limit); - if (p == NULL) { - goto error; - } - - f->u.max_streams.bidi = (f->type == NGX_QUIC_FT_MAX_STREAMS) ? 1 : 0; - - break; - - case NGX_QUIC_FT_MAX_STREAM_DATA: - - p = ngx_quic_parse_int(p, end, &f->u.max_stream_data.id); - if (p == NULL) { - goto error; - } - - p = ngx_quic_parse_int(p, end, &f->u.max_stream_data.limit); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_DATA_BLOCKED: - - p = ngx_quic_parse_int(p, end, &f->u.data_blocked.limit); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_STREAM_DATA_BLOCKED: - - p = ngx_quic_parse_int(p, end, &f->u.stream_data_blocked.id); - if (p == NULL) { - goto error; - } - - p = ngx_quic_parse_int(p, end, &f->u.stream_data_blocked.limit); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_PATH_CHALLENGE: - - p = ngx_quic_copy_bytes(p, end, 8, f->u.path_challenge.data); - if (p == NULL) { - goto error; - } - - break; - - case NGX_QUIC_FT_PATH_RESPONSE: - - p = ngx_quic_copy_bytes(p, end, 8, f->u.path_response.data); - if (p == NULL) { - goto error; - } - - break; - - default: - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic unknown frame type 0x%xi", f->type); - return NGX_ERROR; - } - - f->level = pkt->level; - - return p - start; - -error: - - pkt->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; - - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic failed to parse frame type:0x%xi", f->type); - - return NGX_ERROR; -} - - -static ngx_int_t -ngx_quic_frame_allowed(ngx_quic_header_t *pkt, ngx_uint_t frame_type) -{ - uint8_t ptype; - - /* frame permissions per packet: 4 bits: IH01: 12.4, Table 3 */ - static uint8_t ngx_quic_frame_masks[] = { - /* PADDING */ 0xF, - /* PING */ 0xF, - /* ACK */ 0xD, - /* ACK_ECN */ 0xD, - /* RESET_STREAM */ 0x3, - /* STOP_SENDING */ 0x3, - /* CRYPTO */ 0xD, - /* NEW_TOKEN */ 0x0, /* only sent by server */ - /* STREAM0 */ 0x3, - /* STREAM1 */ 0x3, - /* STREAM2 */ 0x3, - /* STREAM3 */ 0x3, - /* STREAM4 */ 0x3, - /* STREAM5 */ 0x3, - /* STREAM6 */ 0x3, - /* STREAM7 */ 0x3, - /* MAX_DATA */ 0x3, - /* MAX_STREAM_DATA */ 0x3, - /* MAX_STREAMS */ 0x3, - /* MAX_STREAMS2 */ 0x3, - /* DATA_BLOCKED */ 0x3, - /* STREAM_DATA_BLOCKED */ 0x3, - /* STREAMS_BLOCKED */ 0x3, - /* STREAMS_BLOCKED2 */ 0x3, - /* NEW_CONNECTION_ID */ 0x3, - /* RETIRE_CONNECTION_ID */ 0x3, - /* PATH_CHALLENGE */ 0x3, - /* PATH_RESPONSE */ 0x3, -#if (NGX_QUIC_DRAFT_VERSION >= 28) - /* CONNECTION_CLOSE */ 0xF, - /* CONNECTION_CLOSE2 */ 0x3, -#else - /* CONNECTION_CLOSE */ 0xD, - /* CONNECTION_CLOSE2 */ 0x1, -#endif - /* HANDSHAKE_DONE */ 0x0, /* only sent by server */ - }; - - if (ngx_quic_long_pkt(pkt->flags)) { - - if (ngx_quic_pkt_in(pkt->flags)) { - ptype = 8; /* initial */ - - } else if (ngx_quic_pkt_hs(pkt->flags)) { - ptype = 4; /* handshake */ - - } else { - ptype = 2; /* zero-rtt */ - } - - } else { - ptype = 1; /* application data */ - } - - if (ptype & ngx_quic_frame_masks[frame_type]) { - return NGX_OK; - } - - ngx_log_error(NGX_LOG_INFO, pkt->log, 0, - "quic frame type 0x%xi is not " - "allowed in packet with flags 0x%xd", - frame_type, pkt->flags); - - return NGX_DECLINED; -} - - -ssize_t -ngx_quic_parse_ack_range(ngx_log_t *log, u_char *start, u_char *end, - uint64_t *gap, uint64_t *range) -{ - u_char *p; - - p = start; - - p = ngx_quic_parse_int(p, end, gap); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, log, 0, - "quic failed to parse ack frame gap"); - return NGX_ERROR; - } - - p = ngx_quic_parse_int(p, end, range); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, log, 0, - "quic failed to parse ack frame range"); - return NGX_ERROR; - } - - return p - start; -} - - -size_t -ngx_quic_create_ack_range(u_char *p, uint64_t gap, uint64_t range) -{ - size_t len; - u_char *start; - - if (p == NULL) { - len = ngx_quic_varint_len(gap); - len += ngx_quic_varint_len(range); - return len; - } - - start = p; - - ngx_quic_build_int(&p, gap); - ngx_quic_build_int(&p, range); - - return p - start; -} - - -ssize_t -ngx_quic_create_frame(u_char *p, ngx_quic_frame_t *f) -{ - /* - * QUIC-recovery, section 2: - * - * Ack-eliciting Frames: All frames other than ACK, PADDING, and - * CONNECTION_CLOSE are considered ack-eliciting. - */ - f->need_ack = 1; - - switch (f->type) { - case NGX_QUIC_FT_ACK: - f->need_ack = 0; - return ngx_quic_create_ack(p, &f->u.ack, f->data); - - case NGX_QUIC_FT_STOP_SENDING: - return ngx_quic_create_stop_sending(p, &f->u.stop_sending); - - case NGX_QUIC_FT_CRYPTO: - return ngx_quic_create_crypto(p, &f->u.crypto, f->data); - - case NGX_QUIC_FT_HANDSHAKE_DONE: - return ngx_quic_create_hs_done(p); - - case NGX_QUIC_FT_NEW_TOKEN: - return ngx_quic_create_new_token(p, &f->u.token); - - case NGX_QUIC_FT_STREAM0: - case NGX_QUIC_FT_STREAM1: - case NGX_QUIC_FT_STREAM2: - case NGX_QUIC_FT_STREAM3: - case NGX_QUIC_FT_STREAM4: - case NGX_QUIC_FT_STREAM5: - case NGX_QUIC_FT_STREAM6: - case NGX_QUIC_FT_STREAM7: - return ngx_quic_create_stream(p, &f->u.stream, f->data); - - case NGX_QUIC_FT_CONNECTION_CLOSE: - case NGX_QUIC_FT_CONNECTION_CLOSE_APP: - f->need_ack = 0; - return ngx_quic_create_close(p, &f->u.close); - - case NGX_QUIC_FT_MAX_STREAMS: - return ngx_quic_create_max_streams(p, &f->u.max_streams); - - case NGX_QUIC_FT_MAX_STREAM_DATA: - return ngx_quic_create_max_stream_data(p, &f->u.max_stream_data); - - case NGX_QUIC_FT_MAX_DATA: - return ngx_quic_create_max_data(p, &f->u.max_data); - - case NGX_QUIC_FT_PATH_RESPONSE: - return ngx_quic_create_path_response(p, &f->u.path_response); - - case NGX_QUIC_FT_NEW_CONNECTION_ID: - return ngx_quic_create_new_connection_id(p, &f->u.ncid); - - case NGX_QUIC_FT_RETIRE_CONNECTION_ID: - return ngx_quic_create_retire_connection_id(p, &f->u.retire_cid); - - default: - /* BUG: unsupported frame type generated */ - return NGX_ERROR; - } -} - - -static size_t -ngx_quic_create_ack(u_char *p, ngx_quic_ack_frame_t *ack, ngx_chain_t *ranges) -{ - size_t len; - u_char *start; - ngx_buf_t *b; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_ACK); - len += ngx_quic_varint_len(ack->largest); - len += ngx_quic_varint_len(ack->delay); - len += ngx_quic_varint_len(ack->range_count); - len += ngx_quic_varint_len(ack->first_range); - len += ack->ranges_length; - - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_ACK); - ngx_quic_build_int(&p, ack->largest); - ngx_quic_build_int(&p, ack->delay); - ngx_quic_build_int(&p, ack->range_count); - ngx_quic_build_int(&p, ack->first_range); - - while (ranges) { - b = ranges->buf; - p = ngx_cpymem(p, b->pos, b->last - b->pos); - ranges = ranges->next; - } - - return p - start; -} - - -static size_t -ngx_quic_create_stop_sending(u_char *p, ngx_quic_stop_sending_frame_t *ss) -{ - size_t len; - u_char *start; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_STOP_SENDING); - len += ngx_quic_varint_len(ss->id); - len += ngx_quic_varint_len(ss->error_code); - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_STOP_SENDING); - ngx_quic_build_int(&p, ss->id); - ngx_quic_build_int(&p, ss->error_code); - - return p - start; -} - - -static size_t -ngx_quic_create_crypto(u_char *p, ngx_quic_crypto_frame_t *crypto, - ngx_chain_t *data) -{ - size_t len; - u_char *start; - ngx_buf_t *b; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_CRYPTO); - len += ngx_quic_varint_len(crypto->offset); - len += ngx_quic_varint_len(crypto->length); - len += crypto->length; - - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_CRYPTO); - ngx_quic_build_int(&p, crypto->offset); - ngx_quic_build_int(&p, crypto->length); - - while (data) { - b = data->buf; - p = ngx_cpymem(p, b->pos, b->last - b->pos); - data = data->next; - } - - return p - start; -} - - -static size_t -ngx_quic_create_hs_done(u_char *p) -{ - u_char *start; - - if (p == NULL) { - return ngx_quic_varint_len(NGX_QUIC_FT_HANDSHAKE_DONE); - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_HANDSHAKE_DONE); - - return p - start; -} - - -static size_t -ngx_quic_create_new_token(u_char *p, ngx_quic_new_token_frame_t *token) -{ - size_t len; - u_char *start; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_NEW_TOKEN); - len += ngx_quic_varint_len(token->length); - len += token->length; - - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_NEW_TOKEN); - ngx_quic_build_int(&p, token->length); - p = ngx_cpymem(p, token->data, token->length); - - return p - start; -} - - -static size_t -ngx_quic_create_stream(u_char *p, ngx_quic_stream_frame_t *sf, - ngx_chain_t *data) -{ - size_t len; - u_char *start; - ngx_buf_t *b; - - if (p == NULL) { - len = ngx_quic_varint_len(sf->type); - - if (sf->off) { - len += ngx_quic_varint_len(sf->offset); - } - - len += ngx_quic_varint_len(sf->stream_id); - - /* length is always present in generated frames */ - len += ngx_quic_varint_len(sf->length); - - len += sf->length; - - return len; - } - - start = p; - - ngx_quic_build_int(&p, sf->type); - ngx_quic_build_int(&p, sf->stream_id); - - if (sf->off) { - ngx_quic_build_int(&p, sf->offset); - } - - /* length is always present in generated frames */ - ngx_quic_build_int(&p, sf->length); - - while (data) { - b = data->buf; - p = ngx_cpymem(p, b->pos, b->last - b->pos); - data = data->next; - } - - return p - start; -} - - -static size_t -ngx_quic_create_max_streams(u_char *p, ngx_quic_max_streams_frame_t *ms) -{ - size_t len; - u_char *start; - ngx_uint_t type; - - type = ms->bidi ? NGX_QUIC_FT_MAX_STREAMS : NGX_QUIC_FT_MAX_STREAMS2; - - if (p == NULL) { - len = ngx_quic_varint_len(type); - len += ngx_quic_varint_len(ms->limit); - return len; - } - - start = p; - - ngx_quic_build_int(&p, type); - ngx_quic_build_int(&p, ms->limit); - - return p - start; -} - - -static ngx_int_t -ngx_quic_parse_transport_param(u_char *p, u_char *end, uint16_t id, - ngx_quic_tp_t *dst) -{ - uint64_t varint; - ngx_str_t str; - - varint = 0; - ngx_str_null(&str); - - switch (id) { - - case NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION: - /* zero-length option */ - if (end - p != 0) { - return NGX_ERROR; - } - dst->disable_active_migration = 1; - return NGX_OK; - - case NGX_QUIC_TP_MAX_IDLE_TIMEOUT: - case NGX_QUIC_TP_MAX_UDP_PAYLOAD_SIZE: - case NGX_QUIC_TP_INITIAL_MAX_DATA: - case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL: - case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE: - case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI: - case NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI: - case NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI: - case NGX_QUIC_TP_ACK_DELAY_EXPONENT: - case NGX_QUIC_TP_MAX_ACK_DELAY: - case NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT: - - p = ngx_quic_parse_int(p, end, &varint); - if (p == NULL) { - return NGX_ERROR; - } - break; - - case NGX_QUIC_TP_INITIAL_SCID: - - str.len = end - p; - str.data = p; - break; - - default: - return NGX_DECLINED; - } - - switch (id) { - - case NGX_QUIC_TP_MAX_IDLE_TIMEOUT: - dst->max_idle_timeout = varint; - break; - - case NGX_QUIC_TP_MAX_UDP_PAYLOAD_SIZE: - dst->max_udp_payload_size = varint; - break; - - case NGX_QUIC_TP_INITIAL_MAX_DATA: - dst->initial_max_data = varint; - break; - - case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL: - dst->initial_max_stream_data_bidi_local = varint; - break; - - case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE: - dst->initial_max_stream_data_bidi_remote = varint; - break; - - case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI: - dst->initial_max_stream_data_uni = varint; - break; - - case NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI: - dst->initial_max_streams_bidi = varint; - break; - - case NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI: - dst->initial_max_streams_uni = varint; - break; - - case NGX_QUIC_TP_ACK_DELAY_EXPONENT: - dst->ack_delay_exponent = varint; - break; - - case NGX_QUIC_TP_MAX_ACK_DELAY: - dst->max_ack_delay = varint; - break; - - case NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT: - dst->active_connection_id_limit = varint; - break; - - case NGX_QUIC_TP_INITIAL_SCID: - dst->initial_scid = str; - break; - - default: - return NGX_ERROR; - } - - return NGX_OK; -} - - -ngx_int_t -ngx_quic_parse_transport_params(u_char *p, u_char *end, ngx_quic_tp_t *tp, - ngx_log_t *log) -{ - uint64_t id, len; - ngx_int_t rc; - - while (p < end) { - p = ngx_quic_parse_int(p, end, &id); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, log, 0, - "quic failed to parse transport param id"); - return NGX_ERROR; - } - - switch (id) { - case NGX_QUIC_TP_ORIGINAL_DCID: - case NGX_QUIC_TP_PREFERRED_ADDRESS: - case NGX_QUIC_TP_RETRY_SCID: - case NGX_QUIC_TP_SR_TOKEN: - ngx_log_error(NGX_LOG_INFO, log, 0, - "quic client sent forbidden transport param" - " id:0x%xL", id); - return NGX_ERROR; - } - - p = ngx_quic_parse_int(p, end, &len); - if (p == NULL) { - ngx_log_error(NGX_LOG_INFO, log, 0, - "quic failed to parse" - " transport param id:0x%xL length", id); - return NGX_ERROR; - } - - rc = ngx_quic_parse_transport_param(p, p + len, id, tp); - - if (rc == NGX_ERROR) { - ngx_log_error(NGX_LOG_INFO, log, 0, - "quic failed to parse" - " transport param id:0x%xL data", id); - return NGX_ERROR; - } - - if (rc == NGX_DECLINED) { - ngx_log_error(NGX_LOG_INFO, log, 0, - "quic unknown transport param id:0x%xL, skipped", id); - } - - p += len; - } - - if (p != end) { - ngx_log_error(NGX_LOG_INFO, log, 0, - "quic trailing garbage in" - " transport parameters: bytes:%ui", - end - p); - return NGX_ERROR; - } - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0, - "quic transport parameters parsed ok"); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp disable active migration: %ui", - tp->disable_active_migration); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, "quic tp idle_timeout:%ui", - tp->max_idle_timeout); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp max_udp_payload_size:%ui", - tp->max_udp_payload_size); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, "quic tp max_data:%ui", - tp->initial_max_data); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp max_stream_data_bidi_local:%ui", - tp->initial_max_stream_data_bidi_local); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp max_stream_data_bidi_remote:%ui", - tp->initial_max_stream_data_bidi_remote); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp max_stream_data_uni:%ui", - tp->initial_max_stream_data_uni); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp initial_max_streams_bidi:%ui", - tp->initial_max_streams_bidi); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp initial_max_streams_uni:%ui", - tp->initial_max_streams_uni); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp ack_delay_exponent:%ui", - tp->ack_delay_exponent); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, "quic tp max_ack_delay:%ui", - tp->max_ack_delay); - - ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp active_connection_id_limit:%ui", - tp->active_connection_id_limit); - -#if (NGX_QUIC_DRAFT_VERSION >= 28) - ngx_log_debug2(NGX_LOG_DEBUG_EVENT, log, 0, - "quic tp initial source_connection_id len:%uz %xV", - tp->initial_scid.len, &tp->initial_scid); -#endif - - return NGX_OK; -} - - -static size_t -ngx_quic_create_max_stream_data(u_char *p, ngx_quic_max_stream_data_frame_t *ms) -{ - size_t len; - u_char *start; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_MAX_STREAM_DATA); - len += ngx_quic_varint_len(ms->id); - len += ngx_quic_varint_len(ms->limit); - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_MAX_STREAM_DATA); - ngx_quic_build_int(&p, ms->id); - ngx_quic_build_int(&p, ms->limit); - - return p - start; -} - - -static size_t -ngx_quic_create_max_data(u_char *p, ngx_quic_max_data_frame_t *md) -{ - size_t len; - u_char *start; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_MAX_DATA); - len += ngx_quic_varint_len(md->max_data); - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_MAX_DATA); - ngx_quic_build_int(&p, md->max_data); - - return p - start; -} - - -static size_t -ngx_quic_create_path_response(u_char *p, ngx_quic_path_challenge_frame_t *pc) -{ - size_t len; - u_char *start; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_PATH_RESPONSE); - len += sizeof(pc->data); - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_PATH_RESPONSE); - p = ngx_cpymem(p, &pc->data, sizeof(pc->data)); - - return p - start; -} - - -static size_t -ngx_quic_create_new_connection_id(u_char *p, ngx_quic_new_conn_id_frame_t *ncid) -{ - size_t len; - u_char *start; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_NEW_CONNECTION_ID); - len += ngx_quic_varint_len(ncid->seqnum); - len += ngx_quic_varint_len(ncid->retire); - len++; - len += ncid->len; - len += NGX_QUIC_SR_TOKEN_LEN; - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_NEW_CONNECTION_ID); - ngx_quic_build_int(&p, ncid->seqnum); - ngx_quic_build_int(&p, ncid->retire); - *p++ = ncid->len; - p = ngx_cpymem(p, ncid->cid, ncid->len); - p = ngx_cpymem(p, ncid->srt, NGX_QUIC_SR_TOKEN_LEN); - - return p - start; -} - - -static size_t -ngx_quic_create_retire_connection_id(u_char *p, - ngx_quic_retire_cid_frame_t *rcid) -{ - size_t len; - u_char *start; - - if (p == NULL) { - len = ngx_quic_varint_len(NGX_QUIC_FT_RETIRE_CONNECTION_ID); - len += ngx_quic_varint_len(rcid->sequence_number); - return len; - } - - start = p; - - ngx_quic_build_int(&p, NGX_QUIC_FT_RETIRE_CONNECTION_ID); - ngx_quic_build_int(&p, rcid->sequence_number); - - return p - start; -} - - -ssize_t -ngx_quic_create_transport_params(u_char *pos, u_char *end, ngx_quic_tp_t *tp, - size_t *clen) -{ - u_char *p; - size_t len; - -#define ngx_quic_tp_len(id, value) \ - ngx_quic_varint_len(id) \ - + ngx_quic_varint_len(value) \ - + ngx_quic_varint_len(ngx_quic_varint_len(value)) - -#define ngx_quic_tp_vint(id, value) \ - do { \ - ngx_quic_build_int(&p, id); \ - ngx_quic_build_int(&p, ngx_quic_varint_len(value)); \ - ngx_quic_build_int(&p, value); \ - } while (0) - -#define ngx_quic_tp_strlen(id, value) \ - ngx_quic_varint_len(id) \ - + ngx_quic_varint_len(value.len) \ - + value.len - -#define ngx_quic_tp_str(id, value) \ - do { \ - ngx_quic_build_int(&p, id); \ - ngx_quic_build_int(&p, value.len); \ - p = ngx_cpymem(p, value.data, value.len); \ - } while (0) - - p = pos; - - len = ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_DATA, tp->initial_max_data); - - len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI, - tp->initial_max_streams_uni); - - len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI, - tp->initial_max_streams_bidi); - - len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL, - tp->initial_max_stream_data_bidi_local); - - len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE, - tp->initial_max_stream_data_bidi_remote); - - len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI, - tp->initial_max_stream_data_uni); - - len += ngx_quic_tp_len(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, - tp->max_idle_timeout); - - if (clen) { - *clen = len; - } - - if (tp->disable_active_migration) { - len += ngx_quic_varint_len(NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION); - len += ngx_quic_varint_len(0); - } - - len += ngx_quic_tp_len(NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT, - tp->active_connection_id_limit); - -#if (NGX_QUIC_DRAFT_VERSION >= 28) - len += ngx_quic_tp_strlen(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid); - len += ngx_quic_tp_strlen(NGX_QUIC_TP_INITIAL_SCID, tp->initial_scid); - - if (tp->retry_scid.len) { - len += ngx_quic_tp_strlen(NGX_QUIC_TP_RETRY_SCID, tp->retry_scid); - } -#else - if (tp->original_dcid.len) { - len += ngx_quic_tp_strlen(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid); - } -#endif - - len += ngx_quic_varint_len(NGX_QUIC_TP_SR_TOKEN); - len += ngx_quic_varint_len(NGX_QUIC_SR_TOKEN_LEN); - len += NGX_QUIC_SR_TOKEN_LEN; - - if (pos == NULL) { - return len; - } - - ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_DATA, - tp->initial_max_data); - - ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI, - tp->initial_max_streams_uni); - - ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI, - tp->initial_max_streams_bidi); - - ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL, - tp->initial_max_stream_data_bidi_local); - - ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE, - tp->initial_max_stream_data_bidi_remote); - - ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI, - tp->initial_max_stream_data_uni); - - ngx_quic_tp_vint(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, - tp->max_idle_timeout); - - if (tp->disable_active_migration) { - ngx_quic_build_int(&p, NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION); - ngx_quic_build_int(&p, 0); - } - - ngx_quic_tp_vint(NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT, - tp->active_connection_id_limit); - -#if (NGX_QUIC_DRAFT_VERSION >= 28) - ngx_quic_tp_str(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid); - ngx_quic_tp_str(NGX_QUIC_TP_INITIAL_SCID, tp->initial_scid); - - if (tp->retry_scid.len) { - ngx_quic_tp_str(NGX_QUIC_TP_RETRY_SCID, tp->retry_scid); - } -#else - if (tp->original_dcid.len) { - ngx_quic_tp_str(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid); - } -#endif - - ngx_quic_build_int(&p, NGX_QUIC_TP_SR_TOKEN); - ngx_quic_build_int(&p, NGX_QUIC_SR_TOKEN_LEN); - p = ngx_cpymem(p, tp->sr_token, NGX_QUIC_SR_TOKEN_LEN); - - return p - pos; -} - - -static size_t -ngx_quic_create_close(u_char *p, ngx_quic_close_frame_t *cl) -{ - size_t len; - u_char *start; - ngx_uint_t type; - - type = cl->app ? NGX_QUIC_FT_CONNECTION_CLOSE_APP - : NGX_QUIC_FT_CONNECTION_CLOSE; - - if (p == NULL) { - len = ngx_quic_varint_len(type); - len += ngx_quic_varint_len(cl->error_code); - - if (!cl->app) { - len += ngx_quic_varint_len(cl->frame_type); - } - - len += ngx_quic_varint_len(cl->reason.len); - len += cl->reason.len; - - return len; - } - - start = p; - - ngx_quic_build_int(&p, type); - ngx_quic_build_int(&p, cl->error_code); - - if (!cl->app) { - ngx_quic_build_int(&p, cl->frame_type); - } - - ngx_quic_build_int(&p, cl->reason.len); - p = ngx_cpymem(p, cl->reason.data, cl->reason.len); - - return p - start; -}
--- a/src/event/ngx_event_quic_transport.h Tue Dec 22 16:41:56 2020 +0300 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,356 +0,0 @@ - -/* - * Copyright (C) Nginx, Inc. - */ - - -#ifndef _NGX_EVENT_QUIC_WIRE_H_INCLUDED_ -#define _NGX_EVENT_QUIC_WIRE_H_INCLUDED_ - - -#include <ngx_config.h> -#include <ngx_core.h> - - -/* QUIC flags in first byte, see quic-transport 17.2 and 17.3 */ - -#define NGX_QUIC_PKT_LONG 0x80 /* header form */ -#define NGX_QUIC_PKT_FIXED_BIT 0x40 -#define NGX_QUIC_PKT_TYPE 0x30 /* in long packet */ -#define NGX_QUIC_PKT_KPHASE 0x04 /* in short packet */ - -#define ngx_quic_long_pkt(flags) ((flags) & NGX_QUIC_PKT_LONG) -#define ngx_quic_short_pkt(flags) (((flags) & NGX_QUIC_PKT_LONG) == 0) - -/* Long packet types */ -#define NGX_QUIC_PKT_INITIAL 0x00 -#define NGX_QUIC_PKT_ZRTT 0x10 -#define NGX_QUIC_PKT_HANDSHAKE 0x20 -#define NGX_QUIC_PKT_RETRY 0x30 - -#define ngx_quic_pkt_in(flags) \ - (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_INITIAL) -#define ngx_quic_pkt_zrtt(flags) \ - (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_ZRTT) -#define ngx_quic_pkt_hs(flags) \ - (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_HANDSHAKE) -#define ngx_quic_pkt_retry(flags) \ - (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_RETRY) - -#define ngx_quic_pkt_rb_mask(flags) \ - (ngx_quic_long_pkt(flags) ? 0x0C : 0x18) -#define ngx_quic_pkt_hp_mask(flags) \ - (ngx_quic_long_pkt(flags) ? 0x0F : 0x1F) - -#define ngx_quic_level_name(lvl) \ - (lvl == ssl_encryption_application) ? "app" \ - : (lvl == ssl_encryption_initial) ? "init" \ - : (lvl == ssl_encryption_handshake) ? "hs" : "early" - - -/* 12.4. Frames and Frame Types */ -#define NGX_QUIC_FT_PADDING 0x00 -#define NGX_QUIC_FT_PING 0x01 -#define NGX_QUIC_FT_ACK 0x02 -#define NGX_QUIC_FT_ACK_ECN 0x03 -#define NGX_QUIC_FT_RESET_STREAM 0x04 -#define NGX_QUIC_FT_STOP_SENDING 0x05 -#define NGX_QUIC_FT_CRYPTO 0x06 -#define NGX_QUIC_FT_NEW_TOKEN 0x07 -#define NGX_QUIC_FT_STREAM0 0x08 -#define NGX_QUIC_FT_STREAM1 0x09 -#define NGX_QUIC_FT_STREAM2 0x0A -#define NGX_QUIC_FT_STREAM3 0x0B -#define NGX_QUIC_FT_STREAM4 0x0C -#define NGX_QUIC_FT_STREAM5 0x0D -#define NGX_QUIC_FT_STREAM6 0x0E -#define NGX_QUIC_FT_STREAM7 0x0F -#define NGX_QUIC_FT_MAX_DATA 0x10 -#define NGX_QUIC_FT_MAX_STREAM_DATA 0x11 -#define NGX_QUIC_FT_MAX_STREAMS 0x12 -#define NGX_QUIC_FT_MAX_STREAMS2 0x13 -#define NGX_QUIC_FT_DATA_BLOCKED 0x14 -#define NGX_QUIC_FT_STREAM_DATA_BLOCKED 0x15 -#define NGX_QUIC_FT_STREAMS_BLOCKED 0x16 -#define NGX_QUIC_FT_STREAMS_BLOCKED2 0x17 -#define NGX_QUIC_FT_NEW_CONNECTION_ID 0x18 -#define NGX_QUIC_FT_RETIRE_CONNECTION_ID 0x19 -#define NGX_QUIC_FT_PATH_CHALLENGE 0x1A -#define NGX_QUIC_FT_PATH_RESPONSE 0x1B -#define NGX_QUIC_FT_CONNECTION_CLOSE 0x1C -#define NGX_QUIC_FT_CONNECTION_CLOSE_APP 0x1D -#define NGX_QUIC_FT_HANDSHAKE_DONE 0x1E - -/* 22.4. QUIC Transport Error Codes Registry */ -/* Keep in sync with ngx_quic_errors[] */ -#define NGX_QUIC_ERR_NO_ERROR 0x00 -#define NGX_QUIC_ERR_INTERNAL_ERROR 0x01 -#define NGX_QUIC_ERR_CONNECTION_REFUSED 0x02 -#define NGX_QUIC_ERR_FLOW_CONTROL_ERROR 0x03 -#define NGX_QUIC_ERR_STREAM_LIMIT_ERROR 0x04 -#define NGX_QUIC_ERR_STREAM_STATE_ERROR 0x05 -#define NGX_QUIC_ERR_FINAL_SIZE_ERROR 0x06 -#define NGX_QUIC_ERR_FRAME_ENCODING_ERROR 0x07 -#define NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR 0x08 -#define NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR 0x09 -#define NGX_QUIC_ERR_PROTOCOL_VIOLATION 0x0A -#define NGX_QUIC_ERR_INVALID_TOKEN 0x0B -#define NGX_QUIC_ERR_APPLICATION_ERROR 0x0C -#define NGX_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED 0x0D -#define NGX_QUIC_ERR_KEY_UPDATE_ERROR 0x0E - -#define NGX_QUIC_ERR_LAST 0x0F -#define NGX_QUIC_ERR_CRYPTO_ERROR 0x100 - -#define NGX_QUIC_ERR_CRYPTO(e) (NGX_QUIC_ERR_CRYPTO_ERROR + (e)) - - -/* Transport parameters */ -#define NGX_QUIC_TP_ORIGINAL_DCID 0x00 -#define NGX_QUIC_TP_MAX_IDLE_TIMEOUT 0x01 -#define NGX_QUIC_TP_SR_TOKEN 0x02 -#define NGX_QUIC_TP_MAX_UDP_PAYLOAD_SIZE 0x03 -#define NGX_QUIC_TP_INITIAL_MAX_DATA 0x04 -#define NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL 0x05 -#define NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE 0x06 -#define NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI 0x07 -#define NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI 0x08 -#define NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI 0x09 -#define NGX_QUIC_TP_ACK_DELAY_EXPONENT 0x0A -#define NGX_QUIC_TP_MAX_ACK_DELAY 0x0B -#define NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION 0x0C -#define NGX_QUIC_TP_PREFERRED_ADDRESS 0x0D -#define NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT 0x0E -#define NGX_QUIC_TP_INITIAL_SCID 0x0F -#define NGX_QUIC_TP_RETRY_SCID 0x10 - -#define NGX_QUIC_CID_LEN_MIN 8 -#define NGX_QUIC_CID_LEN_MAX 20 - -#define NGX_QUIC_MAX_RANGES 10 - - -typedef struct { - uint64_t gap; - uint64_t range; -} ngx_quic_ack_range_t; - - -typedef struct { - uint64_t largest; - uint64_t delay; - uint64_t range_count; - uint64_t first_range; - uint64_t ect0; - uint64_t ect1; - uint64_t ce; - uint64_t ranges_length; -} ngx_quic_ack_frame_t; - - -typedef struct { - uint64_t seqnum; - uint64_t retire; - uint8_t len; - u_char cid[NGX_QUIC_CID_LEN_MAX]; - u_char srt[NGX_QUIC_SR_TOKEN_LEN]; -} ngx_quic_new_conn_id_frame_t; - - -typedef struct { - uint64_t length; - u_char *data; -} ngx_quic_new_token_frame_t; - -/* - * common layout for CRYPTO and STREAM frames; - * conceptually, CRYPTO frame is also a stream - * frame lacking some properties - */ -typedef struct { - uint64_t offset; - uint64_t length; -} ngx_quic_ordered_frame_t; - -typedef ngx_quic_ordered_frame_t ngx_quic_crypto_frame_t; - - -typedef struct { - /* initial fields same as in ngx_quic_ordered_frame_t */ - uint64_t offset; - uint64_t length; - - uint8_t type; - uint64_t stream_id; - unsigned off:1; - unsigned len:1; - unsigned fin:1; -} ngx_quic_stream_frame_t; - - -typedef struct { - uint64_t max_data; -} ngx_quic_max_data_frame_t; - - -typedef struct { - uint64_t error_code; - uint64_t frame_type; - ngx_str_t reason; - ngx_uint_t app; /* unsigned app:1; */ -} ngx_quic_close_frame_t; - - -typedef struct { - uint64_t id; - uint64_t error_code; - uint64_t final_size; -} ngx_quic_reset_stream_frame_t; - - -typedef struct { - uint64_t id; - uint64_t error_code; -} ngx_quic_stop_sending_frame_t; - - -typedef struct { - uint64_t limit; - ngx_uint_t bidi; /* unsigned: bidi:1 */ -} ngx_quic_streams_blocked_frame_t; - - -typedef struct { - uint64_t limit; - ngx_uint_t bidi; /* unsigned: bidi:1 */ -} ngx_quic_max_streams_frame_t; - - -typedef struct { - uint64_t id; - uint64_t limit; -} ngx_quic_max_stream_data_frame_t; - - -typedef struct { - uint64_t limit; -} ngx_quic_data_blocked_frame_t; - - -typedef struct { - uint64_t id; - uint64_t limit; -} ngx_quic_stream_data_blocked_frame_t; - - -typedef struct { - uint64_t sequence_number; -} ngx_quic_retire_cid_frame_t; - - -typedef struct { - u_char data[8]; -} ngx_quic_path_challenge_frame_t; - - -typedef struct ngx_quic_frame_s ngx_quic_frame_t; - -struct ngx_quic_frame_s { - ngx_uint_t type; - enum ssl_encryption_level_t level; - ngx_queue_t queue; - uint64_t pnum; - size_t plen; - ngx_msec_t first; - ngx_msec_t last; - ssize_t len; - ngx_uint_t need_ack; - /* unsigned need_ack:1; */ - - ngx_chain_t *data; - union { - ngx_quic_ack_frame_t ack; - ngx_quic_crypto_frame_t crypto; - ngx_quic_ordered_frame_t ord; - ngx_quic_new_conn_id_frame_t ncid; - ngx_quic_new_token_frame_t token; - ngx_quic_stream_frame_t stream; - ngx_quic_max_data_frame_t max_data; - ngx_quic_close_frame_t close; - ngx_quic_reset_stream_frame_t reset_stream; - ngx_quic_stop_sending_frame_t stop_sending; - ngx_quic_streams_blocked_frame_t streams_blocked; - ngx_quic_max_streams_frame_t max_streams; - ngx_quic_max_stream_data_frame_t max_stream_data; - ngx_quic_data_blocked_frame_t data_blocked; - ngx_quic_stream_data_blocked_frame_t stream_data_blocked; - ngx_quic_retire_cid_frame_t retire_cid; - ngx_quic_path_challenge_frame_t path_challenge; - ngx_quic_path_challenge_frame_t path_response; - } u; -}; - - -typedef struct { - ngx_log_t *log; - - ngx_quic_keys_t *keys; - - ngx_msec_t received; - uint64_t number; - uint8_t num_len; - uint32_t trunc; - uint8_t flags; - uint32_t version; - ngx_str_t token; - enum ssl_encryption_level_t level; - ngx_uint_t error; - - /* filled in by parser */ - ngx_buf_t *raw; /* udp datagram */ - - u_char *data; /* quic packet */ - size_t len; - - /* cleartext fields */ - ngx_str_t odcid; /* retry packet tag */ - ngx_str_t dcid; - ngx_str_t scid; - uint64_t pn; - u_char *plaintext; - ngx_str_t payload; /* decrypted data */ - - unsigned need_ack:1; - unsigned key_phase:1; - unsigned key_update:1; - unsigned parsed:1; - unsigned decrypted:1; -} ngx_quic_header_t; - - -u_char *ngx_quic_error_text(uint64_t error_code); - -ngx_int_t ngx_quic_parse_packet(ngx_quic_header_t *pkt); - -size_t ngx_quic_create_version_negotiation(ngx_quic_header_t *pkt, u_char *out); - -size_t ngx_quic_create_header(ngx_quic_header_t *pkt, u_char *out, - size_t pkt_len, u_char **pnp); - -size_t ngx_quic_create_retry_itag(ngx_quic_header_t *pkt, u_char *out, - u_char **start); - -ssize_t ngx_quic_parse_frame(ngx_quic_header_t *pkt, u_char *start, u_char *end, - ngx_quic_frame_t *frame); -ssize_t ngx_quic_create_frame(u_char *p, ngx_quic_frame_t *f); - -ssize_t ngx_quic_parse_ack_range(ngx_log_t *log, u_char *start, - u_char *end, uint64_t *gap, uint64_t *range); -size_t ngx_quic_create_ack_range(u_char *p, uint64_t gap, uint64_t range); - -ngx_int_t ngx_quic_parse_transport_params(u_char *p, u_char *end, - ngx_quic_tp_t *tp, ngx_log_t *log); -ssize_t ngx_quic_create_transport_params(u_char *p, u_char *end, - ngx_quic_tp_t *tp, size_t *clen); - -#endif /* _NGX_EVENT_QUIC_WIRE_H_INCLUDED_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/event/quic/ngx_event_quic.c Fri Dec 25 14:01:28 2020 +0300 @@ -0,0 +1,6530 @@ + +/* + * Copyright (C) Nginx, Inc. + */ + + +#include <ngx_config.h> +#include <ngx_core.h> +#include <ngx_event.h> +#include <ngx_event_quic_transport.h> +#include <ngx_event_quic_protection.h> + + +/* 0-RTT and 1-RTT data exist in the same packet number space, + * so we have 3 packet number spaces: + * + * 0 - Initial + * 1 - Handshake + * 2 - 0-RTT and 1-RTT + */ +#define ngx_quic_get_send_ctx(qc, level) \ + ((level) == ssl_encryption_initial) ? &((qc)->send_ctx[0]) \ + : (((level) == ssl_encryption_handshake) ? &((qc)->send_ctx[1]) \ + : &((qc)->send_ctx[2])) + +#define NGX_QUIC_SEND_CTX_LAST (NGX_QUIC_ENCRYPTION_LAST - 1) + +/* + * 7.4. Cryptographic Message Buffering + * Implementations MUST support buffering at least 4096 bytes of data + */ +#define NGX_QUIC_MAX_BUFFERED 65535 + +#define NGX_QUIC_STREAM_GONE (void *) -1 + +#define NGX_QUIC_UNSET_PN (uint64_t) -1 + +/* + * Endpoints MUST discard packets that are too small to be valid QUIC + * packets. With the set of AEAD functions defined in [QUIC-TLS], + * packets that are smaller than 21 bytes are never valid. + */ +#define NGX_QUIC_MIN_PKT_LEN 21 + +#define NGX_QUIC_MIN_SR_PACKET 43 /* 5 random + 16 srt + 22 padding */ +#define NGX_QUIC_MAX_SR_PACKET 1200 + +#define NGX_QUIC_MAX_ACK_GAP 2 + + +typedef struct { + ngx_rbtree_t tree; + ngx_rbtree_node_t sentinel; + + uint64_t received; + uint64_t sent; + uint64_t recv_max_data; + uint64_t send_max_data; + + uint64_t server_max_streams_uni; + uint64_t server_max_streams_bidi; + uint64_t server_streams_uni; + uint64_t server_streams_bidi; + + uint64_t client_max_streams_uni; + uint64_t client_max_streams_bidi; + uint64_t client_streams_uni; + uint64_t client_streams_bidi; +} ngx_quic_streams_t; + + +typedef struct { + size_t in_flight; + size_t window; + size_t ssthresh; + ngx_msec_t recovery_start; +} ngx_quic_congestion_t; + + +/* + * 12.3. Packet Numbers + * + * Conceptually, a packet number space is the context in which a packet + * can be processed and acknowledged. Initial packets can only be sent + * with Initial packet protection keys and acknowledged in packets which + * are also Initial packets. +*/ +typedef struct { + enum ssl_encryption_level_t level; + + uint64_t pnum; /* to be sent */ + uint64_t largest_ack; /* received from peer */ + uint64_t largest_pn; /* received from peer */ + + ngx_queue_t frames; + ngx_queue_t sent; + + uint64_t pending_ack; /* non sent ack-eliciting */ + uint64_t largest_range; + uint64_t first_range; + ngx_msec_t largest_received; + ngx_msec_t ack_delay_start; + ngx_uint_t nranges; + ngx_quic_ack_range_t ranges[NGX_QUIC_MAX_RANGES]; + ngx_uint_t send_ack; +} ngx_quic_send_ctx_t; + + +typedef struct { + ngx_udp_connection_t udp; + + uint32_t version; + ngx_str_t scid; /* initial client ID */ + ngx_str_t dcid; /* server (our own) ID */ + ngx_str_t odcid; /* original server ID */ + ngx_str_t token; + + struct sockaddr *sockaddr; + socklen_t socklen; + + ngx_queue_t client_ids; + ngx_queue_t server_ids; + ngx_queue_t free_client_ids; + ngx_queue_t free_server_ids; + ngx_uint_t nclient_ids; + ngx_uint_t nserver_ids; + uint64_t max_retired_seqnum; + uint64_t client_seqnum; + uint64_t server_seqnum; + + ngx_uint_t client_tp_done; + ngx_quic_tp_t tp; + ngx_quic_tp_t ctp; + + ngx_quic_send_ctx_t send_ctx[NGX_QUIC_SEND_CTX_LAST]; + + ngx_quic_frames_stream_t crypto[NGX_QUIC_ENCRYPTION_LAST]; + + ngx_quic_keys_t *keys; + + ngx_quic_conf_t *conf; + + ngx_event_t push; + ngx_event_t pto; + ngx_event_t close; + ngx_msec_t last_cc; + + ngx_msec_t latest_rtt; + ngx_msec_t avg_rtt; + ngx_msec_t min_rtt; + ngx_msec_t rttvar; + + ngx_uint_t pto_count; + + ngx_queue_t free_frames; + ngx_chain_t *free_bufs; + ngx_buf_t *free_shadow_bufs; + +#ifdef NGX_QUIC_DEBUG_ALLOC + ngx_uint_t nframes; + ngx_uint_t nbufs; +#endif + + ngx_quic_streams_t streams; + ngx_quic_congestion_t congestion; + off_t received; + + ngx_uint_t error; + enum ssl_encryption_level_t error_level; + ngx_uint_t error_ftype; + const char *error_reason; + + unsigned error_app:1; + unsigned send_timer_set:1; + unsigned closing:1; + unsigned draining:1; + unsigned key_phase:1; + unsigned in_retry:1; + unsigned initialized:1; + unsigned validated:1; +} ngx_quic_connection_t; + + +typedef struct { + ngx_queue_t queue; + uint64_t seqnum; + size_t len; + u_char id[NGX_QUIC_CID_LEN_MAX]; + u_char sr_token[NGX_QUIC_SR_TOKEN_LEN]; +} ngx_quic_client_id_t; + + +typedef struct { + ngx_udp_connection_t udp; + ngx_queue_t queue; + uint64_t seqnum; + size_t len; + u_char id[NGX_QUIC_CID_LEN_MAX]; +} ngx_quic_server_id_t; + + +typedef ngx_int_t (*ngx_quic_frame_handler_pt)(ngx_connection_t *c, + ngx_quic_frame_t *frame, void *data); + + +#if BORINGSSL_API_VERSION >= 10 +static int ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, + const uint8_t *secret, size_t secret_len); +static int ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, + const uint8_t *secret, size_t secret_len); +#else +static int ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, const uint8_t *read_secret, + const uint8_t *write_secret, size_t secret_len); +#endif + +static int ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, const uint8_t *data, size_t len); +static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); +static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, uint8_t alert); + + +static ngx_quic_connection_t *ngx_quic_new_connection(ngx_connection_t *c, + ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_send_stateless_reset(ngx_connection_t *c, + ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_process_stateless_reset(ngx_connection_t *c, + ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_negotiate_version(ngx_connection_t *c, + ngx_quic_header_t *inpkt); +static ngx_int_t ngx_quic_create_server_id(ngx_connection_t *c, u_char *id); +static ngx_int_t ngx_quic_send_retry(ngx_connection_t *c); +static ngx_int_t ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token); +static ngx_int_t ngx_quic_validate_token(ngx_connection_t *c, + ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_init_connection(ngx_connection_t *c); +static ngx_inline size_t ngx_quic_max_udp_payload(ngx_connection_t *c); +static void ngx_quic_input_handler(ngx_event_t *rev); + +static void ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc); +static ngx_int_t ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc); +static void ngx_quic_close_timer_handler(ngx_event_t *ev); +static ngx_int_t ngx_quic_close_streams(ngx_connection_t *c, + ngx_quic_connection_t *qc); + +static ngx_int_t ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, + ngx_quic_conf_t *conf); +static ngx_int_t ngx_quic_process_packet(ngx_connection_t *c, + ngx_quic_conf_t *conf, ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_init_secrets(ngx_connection_t *c); +static void ngx_quic_discard_ctx(ngx_connection_t *c, + enum ssl_encryption_level_t level); +static ngx_int_t ngx_quic_check_peer(ngx_quic_connection_t *qc, + ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_payload_handler(ngx_connection_t *c, + ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_ack_packet(ngx_connection_t *c, + ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_send_ack_range(ngx_connection_t *c, + ngx_quic_send_ctx_t *ctx, uint64_t smallest, uint64_t largest); +static void ngx_quic_drop_ack_ranges(ngx_connection_t *c, + ngx_quic_send_ctx_t *ctx, uint64_t pn); +static ngx_int_t ngx_quic_send_ack(ngx_connection_t *c, + ngx_quic_send_ctx_t *ctx); +static ngx_int_t ngx_quic_send_cc(ngx_connection_t *c); +static ngx_int_t ngx_quic_send_new_token(ngx_connection_t *c); + +static ngx_int_t ngx_quic_handle_ack_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_frame_t *f); +static ngx_int_t ngx_quic_handle_ack_frame_range(ngx_connection_t *c, + ngx_quic_send_ctx_t *ctx, uint64_t min, uint64_t max, + ngx_msec_t *send_time); +static void ngx_quic_rtt_sample(ngx_connection_t *c, ngx_quic_ack_frame_t *ack, + enum ssl_encryption_level_t level, ngx_msec_t send_time); +static ngx_inline ngx_msec_t ngx_quic_pto(ngx_connection_t *c, + ngx_quic_send_ctx_t *ctx); +static void ngx_quic_handle_stream_ack(ngx_connection_t *c, + ngx_quic_frame_t *f); + +static ngx_int_t ngx_quic_handle_ordered_frame(ngx_connection_t *c, + ngx_quic_frames_stream_t *fs, ngx_quic_frame_t *frame, + ngx_quic_frame_handler_pt handler, void *data); +static ngx_int_t ngx_quic_adjust_frame_offset(ngx_connection_t *c, + ngx_quic_frame_t *f, uint64_t offset_in); +static ngx_int_t ngx_quic_buffer_frame(ngx_connection_t *c, + ngx_quic_frames_stream_t *stream, ngx_quic_frame_t *f); + +static ngx_int_t ngx_quic_handle_crypto_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_frame_t *frame); +static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, + ngx_quic_frame_t *frame, void *data); +static ngx_int_t ngx_quic_handle_stream_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_frame_t *frame); +static ngx_int_t ngx_quic_stream_input(ngx_connection_t *c, + ngx_quic_frame_t *frame, void *data); + +static ngx_int_t ngx_quic_handle_max_data_frame(ngx_connection_t *c, + ngx_quic_max_data_frame_t *f); +static ngx_int_t ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f); +static ngx_int_t ngx_quic_handle_stream_data_blocked_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_stream_data_blocked_frame_t *f); +static ngx_int_t ngx_quic_handle_max_stream_data_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_max_stream_data_frame_t *f); +static ngx_int_t ngx_quic_handle_reset_stream_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_reset_stream_frame_t *f); +static ngx_int_t ngx_quic_handle_stop_sending_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_stop_sending_frame_t *f); +static ngx_int_t ngx_quic_handle_max_streams_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_max_streams_frame_t *f); +static ngx_int_t ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f); +static ngx_int_t ngx_quic_handle_new_connection_id_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_new_conn_id_frame_t *f); +static ngx_int_t ngx_quic_retire_connection_id(ngx_connection_t *c, + enum ssl_encryption_level_t level, uint64_t seqnum); +static ngx_int_t ngx_quic_handle_retire_connection_id_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_retire_cid_frame_t *f); +static ngx_int_t ngx_quic_issue_server_ids(ngx_connection_t *c); +static void ngx_quic_clear_temp_server_ids(ngx_connection_t *c); +static ngx_quic_server_id_t *ngx_quic_insert_server_id(ngx_connection_t *c, + ngx_str_t *id); +static ngx_quic_client_id_t *ngx_quic_alloc_client_id(ngx_connection_t *c, + ngx_quic_connection_t *qc); +static ngx_quic_server_id_t *ngx_quic_alloc_server_id(ngx_connection_t *c, + ngx_quic_connection_t *qc); + +static void ngx_quic_queue_frame(ngx_quic_connection_t *qc, + ngx_quic_frame_t *frame); + +static ngx_int_t ngx_quic_output(ngx_connection_t *c); +static ngx_uint_t ngx_quic_get_padding_level(ngx_connection_t *c); +static ngx_int_t ngx_quic_generate_ack(ngx_connection_t *c, + ngx_quic_send_ctx_t *ctx); +static ssize_t ngx_quic_output_packet(ngx_connection_t *c, + ngx_quic_send_ctx_t *ctx, u_char *data, size_t max, size_t min); +static ngx_int_t ngx_quic_split_frame(ngx_connection_t *c, ngx_quic_frame_t *f, + size_t len); +static void ngx_quic_free_frames(ngx_connection_t *c, ngx_queue_t *frames); +static ssize_t ngx_quic_send(ngx_connection_t *c, u_char *buf, size_t len); + +static void ngx_quic_set_packet_number(ngx_quic_header_t *pkt, + ngx_quic_send_ctx_t *ctx); +static void ngx_quic_pto_handler(ngx_event_t *ev); +static void ngx_quic_lost_handler(ngx_event_t *ev); +static ngx_int_t ngx_quic_detect_lost(ngx_connection_t *c); +static void ngx_quic_resend_frames(ngx_connection_t *c, + ngx_quic_send_ctx_t *ctx); +static void ngx_quic_push_handler(ngx_event_t *ev); + +static void ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, + ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); +static ngx_quic_stream_t *ngx_quic_find_stream(ngx_rbtree_t *rbtree, + uint64_t id); +static ngx_quic_stream_t *ngx_quic_create_client_stream(ngx_connection_t *c, + uint64_t id); +static ngx_quic_stream_t *ngx_quic_create_stream(ngx_connection_t *c, + uint64_t id, size_t rcvbuf_size); +static ssize_t ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, + size_t size); +static ssize_t ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, + size_t size); +static ngx_chain_t *ngx_quic_stream_send_chain(ngx_connection_t *c, + ngx_chain_t *in, off_t limit); +static size_t ngx_quic_max_stream_flow(ngx_connection_t *c); +static void ngx_quic_stream_cleanup_handler(void *data); +static ngx_quic_frame_t *ngx_quic_alloc_frame(ngx_connection_t *c); +static void ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame); + +static void ngx_quic_congestion_ack(ngx_connection_t *c, + ngx_quic_frame_t *frame); +static void ngx_quic_congestion_lost(ngx_connection_t *c, + ngx_quic_frame_t *frame); + +static ngx_chain_t *ngx_quic_alloc_buf(ngx_connection_t *c); +static void ngx_quic_free_bufs(ngx_connection_t *c, ngx_chain_t *in); +static ngx_chain_t *ngx_quic_copy_buf(ngx_connection_t *c, u_char *data, + size_t len); +static ngx_chain_t *ngx_quic_copy_chain(ngx_connection_t *c, ngx_chain_t *in, + size_t limit); +static ngx_chain_t *ngx_quic_split_bufs(ngx_connection_t *c, ngx_chain_t *in, + size_t len); + + +static SSL_QUIC_METHOD quic_method = { +#if BORINGSSL_API_VERSION >= 10 + ngx_quic_set_read_secret, + ngx_quic_set_write_secret, +#else + ngx_quic_set_encryption_secrets, +#endif + ngx_quic_add_handshake_data, + ngx_quic_flush_flight, + ngx_quic_send_alert, +}; + + +#if (NGX_DEBUG) + +static void +ngx_quic_log_frame(ngx_log_t *log, ngx_quic_frame_t *f, ngx_uint_t tx) +{ + u_char *p, *last, *pos, *end; + ssize_t n; + uint64_t gap, range, largest, smallest; + ngx_uint_t i; + u_char buf[NGX_MAX_ERROR_STR]; + + p = buf; + last = buf + sizeof(buf); + + switch (f->type) { + + case NGX_QUIC_FT_CRYPTO: + p = ngx_slprintf(p, last, "CRYPTO len:%uL off:%uL", + f->u.crypto.length, f->u.crypto.offset); + break; + + case NGX_QUIC_FT_PADDING: + p = ngx_slprintf(p, last, "PADDING"); + break; + + case NGX_QUIC_FT_ACK: + case NGX_QUIC_FT_ACK_ECN: + + p = ngx_slprintf(p, last, "ACK n:%ui delay:%uL ", + f->u.ack.range_count, f->u.ack.delay); + + if (f->data) { + pos = f->data->buf->pos; + end = f->data->buf->end; + + } else { + pos = NULL; + end = NULL; + } + + largest = f->u.ack.largest; + smallest = f->u.ack.largest - f->u.ack.first_range; + + if (largest == smallest) { + p = ngx_slprintf(p, last, "%uL", largest); + + } else { + p = ngx_slprintf(p, last, "%uL-%uL", largest, smallest); + } + + for (i = 0; i < f->u.ack.range_count; i++) { + n = ngx_quic_parse_ack_range(log, pos, end, &gap, &range); + if (n == NGX_ERROR) { + break; + } + + pos += n; + + largest = smallest - gap - 2; + smallest = largest - range; + + if (largest == smallest) { + p = ngx_slprintf(p, last, " %uL", largest); + + } else { + p = ngx_slprintf(p, last, " %uL-%uL", largest, smallest); + } + } + + if (f->type == NGX_QUIC_FT_ACK_ECN) { + p = ngx_slprintf(p, last, " ECN counters ect0:%uL ect1:%uL ce:%uL", + f->u.ack.ect0, f->u.ack.ect1, f->u.ack.ce); + } + break; + + case NGX_QUIC_FT_PING: + p = ngx_slprintf(p, last, "PING"); + break; + + case NGX_QUIC_FT_NEW_CONNECTION_ID: + p = ngx_slprintf(p, last, + "NEW_CONNECTION_ID seq:%uL retire:%uL len:%ud", + f->u.ncid.seqnum, f->u.ncid.retire, f->u.ncid.len); + break; + + case NGX_QUIC_FT_RETIRE_CONNECTION_ID: + p = ngx_slprintf(p, last, "RETIRE_CONNECTION_ID seqnum:%uL", + f->u.retire_cid.sequence_number); + break; + + case NGX_QUIC_FT_CONNECTION_CLOSE: + case NGX_QUIC_FT_CONNECTION_CLOSE_APP: + p = ngx_slprintf(p, last, "CONNECTION_CLOSE%s err:%ui", + f->u.close.app ? "_APP" : "", f->u.close.error_code); + + if (f->u.close.reason.len) { + p = ngx_slprintf(p, last, " %V", &f->u.close.reason); + } + + if (f->type == NGX_QUIC_FT_CONNECTION_CLOSE) { + p = ngx_slprintf(p, last, " ft:%ui", f->u.close.frame_type); + } + + + break; + + case NGX_QUIC_FT_STREAM0: + case NGX_QUIC_FT_STREAM1: + case NGX_QUIC_FT_STREAM2: + case NGX_QUIC_FT_STREAM3: + case NGX_QUIC_FT_STREAM4: + case NGX_QUIC_FT_STREAM5: + case NGX_QUIC_FT_STREAM6: + case NGX_QUIC_FT_STREAM7: + + p = ngx_slprintf(p, last, "STREAM id:0x%xL", f->u.stream.stream_id); + + if (f->u.stream.off) { + p = ngx_slprintf(p, last, " off:%uL", f->u.stream.offset); + } + + if (f->u.stream.len) { + p = ngx_slprintf(p, last, " len:%uL", f->u.stream.length); + } + + if (f->u.stream.fin) { + p = ngx_slprintf(p, last, " fin:1"); + } + +#ifdef NGX_QUIC_DEBUG_FRAMES + { + ngx_chain_t *cl; + + p = ngx_slprintf(p, last, " data:"); + + for (cl = f->data; cl; cl = cl->next) { + p = ngx_slprintf(p, last, "%*xs", + cl->buf->last - cl->buf->pos, cl->buf->pos); + } + } +#endif + + break; + + case NGX_QUIC_FT_MAX_DATA: + p = ngx_slprintf(p, last, "MAX_DATA max_data:%uL on recv", + f->u.max_data.max_data); + break; + + case NGX_QUIC_FT_RESET_STREAM: + p = ngx_slprintf(p, last, "RESET_STREAM" + " id:0x%xL error_code:0x%xL final_size:0x%xL", + f->u.reset_stream.id, f->u.reset_stream.error_code, + f->u.reset_stream.final_size); + break; + + case NGX_QUIC_FT_STOP_SENDING: + p = ngx_slprintf(p, last, "STOP_SENDING id:0x%xL err:0x%xL", + f->u.stop_sending.id, f->u.stop_sending.error_code); + break; + + case NGX_QUIC_FT_STREAMS_BLOCKED: + case NGX_QUIC_FT_STREAMS_BLOCKED2: + p = ngx_slprintf(p, last, "STREAMS_BLOCKED limit:%uL bidi:%ui", + f->u.streams_blocked.limit, f->u.streams_blocked.bidi); + break; + + case NGX_QUIC_FT_MAX_STREAMS: + case NGX_QUIC_FT_MAX_STREAMS2: + p = ngx_slprintf(p, last, "MAX_STREAMS limit:%uL bidi:%ui", + f->u.max_streams.limit, f->u.max_streams.bidi); + break; + + case NGX_QUIC_FT_MAX_STREAM_DATA: + p = ngx_slprintf(p, last, "MAX_STREAM_DATA id:0x%xL limit:%uL", + f->u.max_stream_data.id, f->u.max_stream_data.limit); + break; + + + case NGX_QUIC_FT_DATA_BLOCKED: + p = ngx_slprintf(p, last, "DATA_BLOCKED limit:%uL", + f->u.data_blocked.limit); + break; + + case NGX_QUIC_FT_STREAM_DATA_BLOCKED: + p = ngx_slprintf(p, last, "STREAM_DATA_BLOCKED id:0x%xL limit:%uL", + f->u.stream_data_blocked.id, + f->u.stream_data_blocked.limit); + break; + + case NGX_QUIC_FT_PATH_CHALLENGE: + p = ngx_slprintf(p, last, "PATH_CHALLENGE data:0x%*xs", + sizeof(f->u.path_challenge.data), + f->u.path_challenge.data); + break; + + case NGX_QUIC_FT_PATH_RESPONSE: + p = ngx_slprintf(p, last, "PATH_RESPONSE data:0x%*xs", + sizeof(f->u.path_challenge.data), + f->u.path_challenge.data); + break; + + case NGX_QUIC_FT_NEW_TOKEN: + p = ngx_slprintf(p, last, "NEW_TOKEN"); + break; + + case NGX_QUIC_FT_HANDSHAKE_DONE: + p = ngx_slprintf(p, last, "HANDSHAKE DONE"); + break; + + default: + p = ngx_slprintf(p, last, "unknown type 0x%xi", f->type); + break; + } + + ngx_log_debug4(NGX_LOG_DEBUG_EVENT, log, 0, "quic frame %s %s %*s", + tx ? "tx" : "rx", ngx_quic_level_name(f->level), + p - buf, buf); +} + + +static void +ngx_quic_connstate_dbg(ngx_connection_t *c) +{ + u_char *p, *last; + ngx_quic_connection_t *qc; + u_char buf[NGX_MAX_ERROR_STR]; + + p = buf; + last = p + sizeof(buf); + + qc = ngx_quic_get_connection(c); + + p = ngx_slprintf(p, last, "state:"); + + if (qc) { + + if (qc->error) { + p = ngx_slprintf(p, last, "%s", qc->error_app ? " app" : ""); + p = ngx_slprintf(p, last, " error:%ui", qc->error); + + if (qc->error_reason) { + p = ngx_slprintf(p, last, " \"%s\"", qc->error_reason); + } + } + + p = ngx_slprintf(p, last, "%s", qc->closing ? " closing" : ""); + p = ngx_slprintf(p, last, "%s", qc->draining ? " draining" : ""); + p = ngx_slprintf(p, last, "%s", qc->key_phase ? " kp" : ""); + p = ngx_slprintf(p, last, "%s", qc->in_retry ? " retry" : ""); + p = ngx_slprintf(p, last, "%s", qc->validated? " valid" : ""); + + } else { + p = ngx_slprintf(p, last, " early"); + } + + if (c->read->timer_set) { + p = ngx_slprintf(p, last, + qc && qc->send_timer_set ? " send:%M" : " read:%M", + c->read->timer.key - ngx_current_msec); + } + + if (qc) { + + if (qc->push.timer_set) { + p = ngx_slprintf(p, last, " push:%M", + qc->push.timer.key - ngx_current_msec); + } + + if (qc->pto.timer_set) { + p = ngx_slprintf(p, last, " pto:%M", + qc->pto.timer.key - ngx_current_msec); + } + + if (qc->close.timer_set) { + p = ngx_slprintf(p, last, " close:%M", + qc->close.timer.key - ngx_current_msec); + } + } + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic %*s", p - buf, buf); +} + +#else + +#define ngx_quic_log_frame(log, f, tx) +#define ngx_quic_connstate_dbg(c) + +#endif + + +#if BORINGSSL_API_VERSION >= 10 + +static int +ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, + const uint8_t *rsecret, size_t secret_len) +{ + ngx_connection_t *c; + ngx_quic_connection_t *qc; + + c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); + qc = ngx_quic_get_connection(c); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_set_read_secret() level:%d", level); +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic read secret len:%uz %*xs", secret_len, + secret_len, rsecret); +#endif + + return ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, + cipher, rsecret, secret_len); +} + + +static int +ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, + const uint8_t *wsecret, size_t secret_len) +{ + ngx_connection_t *c; + ngx_quic_connection_t *qc; + + c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); + qc = ngx_quic_get_connection(c); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_set_write_secret() level:%d", level); +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic write secret len:%uz %*xs", secret_len, + secret_len, wsecret); +#endif + + return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, + cipher, wsecret, secret_len); +} + +#else + +static int +ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, const uint8_t *rsecret, + const uint8_t *wsecret, size_t secret_len) +{ + ngx_connection_t *c; + const SSL_CIPHER *cipher; + ngx_quic_connection_t *qc; + + c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); + qc = ngx_quic_get_connection(c); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_set_encryption_secrets() level:%d", level); +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic read secret len:%uz %*xs", secret_len, + secret_len, rsecret); +#endif + + cipher = SSL_get_current_cipher(ssl_conn); + + if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, + cipher, rsecret, secret_len) + != 1) + { + return 0; + } + + if (level == ssl_encryption_early_data) { + return 1; + } + +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic write secret len:%uz %*xs", secret_len, + secret_len, wsecret); +#endif + + return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, + cipher, wsecret, secret_len); +} + +#endif + + +static int +ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, + enum ssl_encryption_level_t level, const uint8_t *data, size_t len) +{ + u_char *p, *end; + size_t client_params_len; + const uint8_t *client_params; + ngx_quic_frame_t *frame; + ngx_connection_t *c; + ngx_quic_connection_t *qc; + ngx_quic_frames_stream_t *fs; + + c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); + qc = ngx_quic_get_connection(c); + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_add_handshake_data"); + + if (!qc->client_tp_done) { + /* + * things to do once during handshake: check ALPN and transport + * parameters; we want to break handshake if something is wrong + * here; + */ + +#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) + if (qc->conf->require_alpn) { + unsigned int len; + const unsigned char *data; + + SSL_get0_alpn_selected(ssl_conn, &data, &len); + + if (len == 0) { + qc->error = 0x100 + SSL_AD_NO_APPLICATION_PROTOCOL; + qc->error_reason = "unsupported protocol in ALPN extension"; + + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic unsupported protocol in ALPN extension"); + return 0; + } + } +#endif + + SSL_get_peer_quic_transport_params(ssl_conn, &client_params, + &client_params_len); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic SSL_get_peer_quic_transport_params():" + " params_len:%ui", client_params_len); + + if (client_params_len == 0) { + /* quic-tls 8.2 */ + qc->error = NGX_QUIC_ERR_CRYPTO(SSL_AD_MISSING_EXTENSION); + qc->error_reason = "missing transport parameters"; + + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "missing transport parameters"); + return 0; + } + + p = (u_char *) client_params; + end = p + client_params_len; + + if (ngx_quic_parse_transport_params(p, end, &qc->ctp, c->log) + != NGX_OK) + { + qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; + qc->error_reason = "failed to process transport parameters"; + + return 0; + } + + if (qc->ctp.max_idle_timeout > 0 + && qc->ctp.max_idle_timeout < qc->tp.max_idle_timeout) + { + qc->tp.max_idle_timeout = qc->ctp.max_idle_timeout; + } + + if (qc->ctp.max_udp_payload_size < NGX_QUIC_MIN_INITIAL_SIZE + || qc->ctp.max_udp_payload_size > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) + { + qc->error = NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR; + qc->error_reason = "invalid maximum packet size"; + + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic maximum packet size is invalid"); + return 0; + } + + if (qc->ctp.max_udp_payload_size > ngx_quic_max_udp_payload(c)) { + qc->ctp.max_udp_payload_size = ngx_quic_max_udp_payload(c); + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic client maximum packet size truncated"); + } + +#if (NGX_QUIC_DRAFT_VERSION >= 28) + if (qc->scid.len != qc->ctp.initial_scid.len + || ngx_memcmp(qc->scid.data, qc->ctp.initial_scid.data, + qc->scid.len) != 0) + { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic client initial_source_connection_id " + "mismatch"); + return 0; + } +#endif + + qc->streams.server_max_streams_bidi = qc->ctp.initial_max_streams_bidi; + qc->streams.server_max_streams_uni = qc->ctp.initial_max_streams_uni; + + qc->client_tp_done = 1; + } + + fs = &qc->crypto[level]; + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return 0; + } + + frame->data = ngx_quic_copy_buf(c, (u_char *) data, len); + if (frame->data == NGX_CHAIN_ERROR) { + return 0; + } + + frame->level = level; + frame->type = NGX_QUIC_FT_CRYPTO; + frame->u.crypto.offset = fs->sent; + frame->u.crypto.length = len; + + fs->sent += len; + + ngx_quic_queue_frame(qc, frame); + + return 1; +} + + +static int +ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn) +{ +#if (NGX_DEBUG) + ngx_connection_t *c; + + c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_flush_flight()"); +#endif + return 1; +} + + +static int +ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level, + uint8_t alert) +{ + ngx_connection_t *c; + ngx_quic_connection_t *qc; + + c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_send_alert() lvl:%d alert:%d", + (int) level, (int) alert); + + qc = ngx_quic_get_connection(c); + if (qc == NULL) { + return 1; + } + + qc->error_level = level; + qc->error = NGX_QUIC_ERR_CRYPTO(alert); + qc->error_reason = "TLS alert"; + qc->error_app = 0; + qc->error_ftype = 0; + + if (ngx_quic_send_cc(c) != NGX_OK) { + return 0; + } + + return 1; +} + + +void +ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf) +{ + ngx_int_t rc; + ngx_quic_connection_t *qc; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic run"); + + rc = ngx_quic_input(c, c->buffer, conf); + if (rc != NGX_OK) { + ngx_quic_close_connection(c, rc == NGX_DECLINED ? NGX_DONE : NGX_ERROR); + return; + } + + qc = ngx_quic_get_connection(c); + + ngx_add_timer(c->read, qc->in_retry ? NGX_QUIC_RETRY_TIMEOUT + : qc->tp.max_idle_timeout); + + c->read->handler = ngx_quic_input_handler; + + ngx_quic_connstate_dbg(c); + return; +} + + +static ngx_quic_connection_t * +ngx_quic_new_connection(ngx_connection_t *c, ngx_quic_conf_t *conf, + ngx_quic_header_t *pkt) +{ + ngx_uint_t i; + ngx_quic_tp_t *ctp; + ngx_quic_client_id_t *cid; + ngx_quic_connection_t *qc; + + qc = ngx_pcalloc(c->pool, sizeof(ngx_quic_connection_t)); + if (qc == NULL) { + return NULL; + } + + qc->keys = ngx_quic_keys_new(c->pool); + if (qc->keys == NULL) { + return NULL; + } + + qc->version = pkt->version; + + ngx_rbtree_init(&qc->streams.tree, &qc->streams.sentinel, + ngx_quic_rbtree_insert_stream); + + for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { + ngx_queue_init(&qc->send_ctx[i].frames); + ngx_queue_init(&qc->send_ctx[i].sent); + qc->send_ctx[i].largest_pn = NGX_QUIC_UNSET_PN; + qc->send_ctx[i].largest_ack = NGX_QUIC_UNSET_PN; + qc->send_ctx[i].largest_range = NGX_QUIC_UNSET_PN; + qc->send_ctx[i].pending_ack = NGX_QUIC_UNSET_PN; + } + + qc->send_ctx[0].level = ssl_encryption_initial; + qc->send_ctx[1].level = ssl_encryption_handshake; + qc->send_ctx[2].level = ssl_encryption_application; + + for (i = 0; i < NGX_QUIC_ENCRYPTION_LAST; i++) { + ngx_queue_init(&qc->crypto[i].frames); + } + + ngx_queue_init(&qc->free_frames); + ngx_queue_init(&qc->client_ids); + ngx_queue_init(&qc->server_ids); + ngx_queue_init(&qc->free_client_ids); + ngx_queue_init(&qc->free_server_ids); + + qc->avg_rtt = NGX_QUIC_INITIAL_RTT; + qc->rttvar = NGX_QUIC_INITIAL_RTT / 2; + qc->min_rtt = NGX_TIMER_INFINITE; + + /* + * qc->latest_rtt = 0 + * qc->nclient_ids = 0 + * qc->nserver_ids = 0 + * qc->max_retired_seqnum = 0 + */ + + qc->received = pkt->raw->last - pkt->raw->start; + + qc->pto.log = c->log; + qc->pto.data = c; + qc->pto.handler = ngx_quic_pto_handler; + qc->pto.cancelable = 1; + + qc->push.log = c->log; + qc->push.data = c; + qc->push.handler = ngx_quic_push_handler; + qc->push.cancelable = 1; + + qc->conf = conf; + qc->tp = conf->tp; + + if (qc->tp.disable_active_migration) { + qc->sockaddr = ngx_palloc(c->pool, c->socklen); + if (qc->sockaddr == NULL) { + return NULL; + } + + ngx_memcpy(qc->sockaddr, c->sockaddr, c->socklen); + qc->socklen = c->socklen; + } + + ctp = &qc->ctp; + ctp->max_udp_payload_size = ngx_quic_max_udp_payload(c); + ctp->ack_delay_exponent = NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT; + ctp->max_ack_delay = NGX_QUIC_DEFAULT_MAX_ACK_DELAY; + + qc->streams.recv_max_data = qc->tp.initial_max_data; + + qc->streams.client_max_streams_uni = qc->tp.initial_max_streams_uni; + qc->streams.client_max_streams_bidi = qc->tp.initial_max_streams_bidi; + + qc->congestion.window = ngx_min(10 * qc->tp.max_udp_payload_size, + ngx_max(2 * qc->tp.max_udp_payload_size, + 14720)); + qc->congestion.ssthresh = (size_t) -1; + qc->congestion.recovery_start = ngx_current_msec; + + qc->odcid.len = pkt->dcid.len; + qc->odcid.data = ngx_pstrdup(c->pool, &pkt->dcid); + if (qc->odcid.data == NULL) { + return NULL; + } + + qc->dcid.len = NGX_QUIC_SERVER_CID_LEN; + qc->dcid.data = ngx_pnalloc(c->pool, qc->dcid.len); + if (qc->dcid.data == NULL) { + return NULL; + } + + if (ngx_quic_create_server_id(c, qc->dcid.data) != NGX_OK) { + return NULL; + } + +#if (NGX_QUIC_DRAFT_VERSION >= 28) + qc->tp.original_dcid = qc->odcid; +#endif + qc->tp.initial_scid = qc->dcid; + + qc->scid.len = pkt->scid.len; + qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len); + if (qc->scid.data == NULL) { + return NULL; + } + ngx_memcpy(qc->scid.data, pkt->scid.data, qc->scid.len); + + cid = ngx_quic_alloc_client_id(c, qc); + if (cid == NULL) { + return NULL; + } + + cid->seqnum = 0; + cid->len = pkt->scid.len; + ngx_memcpy(cid->id, pkt->scid.data, pkt->scid.len); + + ngx_queue_insert_tail(&qc->client_ids, &cid->queue); + qc->nclient_ids++; + qc->client_seqnum = 0; + + qc->server_seqnum = NGX_QUIC_UNSET_PN; + + return qc; +} + + +static ngx_int_t +ngx_quic_send_stateless_reset(ngx_connection_t *c, ngx_quic_conf_t *conf, + ngx_quic_header_t *pkt) +{ + u_char *token; + size_t len, max; + uint16_t rndbytes; + u_char buf[NGX_QUIC_MAX_SR_PACKET]; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic handle stateless reset output"); + + if (pkt->len <= NGX_QUIC_MIN_PKT_LEN) { + return NGX_DECLINED; + } + + if (pkt->len <= NGX_QUIC_MIN_SR_PACKET) { + len = pkt->len - 1; + + } else { + max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len * 3); + + if (RAND_bytes((u_char *) &rndbytes, sizeof(rndbytes)) != 1) { + return NGX_ERROR; + } + + len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET + 1)) + + NGX_QUIC_MIN_SR_PACKET; + } + + if (RAND_bytes(buf, len - NGX_QUIC_SR_TOKEN_LEN) != 1) { + return NGX_ERROR; + } + + buf[0] &= ~NGX_QUIC_PKT_LONG; + buf[0] |= NGX_QUIC_PKT_FIXED_BIT; + + token = &buf[len - NGX_QUIC_SR_TOKEN_LEN]; + + if (ngx_quic_new_sr_token(c, &pkt->dcid, &conf->sr_token_key, token) + != NGX_OK) + { + return NGX_ERROR; + } + + (void) ngx_quic_send(c, buf, len); + + return NGX_DECLINED; +} + + +static ngx_int_t +ngx_quic_process_stateless_reset(ngx_connection_t *c, ngx_quic_header_t *pkt) +{ + u_char *tail, ch; + ngx_uint_t i; + ngx_queue_t *q; + ngx_quic_client_id_t *cid; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + /* A stateless reset uses an entire UDP datagram */ + if (pkt->raw->start != pkt->data) { + return NGX_DECLINED; + } + + tail = pkt->raw->last - NGX_QUIC_SR_TOKEN_LEN; + + for (q = ngx_queue_head(&qc->client_ids); + q != ngx_queue_sentinel(&qc->client_ids); + q = ngx_queue_next(q)) + { + cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); + + if (cid->seqnum == 0) { + /* no stateless reset token in initial connection id */ + continue; + } + + /* constant time comparison */ + + for (ch = 0, i = 0; i < NGX_QUIC_SR_TOKEN_LEN; i++) { + ch |= tail[i] ^ cid->sr_token[i]; + } + + if (ch == 0) { + return NGX_OK; + } + } + + return NGX_DECLINED; +} + + +static ngx_int_t +ngx_quic_negotiate_version(ngx_connection_t *c, ngx_quic_header_t *inpkt) +{ + size_t len; + ngx_quic_header_t pkt; + static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "sending version negotiation packet"); + + pkt.log = c->log; + pkt.flags = NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_FIXED_BIT; + pkt.dcid = inpkt->scid; + pkt.scid = inpkt->dcid; + + len = ngx_quic_create_version_negotiation(&pkt, buf); + +#ifdef NGX_QUIC_DEBUG_PACKETS + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic vnego packet to send len:%uz %*xs", len, len, buf); +#endif + + (void) ngx_quic_send(c, buf, len); + + return NGX_ERROR; +} + + +static ngx_int_t +ngx_quic_create_server_id(ngx_connection_t *c, u_char *id) +{ + if (RAND_bytes(id, NGX_QUIC_SERVER_CID_LEN) != 1) { + return NGX_ERROR; + } + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic create server id %*xs", + (size_t) NGX_QUIC_SERVER_CID_LEN, id); + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_send_retry(ngx_connection_t *c) +{ + ssize_t len; + ngx_str_t res, token; + ngx_quic_header_t pkt; + ngx_quic_connection_t *qc; + u_char buf[NGX_QUIC_RETRY_BUFFER_SIZE]; + + qc = ngx_quic_get_connection(c); + + if (ngx_quic_new_token(c, &token) != NGX_OK) { + return NGX_ERROR; + } + + ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); + pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_RETRY; + pkt.version = qc->version; + pkt.log = c->log; + pkt.odcid = qc->odcid; + pkt.dcid = qc->scid; + pkt.scid = qc->dcid; + pkt.token = token; + + res.data = buf; + + if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) { + return NGX_ERROR; + } + +#ifdef NGX_QUIC_DEBUG_PACKETS + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic packet to send len:%uz %xV", res.len, &res); +#endif + + len = ngx_quic_send(c, res.data, res.len); + if (len == NGX_ERROR) { + return NGX_ERROR; + } + + qc->token = token; +#if (NGX_QUIC_DRAFT_VERSION < 28) + qc->tp.original_dcid = qc->odcid; +#endif + qc->tp.retry_scid = qc->dcid; + qc->in_retry = 1; + + if (ngx_quic_insert_server_id(c, &qc->dcid) == NULL) { + return NGX_ERROR; + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_new_token(ngx_connection_t *c, ngx_str_t *token) +{ + int len, iv_len; + u_char *data, *p, *key, *iv; + ngx_msec_t now; + EVP_CIPHER_CTX *ctx; + const EVP_CIPHER *cipher; + struct sockaddr_in *sin; +#if (NGX_HAVE_INET6) + struct sockaddr_in6 *sin6; +#endif + ngx_quic_connection_t *qc; + u_char in[NGX_QUIC_MAX_TOKEN_SIZE]; + + switch (c->sockaddr->sa_family) { + +#if (NGX_HAVE_INET6) + case AF_INET6: + sin6 = (struct sockaddr_in6 *) c->sockaddr; + + len = sizeof(struct in6_addr); + data = sin6->sin6_addr.s6_addr; + + break; +#endif + +#if (NGX_HAVE_UNIX_DOMAIN) + case AF_UNIX: + + len = ngx_min(c->addr_text.len, NGX_QUIC_MAX_TOKEN_SIZE - sizeof(now)); + data = c->addr_text.data; + + break; +#endif + + default: /* AF_INET */ + sin = (struct sockaddr_in *) c->sockaddr; + + len = sizeof(in_addr_t); + data = (u_char *) &sin->sin_addr; + + break; + } + + p = ngx_cpymem(in, data, len); + + now = ngx_current_msec; + len += sizeof(now); + ngx_memcpy(p, &now, sizeof(now)); + + cipher = EVP_aes_256_cbc(); + iv_len = EVP_CIPHER_iv_length(cipher); + + token->len = iv_len + len + EVP_CIPHER_block_size(cipher); + token->data = ngx_pnalloc(c->pool, token->len); + if (token->data == NULL) { + return NGX_ERROR; + } + + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + return NGX_ERROR; + } + + qc = ngx_quic_get_connection(c); + key = qc->conf->token_key; + iv = token->data; + + if (RAND_bytes(iv, iv_len) <= 0 + || !EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv)) + { + EVP_CIPHER_CTX_free(ctx); + return NGX_ERROR; + } + + token->len = iv_len; + + if (EVP_EncryptUpdate(ctx, token->data + token->len, &len, in, len) != 1) { + EVP_CIPHER_CTX_free(ctx); + return NGX_ERROR; + } + + token->len += len; + + if (EVP_EncryptFinal_ex(ctx, token->data + token->len, &len) <= 0) { + EVP_CIPHER_CTX_free(ctx); + return NGX_ERROR; + } + + token->len += len; + + EVP_CIPHER_CTX_free(ctx); + +#ifdef NGX_QUIC_DEBUG_PACKETS + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic new token len:%uz %xV", token->len, token); +#endif + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_validate_token(ngx_connection_t *c, ngx_quic_header_t *pkt) +{ + int len, tlen, iv_len; + u_char *key, *iv, *p, *data; + ngx_msec_t msec; + EVP_CIPHER_CTX *ctx; + const EVP_CIPHER *cipher; + struct sockaddr_in *sin; +#if (NGX_HAVE_INET6) + struct sockaddr_in6 *sin6; +#endif + ngx_quic_connection_t *qc; + u_char tdec[NGX_QUIC_MAX_TOKEN_SIZE]; + + qc = ngx_quic_get_connection(c); + + /* Retry token */ + + if (qc->token.len) { + if (pkt->token.len != qc->token.len) { + goto bad_token; + } + + if (ngx_memcmp(pkt->token.data, qc->token.data, pkt->token.len) != 0) { + goto bad_token; + } + + return NGX_OK; + } + + /* NEW_TOKEN in a previous connection */ + + cipher = EVP_aes_256_cbc(); + key = qc->conf->token_key; + iv = pkt->token.data; + iv_len = EVP_CIPHER_iv_length(cipher); + + /* sanity checks */ + + if (pkt->token.len < (size_t) iv_len + EVP_CIPHER_block_size(cipher)) { + goto bad_token; + } + + if (pkt->token.len > (size_t) iv_len + NGX_QUIC_MAX_TOKEN_SIZE) { + goto bad_token; + } + + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + return NGX_ERROR; + } + + if (!EVP_DecryptInit_ex(ctx, cipher, NULL, key, iv)) { + EVP_CIPHER_CTX_free(ctx); + return NGX_ERROR; + } + + p = pkt->token.data + iv_len; + len = pkt->token.len - iv_len; + + if (EVP_DecryptUpdate(ctx, tdec, &len, p, len) != 1) { + EVP_CIPHER_CTX_free(ctx); + goto bad_token; + } + + if (EVP_DecryptFinal_ex(ctx, tdec + len, &tlen) <= 0) { + EVP_CIPHER_CTX_free(ctx); + goto bad_token; + } + + EVP_CIPHER_CTX_free(ctx); + + switch (c->sockaddr->sa_family) { + +#if (NGX_HAVE_INET6) + case AF_INET6: + sin6 = (struct sockaddr_in6 *) c->sockaddr; + + len = sizeof(struct in6_addr); + data = sin6->sin6_addr.s6_addr; + + break; +#endif + +#if (NGX_HAVE_UNIX_DOMAIN) + case AF_UNIX: + + len = ngx_min(c->addr_text.len, NGX_QUIC_MAX_TOKEN_SIZE - sizeof(msec)); + data = c->addr_text.data; + + break; +#endif + + default: /* AF_INET */ + sin = (struct sockaddr_in *) c->sockaddr; + + len = sizeof(in_addr_t); + data = (u_char *) &sin->sin_addr; + + break; + } + + if (ngx_memcmp(tdec, data, len) != 0) { + goto bad_token; + } + + ngx_memcpy(&msec, tdec + len, sizeof(msec)); + + if (ngx_current_msec - msec > NGX_QUIC_RETRY_LIFETIME) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic expired token"); + return NGX_DECLINED; + } + + return NGX_OK; + +bad_token: + + ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic invalid token"); + + qc->error = NGX_QUIC_ERR_INVALID_TOKEN; + qc->error_reason = "invalid_token"; + + return NGX_DECLINED; +} + + +static ngx_int_t +ngx_quic_init_connection(ngx_connection_t *c) +{ + u_char *p; + size_t clen; + ssize_t len; + ngx_ssl_conn_t *ssl_conn; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (ngx_ssl_create_connection(qc->conf->ssl, c, NGX_SSL_BUFFER) != NGX_OK) { + return NGX_ERROR; + } + + c->ssl->no_wait_shutdown = 1; + + ssl_conn = c->ssl->connection; + + if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic SSL_set_quic_method() failed"); + return NGX_ERROR; + } + +#ifdef SSL_READ_EARLY_DATA_SUCCESS + if (SSL_CTX_get_max_early_data(qc->conf->ssl->ctx)) { + SSL_set_quic_early_data_enabled(ssl_conn, 1); + } +#endif + + if (ngx_quic_new_sr_token(c, &qc->dcid, &qc->conf->sr_token_key, + qc->tp.sr_token) + != NGX_OK) + { + return NGX_ERROR; + } + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stateless reset token %*xs", + (size_t) NGX_QUIC_SR_TOKEN_LEN, qc->tp.sr_token); + + len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp, &clen); + /* always succeeds */ + + p = ngx_pnalloc(c->pool, len); + if (p == NULL) { + return NGX_ERROR; + } + + len = ngx_quic_create_transport_params(p, p + len, &qc->tp, NULL); + if (len < 0) { + return NGX_ERROR; + } + +#ifdef NGX_QUIC_DEBUG_PACKETS + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic transport parameters len:%uz %*xs", len, len, p); +#endif + + if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic SSL_set_quic_transport_params() failed"); + return NGX_ERROR; + } + +#if NGX_OPENSSL_QUIC_ZRTT_CTX + if (SSL_set_quic_early_data_context(ssl_conn, p, clen) == 0) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic SSL_set_quic_early_data_context() failed"); + return NGX_ERROR; + } +#endif + + return NGX_OK; +} + + +static ngx_inline size_t +ngx_quic_max_udp_payload(ngx_connection_t *c) +{ + /* TODO: path MTU discovery */ + +#if (NGX_HAVE_INET6) + if (c->sockaddr->sa_family == AF_INET6) { + return NGX_QUIC_MAX_UDP_PAYLOAD_OUT6; + } +#endif + + return NGX_QUIC_MAX_UDP_PAYLOAD_OUT; +} + + +static void +ngx_quic_input_handler(ngx_event_t *rev) +{ + ssize_t n; + ngx_int_t rc; + ngx_buf_t b; + ngx_connection_t *c; + ngx_quic_connection_t *qc; + static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, rev->log, 0, "quic input handler"); + + ngx_memzero(&b, sizeof(ngx_buf_t)); + b.start = buf; + b.end = buf + sizeof(buf); + b.pos = b.last = b.start; + b.memory = 1; + + c = rev->data; + qc = ngx_quic_get_connection(c); + + c->log->action = "handling quic input"; + + if (rev->timedout) { + ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, + "quic client timed out"); + ngx_quic_close_connection(c, NGX_DONE); + return; + } + + if (c->close) { + qc->error_reason = "graceful shutdown"; + ngx_quic_close_connection(c, NGX_OK); + return; + } + + n = c->recv(c, b.start, b.end - b.start); + + if (n == NGX_AGAIN) { + if (qc->closing) { + ngx_quic_close_connection(c, NGX_OK); + } + return; + } + + if (n == NGX_ERROR) { + c->read->eof = 1; + ngx_quic_close_connection(c, NGX_ERROR); + return; + } + + if (qc->tp.disable_active_migration) { + if (c->socklen != qc->socklen + || ngx_memcmp(c->sockaddr, qc->sockaddr, c->socklen) != 0) + { + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic dropping packet from new address"); + return; + } + } + + b.last += n; + qc->received += n; + + rc = ngx_quic_input(c, &b, NULL); + + if (rc == NGX_ERROR) { + ngx_quic_close_connection(c, NGX_ERROR); + return; + } + + if (rc == NGX_DECLINED) { + return; + } + + /* rc == NGX_OK */ + + qc->send_timer_set = 0; + ngx_add_timer(rev, qc->tp.max_idle_timeout); + + ngx_quic_connstate_dbg(c); +} + + +static void +ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc) +{ + ngx_pool_t *pool; + ngx_quic_connection_t *qc; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_close_connection rc:%i", rc); + + qc = ngx_quic_get_connection(c); + + if (qc == NULL) { + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic close connection early error"); + + } else if (ngx_quic_close_quic(c, rc) == NGX_AGAIN) { + return; + } + + if (c->ssl) { + (void) ngx_ssl_shutdown(c); + } + + if (c->read->timer_set) { + ngx_del_timer(c->read); + } + +#if (NGX_STAT_STUB) + (void) ngx_atomic_fetch_add(ngx_stat_active, -1); +#endif + + c->destroyed = 1; + + pool = c->pool; + + ngx_close_connection(c); + + ngx_destroy_pool(pool); +} + + +static ngx_int_t +ngx_quic_close_quic(ngx_connection_t *c, ngx_int_t rc) +{ + ngx_uint_t i; + ngx_queue_t *q; + ngx_quic_send_ctx_t *ctx; + ngx_quic_server_id_t *sid; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (!qc->closing) { + + /* drop packets from retransmit queues, no ack is expected */ + for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { + ngx_quic_free_frames(c, &qc->send_ctx[i].sent); + } + + if (rc == NGX_DONE) { + + /* + * 10.2. Idle Timeout + * + * If the idle timeout is enabled by either peer, a connection is + * silently closed and its state is discarded when it remains idle + */ + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic closing %s connection", + qc->draining ? "drained" : "idle"); + + } else { + + /* + * 10.3. Immediate Close + * + * An endpoint sends a CONNECTION_CLOSE frame (Section 19.19) + * to terminate the connection immediately. + */ + + qc->error_level = c->ssl ? SSL_quic_read_level(c->ssl->connection) + : ssl_encryption_initial; + + if (rc == NGX_OK) { + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic immediate close drain:%d", + qc->draining); + + qc->close.log = c->log; + qc->close.data = c; + qc->close.handler = ngx_quic_close_timer_handler; + qc->close.cancelable = 1; + + ctx = ngx_quic_get_send_ctx(qc, qc->error_level); + + ngx_add_timer(&qc->close, 3 * ngx_quic_pto(c, ctx)); + + qc->error = NGX_QUIC_ERR_NO_ERROR; + + } else { + if (qc->error == 0 && !qc->error_app) { + qc->error = NGX_QUIC_ERR_INTERNAL_ERROR; + } + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic immediate close due to %s error: %ui %s", + qc->error_app ? "app " : "", qc->error, + qc->error_reason ? qc->error_reason : ""); + } + + (void) ngx_quic_send_cc(c); + + if (qc->error_level == ssl_encryption_handshake) { + /* for clients that might not have handshake keys */ + qc->error_level = ssl_encryption_initial; + (void) ngx_quic_send_cc(c); + } + } + + qc->closing = 1; + } + + if (rc == NGX_ERROR && qc->close.timer_set) { + /* do not wait for timer in case of fatal error */ + ngx_del_timer(&qc->close); + } + + if (ngx_quic_close_streams(c, qc) == NGX_AGAIN) { + return NGX_AGAIN; + } + + if (qc->push.timer_set) { + ngx_del_timer(&qc->push); + } + + if (qc->pto.timer_set) { + ngx_del_timer(&qc->pto); + } + + if (qc->push.posted) { + ngx_delete_posted_event(&qc->push); + } + + while (!ngx_queue_empty(&qc->server_ids)) { + q = ngx_queue_head(&qc->server_ids); + sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); + + ngx_queue_remove(q); + ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); + qc->nserver_ids--; + } + + if (qc->close.timer_set) { + return NGX_AGAIN; + } + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic part of connection is terminated"); + + /* may be tested from SSL callback during SSL shutdown */ + c->udp = NULL; + + return NGX_OK; +} + + +void +ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, + const char *reason) +{ + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + qc->error = err; + qc->error_reason = reason; + qc->error_app = 1; + qc->error_ftype = 0; + + ngx_quic_close_connection(c, NGX_ERROR); +} + + +static void +ngx_quic_close_timer_handler(ngx_event_t *ev) +{ + ngx_connection_t *c; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic close timer"); + + c = ev->data; + ngx_quic_close_connection(c, NGX_DONE); +} + + +static ngx_int_t +ngx_quic_close_streams(ngx_connection_t *c, ngx_quic_connection_t *qc) +{ + ngx_event_t *rev, *wev; + ngx_rbtree_t *tree; + ngx_rbtree_node_t *node; + ngx_quic_stream_t *qs; + +#if (NGX_DEBUG) + ngx_uint_t ns; +#endif + + tree = &qc->streams.tree; + + if (tree->root == tree->sentinel) { + return NGX_OK; + } + +#if (NGX_DEBUG) + ns = 0; +#endif + + for (node = ngx_rbtree_min(tree->root, tree->sentinel); + node; + node = ngx_rbtree_next(tree, node)) + { + qs = (ngx_quic_stream_t *) node; + + rev = qs->c->read; + rev->error = 1; + rev->ready = 1; + + wev = qs->c->write; + wev->error = 1; + wev->ready = 1; + + ngx_post_event(rev, &ngx_posted_events); + + if (rev->timer_set) { + ngx_del_timer(rev); + } + +#if (NGX_DEBUG) + ns++; +#endif + } + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic connection has %ui active streams", ns); + + return NGX_AGAIN; +} + + +static ngx_int_t +ngx_quic_input(ngx_connection_t *c, ngx_buf_t *b, ngx_quic_conf_t *conf) +{ + u_char *p; + ngx_int_t rc; + ngx_uint_t good; + ngx_quic_header_t pkt; + ngx_quic_connection_t *qc; + + good = 0; + + p = b->pos; + + while (p < b->last) { + + ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); + pkt.raw = b; + pkt.data = p; + pkt.len = b->last - p; + pkt.log = c->log; + pkt.flags = p[0]; + pkt.raw->pos++; + + qc = ngx_quic_get_connection(c); + if (qc) { + qc->error = 0; + qc->error_reason = 0; + } + + rc = ngx_quic_process_packet(c, conf, &pkt); + +#if (NGX_DEBUG) + if (pkt.parsed) { + ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic packet %s done decr:%d pn:%L perr:%ui rc:%i", + ngx_quic_level_name(pkt.level), pkt.decrypted, + pkt.pn, pkt.error, rc); + } else { + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic packet done parse failed rc:%i", rc); + } +#endif + + if (rc == NGX_ERROR) { + return NGX_ERROR; + } + + if (rc == NGX_OK) { + good = 1; + } + + /* NGX_OK || NGX_DECLINED */ + + /* + * we get NGX_DECLINED when there are no keys [yet] available + * to decrypt packet. + * Instead of queueing it, we ignore it and rely on the sender's + * retransmission: + * + * 12.2. Coalescing Packets: + * + * For example, if decryption fails (because the keys are + * not available or any other reason), the receiver MAY either + * discard or buffer the packet for later processing and MUST + * attempt to process the remaining packets. + * + * We also skip packets that don't match connection state + * or cannot be parsed properly. + */ + + /* b->pos is at header end, adjust by actual packet length */ + b->pos = pkt.data + pkt.len; + + /* firefox workaround: skip zero padding at the end of quic packet */ + while (b->pos < b->last && *(b->pos) == 0) { + b->pos++; + } + + p = b->pos; + } + + return good ? NGX_OK : NGX_DECLINED; +} + + +static ngx_int_t +ngx_quic_process_packet(ngx_connection_t *c, ngx_quic_conf_t *conf, + ngx_quic_header_t *pkt) +{ + ngx_int_t rc; + ngx_quic_send_ctx_t *ctx; + ngx_quic_connection_t *qc; + + static u_char buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; + + c->log->action = "parsing quic packet"; + + rc = ngx_quic_parse_packet(pkt); + + if (rc == NGX_DECLINED || rc == NGX_ERROR) { + return rc; + } + + pkt->parsed = 1; + + c->log->action = "processing quic packet"; + + qc = ngx_quic_get_connection(c); + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic packet rx dcid len:%uz %xV", + pkt->dcid.len, &pkt->dcid); + +#if (NGX_DEBUG) + if (pkt->level != ssl_encryption_application) { + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic packet rx scid len:%uz %xV", + pkt->scid.len, &pkt->scid); + } + + if (pkt->level == ssl_encryption_initial) { + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic token len:%uz %xV", + pkt->token.len, &pkt->token); + } +#endif + + if (qc) { + + if (rc == NGX_ABORT) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic unsupported version: 0x%xD", pkt->version); + return NGX_DECLINED; + } + + if (pkt->level != ssl_encryption_application) { + if (pkt->version != qc->version) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic version mismatch: 0x%xD", pkt->version); + return NGX_DECLINED; + } + } + + if (ngx_quic_check_peer(qc, pkt) != NGX_OK) { + + if (pkt->level == ssl_encryption_application) { + if (ngx_quic_process_stateless_reset(c, pkt) == NGX_OK) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic stateless reset packet detected"); + + qc->draining = 1; + ngx_quic_close_connection(c, NGX_OK); + + return NGX_OK; + } + + return ngx_quic_send_stateless_reset(c, qc->conf, pkt); + } + + return NGX_DECLINED; + } + + if (qc->in_retry) { + + c->log->action = "retrying quic connection"; + + if (pkt->level != ssl_encryption_initial) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic discard late retry packet"); + return NGX_DECLINED; + } + + if (!pkt->token.len) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic discard retry packet without token"); + return NGX_DECLINED; + } + + qc->odcid.len = pkt->dcid.len; + qc->odcid.data = ngx_pstrdup(c->pool, &pkt->dcid); + if (qc->odcid.data == NULL) { + return NGX_ERROR; + } + + ngx_quic_clear_temp_server_ids(c); + + qc->dcid.len = NGX_QUIC_SERVER_CID_LEN; + qc->dcid.data = ngx_pnalloc(c->pool, qc->dcid.len); + if (qc->dcid.data == NULL) { + return NGX_ERROR; + } + + if (ngx_quic_create_server_id(c, qc->dcid.data) != NGX_OK) { + return NGX_ERROR; + } + + qc->server_seqnum = 0; + + if (ngx_quic_insert_server_id(c, &qc->dcid) == NULL) { + return NGX_ERROR; + } + + qc->tp.initial_scid = qc->dcid; + qc->in_retry = 0; + + if (ngx_quic_init_secrets(c) != NGX_OK) { + return NGX_ERROR; + } + + if (ngx_quic_validate_token(c, pkt) != NGX_OK) { + return NGX_ERROR; + } + + qc->validated = 1; + } + + } else { + + if (rc == NGX_ABORT) { + return ngx_quic_negotiate_version(c, pkt); + } + + if (pkt->level == ssl_encryption_initial) { + + c->log->action = "creating quic connection"; + + if (pkt->dcid.len < NGX_QUIC_CID_LEN_MIN) { + /* 7.2. Negotiating Connection IDs */ + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic too short dcid in initial" + " packet: len:%i", pkt->dcid.len); + return NGX_ERROR; + } + + qc = ngx_quic_new_connection(c, conf, pkt); + if (qc == NULL) { + return NGX_ERROR; + } + + c->udp = &qc->udp; + + if (ngx_terminate || ngx_exiting) { + qc->error = NGX_QUIC_ERR_CONNECTION_REFUSED; + return NGX_ERROR; + } + + if (pkt->token.len) { + rc = ngx_quic_validate_token(c, pkt); + + if (rc == NGX_OK) { + qc->validated = 1; + + } else if (rc == NGX_ERROR) { + return NGX_ERROR; + + } else { + /* NGX_DECLINED */ + if (conf->retry) { + return ngx_quic_send_retry(c); + } + } + + } else if (conf->retry) { + return ngx_quic_send_retry(c); + } + + if (ngx_quic_init_secrets(c) != NGX_OK) { + return NGX_ERROR; + } + + if (ngx_quic_insert_server_id(c, &qc->odcid) == NULL) { + return NGX_ERROR; + } + + qc->server_seqnum = 0; + + if (ngx_quic_insert_server_id(c, &qc->dcid) == NULL) { + return NGX_ERROR; + } + + } else if (pkt->level == ssl_encryption_application) { + return ngx_quic_send_stateless_reset(c, conf, pkt); + + } else { + return NGX_ERROR; + } + } + + c->log->action = "decrypting packet"; + + if (!ngx_quic_keys_available(qc->keys, pkt->level)) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic no level %d keys yet, ignoring packet", pkt->level); + return NGX_DECLINED; + } + + pkt->keys = qc->keys; + pkt->key_phase = qc->key_phase; + pkt->plaintext = buf; + + ctx = ngx_quic_get_send_ctx(qc, pkt->level); + + rc = ngx_quic_decrypt(pkt, &ctx->largest_pn); + if (rc != NGX_OK) { + qc->error = pkt->error; + qc->error_reason = "failed to decrypt packet"; + return rc; + } + + pkt->decrypted = 1; + + if (c->ssl == NULL) { + if (ngx_quic_init_connection(c) != NGX_OK) { + return NGX_ERROR; + } + } + + if (pkt->level == ssl_encryption_handshake) { + /* + * 4.10.1. The successful use of Handshake packets indicates + * that no more Initial packets need to be exchanged + */ + ngx_quic_discard_ctx(c, ssl_encryption_initial); + + if (qc->validated == 0) { + qc->validated = 1; + ngx_post_event(&qc->push, &ngx_posted_events); + } + } + + pkt->received = ngx_current_msec; + + c->log->action = "handling payload"; + + if (pkt->level != ssl_encryption_application) { + return ngx_quic_payload_handler(c, pkt); + } + + if (!pkt->key_update) { + return ngx_quic_payload_handler(c, pkt); + } + + /* switch keys and generate next on Key Phase change */ + + qc->key_phase ^= 1; + ngx_quic_keys_switch(c, qc->keys); + + rc = ngx_quic_payload_handler(c, pkt); + if (rc != NGX_OK) { + return rc; + } + + return ngx_quic_keys_update(c, qc->keys); +} + + +static ngx_int_t +ngx_quic_init_secrets(ngx_connection_t *c) +{ + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (ngx_quic_keys_set_initial_secret(c->pool, qc->keys, &qc->odcid) + != NGX_OK) + { + return NGX_ERROR; + } + + qc->initialized = 1; + + return NGX_OK; +} + + +static void +ngx_quic_discard_ctx(ngx_connection_t *c, enum ssl_encryption_level_t level) +{ + ngx_queue_t *q; + ngx_quic_frame_t *f; + ngx_quic_send_ctx_t *ctx; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (!ngx_quic_keys_available(qc->keys, level)) { + return; + } + + ngx_quic_keys_discard(qc->keys, level); + + qc->pto_count = 0; + + ctx = ngx_quic_get_send_ctx(qc, level); + + while (!ngx_queue_empty(&ctx->sent)) { + q = ngx_queue_head(&ctx->sent); + ngx_queue_remove(q); + + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + ngx_quic_congestion_ack(c, f); + ngx_quic_free_frame(c, f); + } + + while (!ngx_queue_empty(&ctx->frames)) { + q = ngx_queue_head(&ctx->frames); + ngx_queue_remove(q); + + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + ngx_quic_congestion_ack(c, f); + ngx_quic_free_frame(c, f); + } + + if (level == ssl_encryption_initial) { + ngx_quic_clear_temp_server_ids(c); + } + + ctx->send_ack = 0; +} + + +static ngx_int_t +ngx_quic_check_peer(ngx_quic_connection_t *qc, ngx_quic_header_t *pkt) +{ + ngx_queue_t *q; + ngx_quic_client_id_t *cid; + + if (pkt->level == ssl_encryption_application) { + return NGX_OK; + } + + for (q = ngx_queue_head(&qc->client_ids); + q != ngx_queue_sentinel(&qc->client_ids); + q = ngx_queue_next(q)) + { + cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); + + if (pkt->scid.len == cid->len + && ngx_memcmp(pkt->scid.data, cid->id, cid->len) == 0) + { + return NGX_OK; + } + } + + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic unexpected quic scid"); + return NGX_ERROR; +} + + +static ngx_int_t +ngx_quic_payload_handler(ngx_connection_t *c, ngx_quic_header_t *pkt) +{ + u_char *end, *p; + ssize_t len; + ngx_buf_t buf; + ngx_uint_t do_close; + ngx_chain_t chain; + ngx_quic_frame_t frame; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (qc->closing) { + /* + * 10.1 Closing and Draining Connection States + * ... delayed or reordered packets are properly discarded. + * + * An endpoint retains only enough information to generate + * a packet containing a CONNECTION_CLOSE frame and to identify + * packets as belonging to the connection. + */ + + qc->error_level = pkt->level; + qc->error = NGX_QUIC_ERR_NO_ERROR; + qc->error_reason = "connection is closing, packet discarded"; + qc->error_ftype = 0; + qc->error_app = 0; + + return ngx_quic_send_cc(c); + } + + p = pkt->payload.data; + end = p + pkt->payload.len; + + do_close = 0; + + while (p < end) { + + c->log->action = "parsing frames"; + + ngx_memzero(&buf, sizeof(ngx_buf_t)); + buf.temporary = 1; + + chain.buf = &buf; + chain.next = NULL; + frame.data = &chain; + + len = ngx_quic_parse_frame(pkt, p, end, &frame); + + if (len < 0) { + qc->error = pkt->error; + return NGX_ERROR; + } + + ngx_quic_log_frame(c->log, &frame, 0); + + c->log->action = "handling frames"; + + p += len; + + switch (frame.type) { + + case NGX_QUIC_FT_ACK: + if (ngx_quic_handle_ack_frame(c, pkt, &frame) != NGX_OK) { + return NGX_ERROR; + } + + continue; + + case NGX_QUIC_FT_PADDING: + /* no action required */ + continue; + + case NGX_QUIC_FT_CONNECTION_CLOSE: + case NGX_QUIC_FT_CONNECTION_CLOSE_APP: + do_close = 1; + continue; + } + + /* got there with ack-eliciting packet */ + pkt->need_ack = 1; + + switch (frame.type) { + + case NGX_QUIC_FT_CRYPTO: + + if (ngx_quic_handle_crypto_frame(c, pkt, &frame) != NGX_OK) { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_PING: + break; + + case NGX_QUIC_FT_STREAM0: + case NGX_QUIC_FT_STREAM1: + case NGX_QUIC_FT_STREAM2: + case NGX_QUIC_FT_STREAM3: + case NGX_QUIC_FT_STREAM4: + case NGX_QUIC_FT_STREAM5: + case NGX_QUIC_FT_STREAM6: + case NGX_QUIC_FT_STREAM7: + + if (ngx_quic_handle_stream_frame(c, pkt, &frame) != NGX_OK) { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_MAX_DATA: + + if (ngx_quic_handle_max_data_frame(c, &frame.u.max_data) != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_STREAMS_BLOCKED: + case NGX_QUIC_FT_STREAMS_BLOCKED2: + + if (ngx_quic_handle_streams_blocked_frame(c, pkt, + &frame.u.streams_blocked) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_STREAM_DATA_BLOCKED: + + if (ngx_quic_handle_stream_data_blocked_frame(c, pkt, + &frame.u.stream_data_blocked) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_MAX_STREAM_DATA: + + if (ngx_quic_handle_max_stream_data_frame(c, pkt, + &frame.u.max_stream_data) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_RESET_STREAM: + + if (ngx_quic_handle_reset_stream_frame(c, pkt, + &frame.u.reset_stream) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_STOP_SENDING: + + if (ngx_quic_handle_stop_sending_frame(c, pkt, + &frame.u.stop_sending) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_MAX_STREAMS: + case NGX_QUIC_FT_MAX_STREAMS2: + + if (ngx_quic_handle_max_streams_frame(c, pkt, &frame.u.max_streams) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_PATH_CHALLENGE: + + if (ngx_quic_handle_path_challenge_frame(c, pkt, + &frame.u.path_challenge) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_NEW_CONNECTION_ID: + + if (ngx_quic_handle_new_connection_id_frame(c, pkt, &frame.u.ncid) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_RETIRE_CONNECTION_ID: + + if (ngx_quic_handle_retire_connection_id_frame(c, pkt, + &frame.u.retire_cid) + != NGX_OK) + { + return NGX_ERROR; + } + + break; + + case NGX_QUIC_FT_PATH_RESPONSE: + + /* TODO: handle */ + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic frame handler not implemented"); + break; + + default: + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic missing frame handler"); + return NGX_ERROR; + } + } + + if (p != end) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic trailing garbage in payload:%ui bytes", end - p); + + qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; + return NGX_ERROR; + } + + if (do_close) { + qc->draining = 1; + ngx_quic_close_connection(c, NGX_OK); + } + + if (ngx_quic_ack_packet(c, pkt) != NGX_OK) { + return NGX_ERROR; + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_ack_packet(ngx_connection_t *c, ngx_quic_header_t *pkt) +{ + uint64_t base, largest, smallest, gs, ge, gap, range, pn; + uint64_t prev_pending; + ngx_uint_t i, nr; + ngx_quic_send_ctx_t *ctx; + ngx_quic_ack_range_t *r; + ngx_quic_connection_t *qc; + + c->log->action = "preparing ack"; + + qc = ngx_quic_get_connection(c); + + ctx = ngx_quic_get_send_ctx(qc, pkt->level); + + ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_ack_packet pn:%uL largest %L fr:%uL" + " nranges:%ui", pkt->pn, (int64_t) ctx->largest_range, + ctx->first_range, ctx->nranges); + + prev_pending = ctx->pending_ack; + + if (pkt->need_ack) { + + ngx_post_event(&qc->push, &ngx_posted_events); + + if (ctx->send_ack == 0) { + ctx->ack_delay_start = ngx_current_msec; + } + + ctx->send_ack++; + + if (ctx->pending_ack == NGX_QUIC_UNSET_PN + || ctx->pending_ack < pkt->pn) + { + ctx->pending_ack = pkt->pn; + } + } + + base = ctx->largest_range; + pn = pkt->pn; + + if (base == NGX_QUIC_UNSET_PN) { + ctx->largest_range = pn; + ctx->largest_received = pkt->received; + return NGX_OK; + } + + if (base == pn) { + return NGX_OK; + } + + largest = base; + smallest = largest - ctx->first_range; + + if (pn > base) { + + if (pn - base == 1) { + ctx->first_range++; + ctx->largest_range = pn; + ctx->largest_received = pkt->received; + + return NGX_OK; + + } else { + /* new gap in front of current largest */ + + /* no place for new range, send current range as is */ + if (ctx->nranges == NGX_QUIC_MAX_RANGES) { + + if (prev_pending != NGX_QUIC_UNSET_PN) { + if (ngx_quic_send_ack(c, ctx) != NGX_OK) { + return NGX_ERROR; + } + } + + if (prev_pending == ctx->pending_ack || !pkt->need_ack) { + ctx->pending_ack = NGX_QUIC_UNSET_PN; + } + } + + gap = pn - base - 2; + range = ctx->first_range; + + ctx->first_range = 0; + ctx->largest_range = pn; + ctx->largest_received = pkt->received; + + /* packet is out of order, force send */ + if (pkt->need_ack) { + ctx->send_ack = NGX_QUIC_MAX_ACK_GAP; + } + + i = 0; + + goto insert; + } + } + + /* pn < base, perform lookup in existing ranges */ + + /* packet is out of order */ + if (pkt->need_ack) { + ctx->send_ack = NGX_QUIC_MAX_ACK_GAP; + } + + if (pn >= smallest && pn <= largest) { + return NGX_OK; + } + +#if (NGX_SUPPRESS_WARN) + r = NULL; +#endif + + for (i = 0; i < ctx->nranges; i++) { + r = &ctx->ranges[i]; + + ge = smallest - 1; + gs = ge - r->gap; + + if (pn >= gs && pn <= ge) { + + if (gs == ge) { + /* gap size is exactly one packet, now filled */ + + /* data moves to previous range, current is removed */ + + if (i == 0) { + ctx->first_range += r->range + 2; + + } else { + ctx->ranges[i - 1].range += r->range + 2; + } + + nr = ctx->nranges - i - 1; + if (nr) { + ngx_memmove(&ctx->ranges[i], &ctx->ranges[i + 1], + sizeof(ngx_quic_ack_range_t) * nr); + } + + ctx->nranges--; + + } else if (pn == gs) { + /* current gap shrinks from tail (current range grows) */ + r->gap--; + r->range++; + + } else if (pn == ge) { + /* current gap shrinks from head (previous range grows) */ + r->gap--; + + if (i == 0) { + ctx->first_range++; + + } else { + ctx->ranges[i - 1].range++; + } + + } else { + /* current gap is split into two parts */ + + gap = ge - pn - 1; + range = 0; + + if (ctx->nranges == NGX_QUIC_MAX_RANGES) { + if (prev_pending != NGX_QUIC_UNSET_PN) { + if (ngx_quic_send_ack(c, ctx) != NGX_OK) { + return NGX_ERROR; + } + } + + if (prev_pending == ctx->pending_ack || !pkt->need_ack) { + ctx->pending_ack = NGX_QUIC_UNSET_PN; + } + } + + r->gap = pn - gs - 1; + goto insert; + } + + return NGX_OK; + } + + largest = smallest - r->gap - 2; + smallest = largest - r->range; + + if (pn >= smallest && pn <= largest) { + /* this packet number is already known */ + return NGX_OK; + } + + } + + if (pn == smallest - 1) { + /* extend first or last range */ + + if (i == 0) { + ctx->first_range++; + + } else { + r->range++; + } + + return NGX_OK; + } + + /* nothing found, add new range at the tail */ + + if (ctx->nranges == NGX_QUIC_MAX_RANGES) { + /* packet is too old to keep it */ + + if (pkt->need_ack) { + return ngx_quic_send_ack_range(c, ctx, pn, pn); + } + + return NGX_OK; + } + + gap = smallest - 2 - pn; + range = 0; + +insert: + + if (ctx->nranges < NGX_QUIC_MAX_RANGES) { + ctx->nranges++; + } + + ngx_memmove(&ctx->ranges[i + 1], &ctx->ranges[i], + sizeof(ngx_quic_ack_range_t) * (ctx->nranges - i - 1)); + + ctx->ranges[i].gap = gap; + ctx->ranges[i].range = range; + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_send_ack_range(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, + uint64_t smallest, uint64_t largest) +{ + ngx_quic_frame_t *frame; + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + frame->level = ctx->level; + frame->type = NGX_QUIC_FT_ACK; + frame->u.ack.largest = largest; + frame->u.ack.delay = 0; + frame->u.ack.range_count = 0; + frame->u.ack.first_range = largest - smallest; + + return NGX_OK; +} + + +static void +ngx_quic_drop_ack_ranges(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, + uint64_t pn) +{ + uint64_t base; + ngx_uint_t i, smallest, largest; + ngx_quic_ack_range_t *r; + + ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_drop_ack_ranges pn:%uL largest:%uL" + " fr:%uL nranges:%ui", pn, ctx->largest_range, + ctx->first_range, ctx->nranges); + + base = ctx->largest_range; + + if (base == NGX_QUIC_UNSET_PN) { + return; + } + + if (ctx->pending_ack != NGX_QUIC_UNSET_PN && pn >= ctx->pending_ack) { + ctx->pending_ack = NGX_QUIC_UNSET_PN; + } + + largest = base; + smallest = largest - ctx->first_range; + + if (pn >= largest) { + ctx->largest_range = NGX_QUIC_UNSET_PN; + ctx->first_range = 0; + ctx->nranges = 0; + return; + } + + if (pn >= smallest) { + ctx->first_range = largest - pn - 1; + ctx->nranges = 0; + return; + } + + for (i = 0; i < ctx->nranges; i++) { + r = &ctx->ranges[i]; + + largest = smallest - r->gap - 2; + smallest = largest - r->range; + + if (pn >= largest) { + ctx->nranges = i; + return; + } + if (pn >= smallest) { + r->range = largest - pn - 1; + ctx->nranges = i + 1; + return; + } + } +} + + +static ngx_int_t +ngx_quic_send_ack(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) +{ + size_t len, left; + uint64_t ack_delay; + ngx_buf_t *b; + ngx_uint_t i; + ngx_chain_t *cl, **ll; + ngx_quic_frame_t *frame; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + ack_delay = ngx_current_msec - ctx->largest_received; + ack_delay *= 1000; + ack_delay >>= qc->ctp.ack_delay_exponent; + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + ll = &frame->data; + b = NULL; + + for (i = 0; i < ctx->nranges; i++) { + len = ngx_quic_create_ack_range(NULL, ctx->ranges[i].gap, + ctx->ranges[i].range); + + left = b ? b->end - b->last : 0; + + if (left < len) { + cl = ngx_quic_alloc_buf(c); + if (cl == NULL) { + return NGX_ERROR; + } + + *ll = cl; + ll = &cl->next; + + b = cl->buf; + left = b->end - b->last; + + if (left < len) { + return NGX_ERROR; + } + } + + b->last += ngx_quic_create_ack_range(b->last, ctx->ranges[i].gap, + ctx->ranges[i].range); + + frame->u.ack.ranges_length += len; + } + + *ll = NULL; + + frame->level = ctx->level; + frame->type = NGX_QUIC_FT_ACK; + frame->u.ack.largest = ctx->largest_range; + frame->u.ack.delay = ack_delay; + frame->u.ack.range_count = ctx->nranges; + frame->u.ack.first_range = ctx->first_range; + + ngx_quic_queue_frame(qc, frame); + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_send_cc(ngx_connection_t *c) +{ + ngx_quic_frame_t *frame; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (qc->draining) { + return NGX_OK; + } + + if (!qc->initialized) { + /* try to initialize secrets to send an early error */ + if (ngx_quic_init_secrets(c) != NGX_OK) { + return NGX_OK; + } + } + + if (qc->closing + && ngx_current_msec - qc->last_cc < NGX_QUIC_CC_MIN_INTERVAL) + { + /* dot not send CC too often */ + return NGX_OK; + } + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + frame->level = qc->error_level; + frame->type = NGX_QUIC_FT_CONNECTION_CLOSE; + frame->u.close.error_code = qc->error; + frame->u.close.frame_type = qc->error_ftype; + frame->u.close.app = qc->error_app; + + if (qc->error_reason) { + frame->u.close.reason.len = ngx_strlen(qc->error_reason); + frame->u.close.reason.data = (u_char *) qc->error_reason; + } + + ngx_quic_queue_frame(qc, frame); + + qc->last_cc = ngx_current_msec; + + return ngx_quic_output(c); +} + + +static ngx_int_t +ngx_quic_send_new_token(ngx_connection_t *c) +{ + ngx_str_t token; + ngx_quic_frame_t *frame; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (!qc->conf->retry) { + return NGX_OK; + } + + if (ngx_quic_new_token(c, &token) != NGX_OK) { + return NGX_ERROR; + } + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_NEW_TOKEN; + frame->u.token.length = token.len; + frame->u.token.data = token.data; + + ngx_quic_queue_frame(qc, frame); + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_ack_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, + ngx_quic_frame_t *f) +{ + ssize_t n; + u_char *pos, *end; + uint64_t min, max, gap, range; + ngx_msec_t send_time; + ngx_uint_t i; + ngx_quic_send_ctx_t *ctx; + ngx_quic_ack_frame_t *ack; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + ctx = ngx_quic_get_send_ctx(qc, pkt->level); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_handle_ack_frame level:%d", pkt->level); + + ack = &f->u.ack; + + /* + * If any computed packet number is negative, an endpoint MUST + * generate a connection error of type FRAME_ENCODING_ERROR. + * (19.3.1) + */ + + if (ack->first_range > ack->largest) { + qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic invalid first range in ack frame"); + return NGX_ERROR; + } + + min = ack->largest - ack->first_range; + max = ack->largest; + + if (ngx_quic_handle_ack_frame_range(c, ctx, min, max, &send_time) + != NGX_OK) + { + return NGX_ERROR; + } + + /* 13.2.3. Receiver Tracking of ACK Frames */ + if (ctx->largest_ack < max || ctx->largest_ack == NGX_QUIC_UNSET_PN) { + ctx->largest_ack = max; + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic updated largest received ack:%uL", max); + + /* + * An endpoint generates an RTT sample on receiving an + * ACK frame that meets the following two conditions: + * + * - the largest acknowledged packet number is newly acknowledged + * - at least one of the newly acknowledged packets was ack-eliciting. + */ + + if (send_time != NGX_TIMER_INFINITE) { + ngx_quic_rtt_sample(c, ack, pkt->level, send_time); + } + } + + if (f->data) { + pos = f->data->buf->pos; + end = f->data->buf->last; + + } else { + pos = NULL; + end = NULL; + } + + for (i = 0; i < ack->range_count; i++) { + + n = ngx_quic_parse_ack_range(pkt->log, pos, end, &gap, &range); + if (n == NGX_ERROR) { + return NGX_ERROR; + } + pos += n; + + if (gap + 2 > min) { + qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic invalid range:%ui in ack frame", i); + return NGX_ERROR; + } + + max = min - gap - 2; + + if (range > max) { + qc->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic invalid range:%ui in ack frame", i); + return NGX_ERROR; + } + + min = max - range; + + if (ngx_quic_handle_ack_frame_range(c, ctx, min, max, &send_time) + != NGX_OK) + { + return NGX_ERROR; + } + } + + return ngx_quic_detect_lost(c); +} + + +static ngx_int_t +ngx_quic_handle_ack_frame_range(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, + uint64_t min, uint64_t max, ngx_msec_t *send_time) +{ + ngx_uint_t found; + ngx_queue_t *q; + ngx_quic_frame_t *f; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + *send_time = NGX_TIMER_INFINITE; + found = 0; + + q = ngx_queue_last(&ctx->sent); + + while (q != ngx_queue_sentinel(&ctx->sent)) { + + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + q = ngx_queue_prev(q); + + if (f->pnum >= min && f->pnum <= max) { + ngx_quic_congestion_ack(c, f); + + switch (f->type) { + case NGX_QUIC_FT_ACK: + case NGX_QUIC_FT_ACK_ECN: + ngx_quic_drop_ack_ranges(c, ctx, f->u.ack.largest); + break; + + case NGX_QUIC_FT_STREAM0: + case NGX_QUIC_FT_STREAM1: + case NGX_QUIC_FT_STREAM2: + case NGX_QUIC_FT_STREAM3: + case NGX_QUIC_FT_STREAM4: + case NGX_QUIC_FT_STREAM5: + case NGX_QUIC_FT_STREAM6: + case NGX_QUIC_FT_STREAM7: + ngx_quic_handle_stream_ack(c, f); + break; + } + + if (f->pnum == max) { + *send_time = f->last; + } + + ngx_queue_remove(&f->queue); + ngx_quic_free_frame(c, f); + found = 1; + } + } + + if (!found) { + + if (max < ctx->pnum) { + /* duplicate ACK or ACK for non-ack-eliciting frame */ + return NGX_OK; + } + + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic ACK for the packet not sent"); + + qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; + qc->error_ftype = NGX_QUIC_FT_ACK; + qc->error_reason = "unknown packet number"; + + return NGX_ERROR; + } + + if (!qc->push.timer_set) { + ngx_post_event(&qc->push, &ngx_posted_events); + } + + qc->pto_count = 0; + + return NGX_OK; +} + + +static void +ngx_quic_rtt_sample(ngx_connection_t *c, ngx_quic_ack_frame_t *ack, + enum ssl_encryption_level_t level, ngx_msec_t send_time) +{ + ngx_msec_t latest_rtt, ack_delay, adjusted_rtt, rttvar_sample; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + latest_rtt = ngx_current_msec - send_time; + qc->latest_rtt = latest_rtt; + + if (qc->min_rtt == NGX_TIMER_INFINITE) { + qc->min_rtt = latest_rtt; + qc->avg_rtt = latest_rtt; + qc->rttvar = latest_rtt / 2; + + } else { + qc->min_rtt = ngx_min(qc->min_rtt, latest_rtt); + + ack_delay = ack->delay * (1 << qc->ctp.ack_delay_exponent) / 1000; + + if (c->ssl->handshaked) { + ack_delay = ngx_min(ack_delay, qc->ctp.max_ack_delay); + } + + adjusted_rtt = latest_rtt; + + if (qc->min_rtt + ack_delay < latest_rtt) { + adjusted_rtt -= ack_delay; + } + + qc->avg_rtt = 0.875 * qc->avg_rtt + 0.125 * adjusted_rtt; + rttvar_sample = ngx_abs((ngx_msec_int_t) (qc->avg_rtt - adjusted_rtt)); + qc->rttvar = 0.75 * qc->rttvar + 0.25 * rttvar_sample; + } + + ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic rtt sample latest:%M min:%M avg:%M var:%M", + latest_rtt, qc->min_rtt, qc->avg_rtt, qc->rttvar); +} + + +static ngx_inline ngx_msec_t +ngx_quic_pto(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) +{ + ngx_msec_t duration; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + /* PTO calculation: quic-recovery, Appendix 8 */ + duration = qc->avg_rtt; + + duration += ngx_max(4 * qc->rttvar, NGX_QUIC_TIME_GRANULARITY); + duration <<= qc->pto_count; + + if (qc->congestion.in_flight == 0) { /* no in-flight packets */ + return duration; + } + + if (ctx->level == ssl_encryption_application && c->ssl->handshaked) { + duration += qc->ctp.max_ack_delay << qc->pto_count; + } + + return duration; +} + + +static void +ngx_quic_handle_stream_ack(ngx_connection_t *c, ngx_quic_frame_t *f) +{ + uint64_t sent, unacked; + ngx_event_t *wev; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + sn = ngx_quic_find_stream(&qc->streams.tree, f->u.stream.stream_id); + if (sn == NULL) { + return; + } + + wev = sn->c->write; + sent = sn->c->sent; + unacked = sent - sn->acked; + + if (unacked >= NGX_QUIC_STREAM_BUFSIZE && wev->active) { + wev->ready = 1; + ngx_post_event(wev, &ngx_posted_events); + } + + sn->acked += f->u.stream.length; + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, sn->c->log, 0, + "quic stream ack len:%uL acked:%uL unacked:%uL", + f->u.stream.length, sn->acked, sent - sn->acked); +} + + +static ngx_int_t +ngx_quic_handle_ordered_frame(ngx_connection_t *c, ngx_quic_frames_stream_t *fs, + ngx_quic_frame_t *frame, ngx_quic_frame_handler_pt handler, void *data) +{ + size_t full_len; + ngx_int_t rc; + ngx_queue_t *q; + ngx_quic_ordered_frame_t *f; + + f = &frame->u.ord; + + if (f->offset > fs->received) { + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic out-of-order frame: expecting:%uL got:%uL", + fs->received, f->offset); + + return ngx_quic_buffer_frame(c, fs, frame); + } + + if (f->offset < fs->received) { + + if (ngx_quic_adjust_frame_offset(c, frame, fs->received) + == NGX_DONE) + { + /* old/duplicate data range */ + return handler == ngx_quic_crypto_input ? NGX_DECLINED : NGX_OK; + } + + /* intersecting data range, frame modified */ + } + + /* f->offset == fs->received */ + + rc = handler(c, frame, data); + if (rc == NGX_ERROR) { + return NGX_ERROR; + + } else if (rc == NGX_DONE) { + /* handler destroyed stream, queue no longer exists */ + return NGX_OK; + } + + /* rc == NGX_OK */ + + fs->received += f->length; + + /* now check the queue if we can continue with buffered frames */ + + do { + q = ngx_queue_head(&fs->frames); + if (q == ngx_queue_sentinel(&fs->frames)) { + break; + } + + frame = ngx_queue_data(q, ngx_quic_frame_t, queue); + f = &frame->u.ord; + + if (f->offset > fs->received) { + /* gap found, nothing more to do */ + break; + } + + full_len = f->length; + + if (f->offset < fs->received) { + + if (ngx_quic_adjust_frame_offset(c, frame, fs->received) + == NGX_DONE) + { + /* old/duplicate data range */ + ngx_queue_remove(q); + fs->total -= f->length; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic skipped buffered frame, total:%ui", + fs->total); + ngx_quic_free_frame(c, frame); + continue; + } + + /* frame was adjusted, proceed to input */ + } + + /* f->offset == fs->received */ + + rc = handler(c, frame, data); + + if (rc == NGX_ERROR) { + return NGX_ERROR; + + } else if (rc == NGX_DONE) { + /* handler destroyed stream, queue no longer exists */ + return NGX_OK; + } + + fs->received += f->length; + fs->total -= full_len; + + ngx_queue_remove(q); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic consumed buffered frame, total:%ui", fs->total); + + ngx_quic_free_frame(c, frame); + + } while (1); + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_adjust_frame_offset(ngx_connection_t *c, ngx_quic_frame_t *frame, + uint64_t offset_in) +{ + size_t tail, n; + ngx_buf_t *b; + ngx_chain_t *cl; + ngx_quic_ordered_frame_t *f; + + f = &frame->u.ord; + + tail = offset_in - f->offset; + + if (tail >= f->length) { + /* range preceeding already received data or duplicate, ignore */ + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic old or duplicate data in ordered frame, ignored"); + return NGX_DONE; + } + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic adjusted ordered frame data start to expected offset"); + + /* intersecting range: adjust data size */ + + f->offset += tail; + f->length -= tail; + + for (cl = frame->data; cl; cl = cl->next) { + b = cl->buf; + n = ngx_buf_size(b); + + if (n >= tail) { + b->pos += tail; + break; + } + + cl->buf->pos = cl->buf->last; + tail -= n; + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_buffer_frame(ngx_connection_t *c, ngx_quic_frames_stream_t *fs, + ngx_quic_frame_t *frame) +{ + ngx_queue_t *q; + ngx_quic_frame_t *dst, *item; + ngx_quic_ordered_frame_t *f, *df; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ngx_quic_buffer_frame"); + + f = &frame->u.ord; + + /* frame start offset is in the future, buffer it */ + + dst = ngx_quic_alloc_frame(c); + if (dst == NULL) { + return NGX_ERROR; + } + + ngx_memcpy(dst, frame, sizeof(ngx_quic_frame_t)); + + dst->data = ngx_quic_copy_chain(c, frame->data, 0); + if (dst->data == NGX_CHAIN_ERROR) { + return NGX_ERROR; + } + + df = &dst->u.ord; + + fs->total += f->length; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ordered frame with unexpected offset:" + " buffered total:%ui", fs->total); + + if (ngx_queue_empty(&fs->frames)) { + ngx_queue_insert_after(&fs->frames, &dst->queue); + return NGX_OK; + } + + for (q = ngx_queue_last(&fs->frames); + q != ngx_queue_sentinel(&fs->frames); + q = ngx_queue_prev(q)) + { + item = ngx_queue_data(q, ngx_quic_frame_t, queue); + f = &item->u.ord; + + if (f->offset < df->offset) { + ngx_queue_insert_after(q, &dst->queue); + return NGX_OK; + } + } + + ngx_queue_insert_after(&fs->frames, &dst->queue); + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_crypto_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, + ngx_quic_frame_t *frame) +{ + uint64_t last; + ngx_int_t rc; + ngx_quic_send_ctx_t *ctx; + ngx_quic_connection_t *qc; + ngx_quic_crypto_frame_t *f; + ngx_quic_frames_stream_t *fs; + + qc = ngx_quic_get_connection(c); + fs = &qc->crypto[pkt->level]; + f = &frame->u.crypto; + + /* no overflow since both values are 62-bit */ + last = f->offset + f->length; + + if (last > fs->received && last - fs->received > NGX_QUIC_MAX_BUFFERED) { + qc->error = NGX_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED; + return NGX_ERROR; + } + + rc = ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_crypto_input, + NULL); + if (rc != NGX_DECLINED) { + return rc; + } + + /* speeding up handshake completion */ + + if (pkt->level == ssl_encryption_initial) { + ctx = ngx_quic_get_send_ctx(qc, pkt->level); + + if (!ngx_queue_empty(&ctx->sent)) { + ngx_quic_resend_frames(c, ctx); + + ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_handshake); + while (!ngx_queue_empty(&ctx->sent)) { + ngx_quic_resend_frames(c, ctx); + } + } + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) +{ + int n, sslerr; + ngx_buf_t *b; + ngx_chain_t *cl; + ngx_ssl_conn_t *ssl_conn; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + ssl_conn = c->ssl->connection; + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic SSL_quic_read_level:%d SSL_quic_write_level:%d", + (int) SSL_quic_read_level(ssl_conn), + (int) SSL_quic_write_level(ssl_conn)); + + for (cl = frame->data; cl; cl = cl->next) { + b = cl->buf; + + if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn), + b->pos, b->last - b->pos)) + { + ngx_ssl_error(NGX_LOG_INFO, c->log, 0, + "SSL_provide_quic_data() failed"); + return NGX_ERROR; + } + } + + n = SSL_do_handshake(ssl_conn); + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic SSL_quic_read_level:%d SSL_quic_write_level:%d", + (int) SSL_quic_read_level(ssl_conn), + (int) SSL_quic_write_level(ssl_conn)); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); + + if (n <= 0) { + sslerr = SSL_get_error(ssl_conn, n); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", + sslerr); + + if (sslerr != SSL_ERROR_WANT_READ) { + ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed"); + return NGX_ERROR; + } + + return NGX_OK; + } + + if (SSL_in_init(ssl_conn)) { + return NGX_OK; + } + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic ssl cipher:%s", SSL_get_cipher(ssl_conn)); + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic handshake completed successfully"); + + c->ssl->handshaked = 1; + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + /* 12.4 Frames and frame types, figure 8 */ + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_HANDSHAKE_DONE; + ngx_quic_queue_frame(qc, frame); + + if (ngx_quic_send_new_token(c) != NGX_OK) { + return NGX_ERROR; + } + + /* + * Generating next keys before a key update is received. + * See quic-tls 9.4 Header Protection Timing Side-Channels. + */ + + if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) { + return NGX_ERROR; + } + + /* + * 4.10.2 An endpoint MUST discard its handshake keys + * when the TLS handshake is confirmed + */ + ngx_quic_discard_ctx(c, ssl_encryption_handshake); + + if (ngx_quic_issue_server_ids(c) != NGX_OK) { + return NGX_ERROR; + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_stream_frame(ngx_connection_t *c, ngx_quic_header_t *pkt, + ngx_quic_frame_t *frame) +{ + size_t window; + uint64_t last; + ngx_buf_t *b; + ngx_pool_t *pool; + ngx_connection_t *sc; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + ngx_quic_stream_frame_t *f; + ngx_quic_frames_stream_t *fs; + + qc = ngx_quic_get_connection(c); + f = &frame->u.stream; + + if ((f->stream_id & NGX_QUIC_STREAM_UNIDIRECTIONAL) + && (f->stream_id & NGX_QUIC_STREAM_SERVER_INITIATED)) + { + qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; + return NGX_ERROR; + } + + /* no overflow since both values are 62-bit */ + last = f->offset + f->length; + + sn = ngx_quic_find_stream(&qc->streams.tree, f->stream_id); + + if (sn == NULL) { + sn = ngx_quic_create_client_stream(c, f->stream_id); + + if (sn == NULL) { + return NGX_ERROR; + } + + if (sn == NGX_QUIC_STREAM_GONE) { + return NGX_OK; + } + + sc = sn->c; + fs = &sn->fs; + b = sn->b; + window = b->end - b->last; + + if (last > window) { + qc->error = NGX_QUIC_ERR_FLOW_CONTROL_ERROR; + goto cleanup; + } + + if (ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, + sn) + != NGX_OK) + { + goto cleanup; + } + + sc->listening->handler(sc); + + return NGX_OK; + } + + fs = &sn->fs; + b = sn->b; + window = (b->pos - b->start) + (b->end - b->last); + + if (last > fs->received && last - fs->received > window) { + qc->error = NGX_QUIC_ERR_FLOW_CONTROL_ERROR; + return NGX_ERROR; + } + + return ngx_quic_handle_ordered_frame(c, fs, frame, ngx_quic_stream_input, + sn); + +cleanup: + + pool = sc->pool; + + ngx_close_connection(sc); + ngx_destroy_pool(pool); + + return NGX_ERROR; +} + + +static ngx_int_t +ngx_quic_stream_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) +{ + uint64_t id; + ngx_buf_t *b; + ngx_event_t *rev; + ngx_chain_t *cl; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + ngx_quic_stream_frame_t *f; + + qc = ngx_quic_get_connection(c); + sn = data; + + f = &frame->u.stream; + id = f->stream_id; + + b = sn->b; + + if ((size_t) ((b->pos - b->start) + (b->end - b->last)) < f->length) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic no space in stream buffer"); + return NGX_ERROR; + } + + if ((size_t) (b->end - b->last) < f->length) { + b->last = ngx_movemem(b->start, b->pos, b->last - b->pos); + b->pos = b->start; + } + + for (cl = frame->data; cl; cl = cl->next) { + b->last = ngx_cpymem(b->last, cl->buf->pos, + cl->buf->last - cl->buf->pos); + } + + rev = sn->c->read; + rev->ready = 1; + + if (f->fin) { + rev->pending_eof = 1; + } + + if (rev->active) { + rev->handler(rev); + } + + /* check if stream was destroyed by handler */ + if (ngx_quic_find_stream(&qc->streams.tree, id) == NULL) { + return NGX_DONE; + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_max_data_frame(ngx_connection_t *c, + ngx_quic_max_data_frame_t *f) +{ + ngx_event_t *wev; + ngx_rbtree_t *tree; + ngx_rbtree_node_t *node; + ngx_quic_stream_t *qs; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + tree = &qc->streams.tree; + + if (f->max_data <= qc->streams.send_max_data) { + return NGX_OK; + } + + if (qc->streams.sent >= qc->streams.send_max_data) { + + for (node = ngx_rbtree_min(tree->root, tree->sentinel); + node; + node = ngx_rbtree_next(tree, node)) + { + qs = (ngx_quic_stream_t *) node; + wev = qs->c->write; + + if (wev->active) { + wev->ready = 1; + ngx_post_event(wev, &ngx_posted_events); + } + } + } + + qc->streams.send_max_data = f->max_data; + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_streams_blocked_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_streams_blocked_frame_t *f) +{ + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_stream_data_blocked_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_stream_data_blocked_frame_t *f) +{ + size_t n; + ngx_buf_t *b; + ngx_quic_frame_t *frame; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) + && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) + { + qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; + return NGX_ERROR; + } + + sn = ngx_quic_find_stream(&qc->streams.tree, f->id); + + if (sn == NULL) { + sn = ngx_quic_create_client_stream(c, f->id); + + if (sn == NULL) { + return NGX_ERROR; + } + + if (sn == NGX_QUIC_STREAM_GONE) { + return NGX_OK; + } + + b = sn->b; + n = b->end - b->last; + + sn->c->listening->handler(sn->c); + + } else { + b = sn->b; + n = sn->fs.received + (b->pos - b->start) + (b->end - b->last); + } + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + frame->level = pkt->level; + frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; + frame->u.max_stream_data.id = f->id; + frame->u.max_stream_data.limit = n; + + ngx_quic_queue_frame(qc, frame); + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_max_stream_data_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_max_stream_data_frame_t *f) +{ + uint64_t sent; + ngx_event_t *wev; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) + && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) + { + qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; + return NGX_ERROR; + } + + sn = ngx_quic_find_stream(&qc->streams.tree, f->id); + + if (sn == NULL) { + sn = ngx_quic_create_client_stream(c, f->id); + + if (sn == NULL) { + return NGX_ERROR; + } + + if (sn == NGX_QUIC_STREAM_GONE) { + return NGX_OK; + } + + if (f->limit > sn->send_max_data) { + sn->send_max_data = f->limit; + } + + sn->c->listening->handler(sn->c); + + return NGX_OK; + } + + if (f->limit <= sn->send_max_data) { + return NGX_OK; + } + + sent = sn->c->sent; + + if (sent >= sn->send_max_data) { + wev = sn->c->write; + + if (wev->active) { + wev->ready = 1; + ngx_post_event(wev, &ngx_posted_events); + } + } + + sn->send_max_data = f->limit; + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_reset_stream_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_reset_stream_frame_t *f) +{ + ngx_event_t *rev; + ngx_connection_t *sc; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) + && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED)) + { + qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; + return NGX_ERROR; + } + + sn = ngx_quic_find_stream(&qc->streams.tree, f->id); + + if (sn == NULL) { + sn = ngx_quic_create_client_stream(c, f->id); + + if (sn == NULL) { + return NGX_ERROR; + } + + if (sn == NGX_QUIC_STREAM_GONE) { + return NGX_OK; + } + + sc = sn->c; + + rev = sc->read; + rev->error = 1; + rev->ready = 1; + + sc->listening->handler(sc); + + return NGX_OK; + } + + rev = sn->c->read; + rev->error = 1; + rev->ready = 1; + + if (rev->active) { + rev->handler(rev); + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_stop_sending_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_stop_sending_frame_t *f) +{ + ngx_event_t *wev; + ngx_connection_t *sc; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if ((f->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) + && (f->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) + { + qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; + return NGX_ERROR; + } + + sn = ngx_quic_find_stream(&qc->streams.tree, f->id); + + if (sn == NULL) { + sn = ngx_quic_create_client_stream(c, f->id); + + if (sn == NULL) { + return NGX_ERROR; + } + + if (sn == NGX_QUIC_STREAM_GONE) { + return NGX_OK; + } + + sc = sn->c; + + wev = sc->write; + wev->error = 1; + wev->ready = 1; + + sc->listening->handler(sc); + + return NGX_OK; + } + + wev = sn->c->write; + wev->error = 1; + wev->ready = 1; + + if (wev->active) { + wev->handler(wev); + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_max_streams_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_max_streams_frame_t *f) +{ + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (f->bidi) { + if (qc->streams.server_max_streams_bidi < f->limit) { + qc->streams.server_max_streams_bidi = f->limit; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic max_streams_bidi:%uL", f->limit); + } + + } else { + if (qc->streams.server_max_streams_uni < f->limit) { + qc->streams.server_max_streams_uni = f->limit; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic max_streams_uni:%uL", f->limit); + } + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_path_challenge_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_path_challenge_frame_t *f) +{ + ngx_quic_frame_t *frame; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + frame->level = pkt->level; + frame->type = NGX_QUIC_FT_PATH_RESPONSE; + frame->u.path_response = *f; + + ngx_quic_queue_frame(qc, frame); + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_new_connection_id_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_new_conn_id_frame_t *f) +{ + ngx_queue_t *q; + ngx_quic_client_id_t *cid, *item; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (f->seqnum < qc->max_retired_seqnum) { + /* + * An endpoint that receives a NEW_CONNECTION_ID frame with + * a sequence number smaller than the Retire Prior To field + * of a previously received NEW_CONNECTION_ID frame MUST send + * a corresponding RETIRE_CONNECTION_ID frame that retires + * the newly received connection ID, unless it has already + * done so for that sequence number. + */ + + if (ngx_quic_retire_connection_id(c, pkt->level, f->seqnum) != NGX_OK) { + return NGX_ERROR; + } + + goto retire; + } + + cid = NULL; + + for (q = ngx_queue_head(&qc->client_ids); + q != ngx_queue_sentinel(&qc->client_ids); + q = ngx_queue_next(q)) + { + item = ngx_queue_data(q, ngx_quic_client_id_t, queue); + + if (item->seqnum == f->seqnum) { + cid = item; + break; + } + } + + if (cid) { + /* + * Transmission errors, timeouts and retransmissions might cause the + * same NEW_CONNECTION_ID frame to be received multiple times + */ + + if (cid->len != f->len + || ngx_strncmp(cid->id, f->cid, f->len) != 0 + || ngx_strncmp(cid->sr_token, f->srt, NGX_QUIC_SR_TOKEN_LEN) != 0) + { + /* + * ..a sequence number is used for different connection IDs, + * the endpoint MAY treat that receipt as a connection error + * of type PROTOCOL_VIOLATION. + */ + qc->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; + qc->error_reason = "seqnum refers to different connection id/token"; + return NGX_ERROR; + } + + } else { + + cid = ngx_quic_alloc_client_id(c, qc); + if (cid == NULL) { + return NGX_ERROR; + } + + cid->seqnum = f->seqnum; + cid->len = f->len; + ngx_memcpy(cid->id, f->cid, f->len); + + ngx_memcpy(cid->sr_token, f->srt, NGX_QUIC_SR_TOKEN_LEN); + + ngx_queue_insert_tail(&qc->client_ids, &cid->queue); + qc->nclient_ids++; + + /* always use latest available connection id */ + if (f->seqnum > qc->client_seqnum) { + qc->scid.len = cid->len; + qc->scid.data = cid->id; + qc->client_seqnum = f->seqnum; + } + } + +retire: + + if (qc->max_retired_seqnum && f->retire <= qc->max_retired_seqnum) { + /* + * Once a sender indicates a Retire Prior To value, smaller values sent + * in subsequent NEW_CONNECTION_ID frames have no effect. A receiver + * MUST ignore any Retire Prior To fields that do not increase the + * largest received Retire Prior To value. + */ + goto done; + } + + qc->max_retired_seqnum = f->retire; + + q = ngx_queue_head(&qc->client_ids); + + while (q != ngx_queue_sentinel(&qc->client_ids)) { + + cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); + q = ngx_queue_next(q); + + if (cid->seqnum >= f->retire) { + continue; + } + + /* this connection id must be retired */ + + if (ngx_quic_retire_connection_id(c, pkt->level, cid->seqnum) + != NGX_OK) + { + return NGX_ERROR; + } + + ngx_queue_remove(&cid->queue); + ngx_queue_insert_head(&qc->free_client_ids, &cid->queue); + qc->nclient_ids--; + } + +done: + + if (qc->nclient_ids > qc->tp.active_connection_id_limit) { + /* + * After processing a NEW_CONNECTION_ID frame and + * adding and retiring active connection IDs, if the number of active + * connection IDs exceeds the value advertised in its + * active_connection_id_limit transport parameter, an endpoint MUST + * close the connection with an error of type CONNECTION_ID_LIMIT_ERROR. + */ + qc->error = NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR; + qc->error_reason = "too many connection ids received"; + return NGX_ERROR; + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_retire_connection_id(ngx_connection_t *c, + enum ssl_encryption_level_t level, uint64_t seqnum) +{ + ngx_quic_frame_t *frame; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + frame->level = level; + frame->type = NGX_QUIC_FT_RETIRE_CONNECTION_ID; + frame->u.retire_cid.sequence_number = seqnum; + + ngx_quic_queue_frame(qc, frame); + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_handle_retire_connection_id_frame(ngx_connection_t *c, + ngx_quic_header_t *pkt, ngx_quic_retire_cid_frame_t *f) +{ + ngx_queue_t *q; + ngx_quic_server_id_t *sid; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + for (q = ngx_queue_head(&qc->server_ids); + q != ngx_queue_sentinel(&qc->server_ids); + q = ngx_queue_next(q)) + { + sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); + + if (sid->seqnum == f->sequence_number) { + ngx_queue_remove(q); + ngx_queue_insert_tail(&qc->free_server_ids, &sid->queue); + ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); + qc->nserver_ids--; + break; + } + } + + return ngx_quic_issue_server_ids(c); +} + + +static ngx_int_t +ngx_quic_issue_server_ids(ngx_connection_t *c) +{ + ngx_str_t dcid; + ngx_uint_t n; + ngx_quic_frame_t *frame; + ngx_quic_server_id_t *sid; + ngx_quic_connection_t *qc; + u_char id[NGX_QUIC_SERVER_CID_LEN]; + + qc = ngx_quic_get_connection(c); + + n = ngx_min(NGX_QUIC_MAX_SERVER_IDS, qc->ctp.active_connection_id_limit); + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic issue server ids has:%ui max:%ui", qc->nserver_ids, n); + + while (qc->nserver_ids < n) { + if (ngx_quic_create_server_id(c, id) != NGX_OK) { + return NGX_ERROR; + } + + dcid.len = NGX_QUIC_SERVER_CID_LEN; + dcid.data = id; + + sid = ngx_quic_insert_server_id(c, &dcid); + if (sid == NULL) { + return NGX_ERROR; + } + + frame = ngx_quic_alloc_frame(c); + if (frame == NULL) { + return NGX_ERROR; + } + + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_NEW_CONNECTION_ID; + frame->u.ncid.seqnum = sid->seqnum; + frame->u.ncid.retire = 0; + frame->u.ncid.len = NGX_QUIC_SERVER_CID_LEN; + ngx_memcpy(frame->u.ncid.cid, id, NGX_QUIC_SERVER_CID_LEN); + + if (ngx_quic_new_sr_token(c, &dcid, &qc->conf->sr_token_key, + frame->u.ncid.srt) + != NGX_OK) + { + return NGX_ERROR; + } + + ngx_quic_queue_frame(qc, frame); + } + + return NGX_OK; +} + + +static void +ngx_quic_clear_temp_server_ids(ngx_connection_t *c) +{ + ngx_queue_t *q, *next; + ngx_quic_server_id_t *sid; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic clear temp server ids"); + + for (q = ngx_queue_head(&qc->server_ids); + q != ngx_queue_sentinel(&qc->server_ids); + q = next) + { + next = ngx_queue_next(q); + sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); + + if (sid->seqnum != NGX_QUIC_UNSET_PN) { + continue; + } + + ngx_queue_remove(q); + ngx_queue_insert_tail(&qc->free_server_ids, &sid->queue); + ngx_rbtree_delete(&c->listening->rbtree, &sid->udp.node); + qc->nserver_ids--; + } +} + + +static ngx_quic_server_id_t * +ngx_quic_insert_server_id(ngx_connection_t *c, ngx_str_t *id) +{ + ngx_str_t dcid; + ngx_quic_server_id_t *sid; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + sid = ngx_quic_alloc_server_id(c, qc); + if (sid == NULL) { + return NULL; + } + + sid->seqnum = qc->server_seqnum; + + if (qc->server_seqnum != NGX_QUIC_UNSET_PN) { + qc->server_seqnum++; + } + + sid->len = id->len; + ngx_memcpy(sid->id, id->data, id->len); + + ngx_queue_insert_tail(&qc->server_ids, &sid->queue); + qc->nserver_ids++; + + dcid.data = sid->id; + dcid.len = sid->len; + + ngx_insert_udp_connection(c, &sid->udp, &dcid); + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic insert server id seqnum:%uL id len:%uz %xV", + sid->seqnum, id->len, id); + + return sid; +} + + +static ngx_quic_client_id_t * +ngx_quic_alloc_client_id(ngx_connection_t *c, ngx_quic_connection_t *qc) +{ + ngx_queue_t *q; + ngx_quic_client_id_t *cid; + + if (!ngx_queue_empty(&qc->free_client_ids)) { + + q = ngx_queue_head(&qc->free_client_ids); + cid = ngx_queue_data(q, ngx_quic_client_id_t, queue); + + ngx_queue_remove(&cid->queue); + + ngx_memzero(cid, sizeof(ngx_quic_client_id_t)); + + } else { + + cid = ngx_pcalloc(c->pool, sizeof(ngx_quic_client_id_t)); + if (cid == NULL) { + return NULL; + } + } + + return cid; +} + + +static ngx_quic_server_id_t * +ngx_quic_alloc_server_id(ngx_connection_t *c, ngx_quic_connection_t *qc) +{ + ngx_queue_t *q; + ngx_quic_server_id_t *sid; + + if (!ngx_queue_empty(&qc->free_server_ids)) { + + q = ngx_queue_head(&qc->free_server_ids); + sid = ngx_queue_data(q, ngx_quic_server_id_t, queue); + + ngx_queue_remove(&sid->queue); + + ngx_memzero(sid, sizeof(ngx_quic_server_id_t)); + + } else { + + sid = ngx_pcalloc(c->pool, sizeof(ngx_quic_server_id_t)); + if (sid == NULL) { + return NULL; + } + } + + return sid; +} + + +static void +ngx_quic_queue_frame(ngx_quic_connection_t *qc, ngx_quic_frame_t *frame) +{ + ngx_quic_send_ctx_t *ctx; + + ctx = ngx_quic_get_send_ctx(qc, frame->level); + + ngx_queue_insert_tail(&ctx->frames, &frame->queue); + + frame->len = ngx_quic_create_frame(NULL, frame); + /* always succeeds */ + + if (qc->closing) { + return; + } + + ngx_post_event(&qc->push, &ngx_posted_events); +} + + +static ngx_int_t +ngx_quic_output(ngx_connection_t *c) +{ + off_t max; + size_t len, min; + ssize_t n; + u_char *p; + ngx_uint_t i, pad; + ngx_quic_send_ctx_t *ctx; + ngx_quic_connection_t *qc; + static u_char dst[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; + + c->log->action = "sending frames"; + + qc = ngx_quic_get_connection(c); + + for ( ;; ) { + p = dst; + + len = ngx_min(qc->ctp.max_udp_payload_size, + NGX_QUIC_MAX_UDP_PAYLOAD_SIZE); + + if (!qc->validated) { + max = qc->received * 3; + max = (c->sent >= max) ? 0 : max - c->sent; + len = ngx_min(len, (size_t) max); + } + + pad = ngx_quic_get_padding_level(c); + + for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { + + ctx = &qc->send_ctx[i]; + + if (ngx_quic_generate_ack(c, ctx) != NGX_OK) { + return NGX_ERROR; + } + + min = (i == pad && p - dst < NGX_QUIC_MIN_INITIAL_SIZE) + ? NGX_QUIC_MIN_INITIAL_SIZE - (p - dst) : 0; + + n = ngx_quic_output_packet(c, ctx, p, len, min); + if (n == NGX_ERROR) { + return NGX_ERROR; + } + + p += n; + len -= n; + } + + len = p - dst; + if (len == 0) { + break; + } + + n = ngx_quic_send(c, dst, len); + if (n == NGX_ERROR) { + return NGX_ERROR; + } + + if (!qc->send_timer_set && !qc->closing) { + qc->send_timer_set = 1; + ngx_add_timer(c->read, qc->tp.max_idle_timeout); + } + } + + return NGX_OK; +} + + +static ngx_uint_t +ngx_quic_get_padding_level(ngx_connection_t *c) +{ + ngx_queue_t *q; + ngx_quic_frame_t *f; + ngx_quic_send_ctx_t *ctx; + ngx_quic_connection_t *qc; + + /* + * 14.1. Initial Datagram Size + * + * Similarly, a server MUST expand the payload of all UDP datagrams + * carrying ack-eliciting Initial packets to at least the smallest + * allowed maximum datagram size of 1200 bytes + */ + + qc = ngx_quic_get_connection(c); + ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_initial); + + for (q = ngx_queue_head(&ctx->frames); + q != ngx_queue_sentinel(&ctx->frames); + q = ngx_queue_next(q)) + { + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + + if (f->need_ack) { + ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_handshake); + + if (ngx_queue_empty(&ctx->frames)) { + return 0; + } + + return 1; + } + } + + return NGX_QUIC_SEND_CTX_LAST; +} + + +static ngx_int_t +ngx_quic_generate_ack(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) +{ + ngx_msec_t delay; + ngx_quic_connection_t *qc; + + if (!ctx->send_ack) { + return NGX_OK; + } + + if (ctx->level == ssl_encryption_application) { + + delay = ngx_current_msec - ctx->ack_delay_start; + qc = ngx_quic_get_connection(c); + + if (ctx->send_ack < NGX_QUIC_MAX_ACK_GAP + && delay < qc->tp.max_ack_delay) + { + if (!qc->push.timer_set && !qc->closing) { + ngx_add_timer(&qc->push, + qc->tp.max_ack_delay - delay); + } + + return NGX_OK; + } + } + + if (ngx_quic_send_ack(c, ctx) != NGX_OK) { + return NGX_ERROR; + } + + ctx->send_ack = 0; + + return NGX_OK; +} + + +static ssize_t +ngx_quic_output_packet(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx, + u_char *data, size_t max, size_t min) +{ + size_t len, hlen, pad_len; + u_char *p; + ssize_t flen; + ngx_str_t out, res; + ngx_int_t rc; + ngx_uint_t nframes; + ngx_msec_t now; + ngx_queue_t *q; + ngx_quic_frame_t *f; + ngx_quic_header_t pkt; + ngx_quic_congestion_t *cg; + ngx_quic_connection_t *qc; + static u_char src[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE]; + + if (ngx_queue_empty(&ctx->frames)) { + return 0; + } + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic output %s packet max:%uz min:%uz", + ngx_quic_level_name(ctx->level), max, min); + + qc = ngx_quic_get_connection(c); + cg = &qc->congestion; + + hlen = (ctx->level == ssl_encryption_application) + ? NGX_QUIC_MAX_SHORT_HEADER + : NGX_QUIC_MAX_LONG_HEADER; + + hlen += EVP_GCM_TLS_TAG_LEN; + hlen -= NGX_QUIC_MAX_CID_LEN - qc->scid.len; + + ngx_memzero(&pkt, sizeof(ngx_quic_header_t)); + + now = ngx_current_msec; + nframes = 0; + p = src; + len = 0; + + for (q = ngx_queue_head(&ctx->frames); + q != ngx_queue_sentinel(&ctx->frames); + q = ngx_queue_next(q)) + { + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + + if (!pkt.need_ack && f->need_ack && max > cg->window) { + max = cg->window; + } + + if (hlen + len >= max) { + break; + } + + if (hlen + len + f->len > max) { + rc = ngx_quic_split_frame(c, f, max - hlen - len); + + if (rc == NGX_ERROR) { + return NGX_ERROR; + } + + if (rc == NGX_DECLINED) { + break; + } + } + + if (f->need_ack) { + pkt.need_ack = 1; + } + + ngx_quic_log_frame(c->log, f, 1); + + flen = ngx_quic_create_frame(p, f); + if (flen == -1) { + return NGX_ERROR; + } + + len += flen; + p += flen; + + f->pnum = ctx->pnum; + f->first = now; + f->last = now; + f->plen = 0; + + nframes++; + } + + if (nframes == 0) { + return 0; + } + + out.data = src; + out.len = len; + + pkt.keys = qc->keys; + pkt.flags = NGX_QUIC_PKT_FIXED_BIT; + + if (ctx->level == ssl_encryption_initial) { + pkt.flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_INITIAL; + + } else if (ctx->level == ssl_encryption_handshake) { + pkt.flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_HANDSHAKE; + + } else { + if (qc->key_phase) { + pkt.flags |= NGX_QUIC_PKT_KPHASE; + } + } + + ngx_quic_set_packet_number(&pkt, ctx); + + pkt.version = qc->version; + pkt.log = c->log; + pkt.level = ctx->level; + pkt.dcid = qc->scid; + pkt.scid = qc->dcid; + + pad_len = 4; + + if (min) { + hlen = EVP_GCM_TLS_TAG_LEN + + ngx_quic_create_header(&pkt, NULL, out.len, NULL); + + if (min > hlen + pad_len) { + pad_len = min - hlen; + } + } + + if (out.len < pad_len) { + ngx_memset(p, NGX_QUIC_FT_PADDING, pad_len - out.len); + out.len = pad_len; + } + + pkt.payload = out; + + res.data = data; + + ngx_log_debug6(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic packet tx %s bytes:%ui" + " need_ack:%d number:%L encoded nl:%d trunc:0x%xD", + ngx_quic_level_name(ctx->level), out.len, pkt.need_ack, + pkt.number, pkt.num_len, pkt.trunc); + + if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) { + return NGX_ERROR; + } + + ctx->pnum++; + + if (pkt.need_ack) { + /* move frames into the sent queue to wait for ack */ + + if (!qc->closing) { + q = ngx_queue_head(&ctx->frames); + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + f->plen = res.len; + + do { + q = ngx_queue_head(&ctx->frames); + ngx_queue_remove(q); + ngx_queue_insert_tail(&ctx->sent, q); + } while (--nframes); + + if (qc->pto.timer_set) { + ngx_del_timer(&qc->pto); + } + + ngx_add_timer(&qc->pto, ngx_quic_pto(c, ctx)); + } + + cg->in_flight += res.len; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic congestion send if:%uz", cg->in_flight); + } + + while (nframes--) { + q = ngx_queue_head(&ctx->frames); + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + + ngx_queue_remove(q); + ngx_quic_free_frame(c, f); + } + + return res.len; +} + + +static ngx_int_t +ngx_quic_split_frame(ngx_connection_t *c, ngx_quic_frame_t *f, size_t len) +{ + size_t shrink; + ngx_quic_frame_t *nf; + ngx_quic_ordered_frame_t *of, *onf; + + switch (f->type) { + case NGX_QUIC_FT_CRYPTO: + case NGX_QUIC_FT_STREAM0: + case NGX_QUIC_FT_STREAM1: + case NGX_QUIC_FT_STREAM2: + case NGX_QUIC_FT_STREAM3: + case NGX_QUIC_FT_STREAM4: + case NGX_QUIC_FT_STREAM5: + case NGX_QUIC_FT_STREAM6: + case NGX_QUIC_FT_STREAM7: + break; + + default: + return NGX_DECLINED; + } + + if ((size_t) f->len <= len) { + return NGX_OK; + } + + shrink = f->len - len; + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic split frame now:%uz need:%uz shrink:%uz", + f->len, len, shrink); + + of = &f->u.ord; + + if (of->length <= shrink) { + return NGX_DECLINED; + } + + of->length -= shrink; + f->len = ngx_quic_create_frame(NULL, f); + + if ((size_t) f->len > len) { + ngx_log_error(NGX_LOG_ERR, c->log, 0, "could not split QUIC frame"); + return NGX_ERROR; + } + + nf = ngx_quic_alloc_frame(c); + if (nf == NULL) { + return NGX_ERROR; + } + + *nf = *f; + onf = &nf->u.ord; + onf->offset += of->length; + onf->length = shrink; + nf->len = ngx_quic_create_frame(NULL, nf); + + nf->data = ngx_quic_split_bufs(c, f->data, of->length); + if (nf->data == NGX_CHAIN_ERROR) { + return NGX_ERROR; + } + + ngx_queue_insert_after(&f->queue, &nf->queue); + + return NGX_OK; +} + + +static void +ngx_quic_free_frames(ngx_connection_t *c, ngx_queue_t *frames) +{ + ngx_queue_t *q; + ngx_quic_frame_t *f; + + do { + q = ngx_queue_head(frames); + + if (q == ngx_queue_sentinel(frames)) { + break; + } + + ngx_queue_remove(q); + + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + + ngx_quic_free_frame(c, f); + } while (1); +} + + +static ssize_t +ngx_quic_send(ngx_connection_t *c, u_char *buf, size_t len) +{ + ngx_buf_t b; + ngx_chain_t cl, *res; + + ngx_memzero(&b, sizeof(ngx_buf_t)); + + b.pos = b.start = buf; + b.last = b.end = buf + len; + b.last_buf = 1; + b.temporary = 1; + + cl.buf = &b; + cl.next= NULL; + + res = c->send_chain(c, &cl, 0); + if (res == NGX_CHAIN_ERROR) { + return NGX_ERROR; + } + + return len; +} + + +static void +ngx_quic_set_packet_number(ngx_quic_header_t *pkt, ngx_quic_send_ctx_t *ctx) +{ + uint64_t delta; + + delta = ctx->pnum - ctx->largest_ack; + pkt->number = ctx->pnum; + + if (delta <= 0x7F) { + pkt->num_len = 1; + pkt->trunc = ctx->pnum & 0xff; + + } else if (delta <= 0x7FFF) { + pkt->num_len = 2; + pkt->flags |= 0x1; + pkt->trunc = ctx->pnum & 0xffff; + + } else if (delta <= 0x7FFFFF) { + pkt->num_len = 3; + pkt->flags |= 0x2; + pkt->trunc = ctx->pnum & 0xffffff; + + } else { + pkt->num_len = 4; + pkt->flags |= 0x3; + pkt->trunc = ctx->pnum & 0xffffffff; + } +} + + +static void +ngx_quic_pto_handler(ngx_event_t *ev) +{ + ngx_uint_t i; + ngx_queue_t *q; + ngx_connection_t *c; + ngx_quic_frame_t *start; + ngx_quic_send_ctx_t *ctx; + ngx_quic_connection_t *qc; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic pto timer"); + + c = ev->data; + qc = ngx_quic_get_connection(c); + + qc->pto_count++; + + for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { + + ctx = &qc->send_ctx[i]; + + if (ngx_queue_empty(&ctx->sent)) { + continue; + } + + q = ngx_queue_head(&ctx->sent); + start = ngx_queue_data(q, ngx_quic_frame_t, queue); + + if (start->pnum <= ctx->largest_ack + && ctx->largest_ack != NGX_QUIC_UNSET_PN) + { + continue; + } + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic pto pnum:%uL pto_count:%ui level:%d", + start->pnum, qc->pto_count, start->level); + + ngx_quic_resend_frames(c, ctx); + } + + ngx_quic_connstate_dbg(c); +} + + +static void +ngx_quic_push_handler(ngx_event_t *ev) +{ + ngx_connection_t *c; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic push timer"); + + c = ev->data; + + if (ngx_quic_output(c) != NGX_OK) { + ngx_quic_close_connection(c, NGX_ERROR); + return; + } + + ngx_quic_connstate_dbg(c); +} + + +static +void ngx_quic_lost_handler(ngx_event_t *ev) +{ + ngx_connection_t *c; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ev->log, 0, "quic lost timer"); + + c = ev->data; + + if (ngx_quic_detect_lost(c) != NGX_OK) { + ngx_quic_close_connection(c, NGX_ERROR); + } + + ngx_quic_connstate_dbg(c); +} + + +static ngx_int_t +ngx_quic_detect_lost(ngx_connection_t *c) +{ + ngx_uint_t i; + ngx_msec_t now, wait, min_wait, thr; + ngx_queue_t *q; + ngx_quic_frame_t *start; + ngx_quic_send_ctx_t *ctx; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + now = ngx_current_msec; + + min_wait = 0; + + thr = NGX_QUIC_TIME_THR * ngx_max(qc->latest_rtt, qc->avg_rtt); + thr = ngx_max(thr, NGX_QUIC_TIME_GRANULARITY); + + for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) { + + ctx = &qc->send_ctx[i]; + + if (ctx->largest_ack == NGX_QUIC_UNSET_PN) { + continue; + } + + while (!ngx_queue_empty(&ctx->sent)) { + + q = ngx_queue_head(&ctx->sent); + start = ngx_queue_data(q, ngx_quic_frame_t, queue); + + if (start->pnum > ctx->largest_ack) { + break; + } + + wait = start->last + thr - now; + + ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic detect_lost pnum:%uL thr:%M wait:%i level:%d", + start->pnum, thr, (ngx_int_t) wait, start->level); + + if ((ngx_msec_int_t) wait > 0 + && ctx->largest_ack - start->pnum < NGX_QUIC_PKT_THR) + { + + if (min_wait == 0 || wait < min_wait) { + min_wait = wait; + } + + break; + } + + ngx_quic_resend_frames(c, ctx); + } + } + + /* no more preceeding packets */ + + if (min_wait == 0) { + qc->pto.handler = ngx_quic_pto_handler; + return NGX_OK; + } + + qc->pto.handler = ngx_quic_lost_handler; + + if (qc->pto.timer_set) { + ngx_del_timer(&qc->pto); + } + + ngx_add_timer(&qc->pto, min_wait); + + return NGX_OK; +} + + +static void +ngx_quic_resend_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx) +{ + size_t n; + ngx_buf_t *b; + ngx_queue_t *q; + ngx_quic_frame_t *f, *start; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + q = ngx_queue_head(&ctx->sent); + start = ngx_queue_data(q, ngx_quic_frame_t, queue); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic resend packet pnum:%uL", start->pnum); + + ngx_quic_congestion_lost(c, start); + + do { + f = ngx_queue_data(q, ngx_quic_frame_t, queue); + + if (f->pnum != start->pnum) { + break; + } + + q = ngx_queue_next(q); + + ngx_queue_remove(&f->queue); + + switch (f->type) { + case NGX_QUIC_FT_ACK: + case NGX_QUIC_FT_ACK_ECN: + /* force generation of most recent acknowledgment */ + ctx->send_ack = NGX_QUIC_MAX_ACK_GAP; + ngx_quic_free_frame(c, f); + break; + + case NGX_QUIC_FT_PING: + case NGX_QUIC_FT_PATH_RESPONSE: + case NGX_QUIC_FT_CONNECTION_CLOSE: + ngx_quic_free_frame(c, f); + break; + + case NGX_QUIC_FT_MAX_DATA: + f->u.max_data.max_data = qc->streams.recv_max_data; + ngx_quic_queue_frame(qc, f); + break; + + case NGX_QUIC_FT_MAX_STREAMS: + case NGX_QUIC_FT_MAX_STREAMS2: + f->u.max_streams.limit = f->u.max_streams.bidi + ? qc->streams.client_max_streams_bidi + : qc->streams.client_max_streams_uni; + ngx_quic_queue_frame(qc, f); + break; + + case NGX_QUIC_FT_MAX_STREAM_DATA: + sn = ngx_quic_find_stream(&qc->streams.tree, + f->u.max_stream_data.id); + if (sn == NULL) { + ngx_quic_free_frame(c, f); + break; + } + + b = sn->b; + n = sn->fs.received + (b->pos - b->start) + (b->end - b->last); + + if (f->u.max_stream_data.limit < n) { + f->u.max_stream_data.limit = n; + } + + ngx_quic_queue_frame(qc, f); + break; + + case NGX_QUIC_FT_STREAM0: + case NGX_QUIC_FT_STREAM1: + case NGX_QUIC_FT_STREAM2: + case NGX_QUIC_FT_STREAM3: + case NGX_QUIC_FT_STREAM4: + case NGX_QUIC_FT_STREAM5: + case NGX_QUIC_FT_STREAM6: + case NGX_QUIC_FT_STREAM7: + sn = ngx_quic_find_stream(&qc->streams.tree, f->u.stream.stream_id); + + if (sn && sn->c->write->error) { + /* RESET_STREAM was sent */ + ngx_quic_free_frame(c, f); + break; + } + + /* fall through */ + + default: + ngx_queue_insert_tail(&ctx->frames, &f->queue); + } + + } while (q != ngx_queue_sentinel(&ctx->sent)); + + if (qc->closing) { + return; + } + + ngx_post_event(&qc->push, &ngx_posted_events); +} + + +ngx_connection_t * +ngx_quic_open_stream(ngx_connection_t *c, ngx_uint_t bidi) +{ + size_t rcvbuf_size; + uint64_t id; + ngx_quic_stream_t *qs, *sn; + ngx_quic_connection_t *qc; + + qs = c->quic; + qc = ngx_quic_get_connection(qs->parent); + + if (bidi) { + if (qc->streams.server_streams_bidi + >= qc->streams.server_max_streams_bidi) + { + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic too many server bidi streams:%uL", + qc->streams.server_streams_bidi); + return NULL; + } + + id = (qc->streams.server_streams_bidi << 2) + | NGX_QUIC_STREAM_SERVER_INITIATED; + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic creating server bidi stream" + " streams:%uL max:%uL id:0x%xL", + qc->streams.server_streams_bidi, + qc->streams.server_max_streams_bidi, id); + + qc->streams.server_streams_bidi++; + rcvbuf_size = qc->tp.initial_max_stream_data_bidi_local; + + } else { + if (qc->streams.server_streams_uni + >= qc->streams.server_max_streams_uni) + { + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic too many server uni streams:%uL", + qc->streams.server_streams_uni); + return NULL; + } + + id = (qc->streams.server_streams_uni << 2) + | NGX_QUIC_STREAM_SERVER_INITIATED + | NGX_QUIC_STREAM_UNIDIRECTIONAL; + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic creating server uni stream" + " streams:%uL max:%uL id:0x%xL", + qc->streams.server_streams_uni, + qc->streams.server_max_streams_uni, id); + + qc->streams.server_streams_uni++; + rcvbuf_size = 0; + } + + sn = ngx_quic_create_stream(qs->parent, id, rcvbuf_size); + if (sn == NULL) { + return NULL; + } + + return sn->c; +} + + +static void +ngx_quic_rbtree_insert_stream(ngx_rbtree_node_t *temp, + ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel) +{ + ngx_rbtree_node_t **p; + ngx_quic_stream_t *qn, *qnt; + + for ( ;; ) { + qn = (ngx_quic_stream_t *) node; + qnt = (ngx_quic_stream_t *) temp; + + p = (qn->id < qnt->id) ? &temp->left : &temp->right; + + if (*p == sentinel) { + break; + } + + temp = *p; + } + + *p = node; + node->parent = temp; + node->left = sentinel; + node->right = sentinel; + ngx_rbt_red(node); +} + + +static ngx_quic_stream_t * +ngx_quic_find_stream(ngx_rbtree_t *rbtree, uint64_t id) +{ + ngx_rbtree_node_t *node, *sentinel; + ngx_quic_stream_t *qn; + + node = rbtree->root; + sentinel = rbtree->sentinel; + + while (node != sentinel) { + qn = (ngx_quic_stream_t *) node; + + if (id == qn->id) { + return qn; + } + + node = (id < qn->id) ? node->left : node->right; + } + + return NULL; +} + + +static ngx_quic_stream_t * +ngx_quic_create_client_stream(ngx_connection_t *c, uint64_t id) +{ + size_t n; + uint64_t min_id; + ngx_quic_stream_t *sn; + ngx_quic_connection_t *qc; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stream id:0x%xL is new", id); + + qc = ngx_quic_get_connection(c); + + if (id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { + + if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { + if ((id >> 2) < qc->streams.server_streams_uni) { + return NGX_QUIC_STREAM_GONE; + } + + qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; + return NULL; + } + + if ((id >> 2) < qc->streams.client_streams_uni) { + return NGX_QUIC_STREAM_GONE; + } + + if ((id >> 2) >= qc->streams.client_max_streams_uni) { + qc->error = NGX_QUIC_ERR_STREAM_LIMIT_ERROR; + return NULL; + } + + min_id = (qc->streams.client_streams_uni << 2) + | NGX_QUIC_STREAM_UNIDIRECTIONAL; + qc->streams.client_streams_uni = (id >> 2) + 1; + n = qc->tp.initial_max_stream_data_uni; + + } else { + + if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { + if ((id >> 2) < qc->streams.server_streams_bidi) { + return NGX_QUIC_STREAM_GONE; + } + + qc->error = NGX_QUIC_ERR_STREAM_STATE_ERROR; + return NULL; + } + + if ((id >> 2) < qc->streams.client_streams_bidi) { + return NGX_QUIC_STREAM_GONE; + } + + if ((id >> 2) >= qc->streams.client_max_streams_bidi) { + qc->error = NGX_QUIC_ERR_STREAM_LIMIT_ERROR; + return NULL; + } + + min_id = (qc->streams.client_streams_bidi << 2); + qc->streams.client_streams_bidi = (id >> 2) + 1; + n = qc->tp.initial_max_stream_data_bidi_remote; + } + + if (n < NGX_QUIC_STREAM_BUFSIZE) { + n = NGX_QUIC_STREAM_BUFSIZE; + } + + /* + * 2.1. Stream Types and Identifiers + * + * Within each type, streams are created with numerically increasing + * stream IDs. A stream ID that is used out of order results in all + * streams of that type with lower-numbered stream IDs also being + * opened. + */ + + for ( /* void */ ; min_id < id; min_id += 0x04) { + + sn = ngx_quic_create_stream(c, min_id, n); + if (sn == NULL) { + return NULL; + } + + sn->c->listening->handler(sn->c); + } + + return ngx_quic_create_stream(c, id, n); +} + + +static ngx_quic_stream_t * +ngx_quic_create_stream(ngx_connection_t *c, uint64_t id, size_t rcvbuf_size) +{ + ngx_log_t *log; + ngx_pool_t *pool; + ngx_quic_stream_t *sn; + ngx_pool_cleanup_t *cln; + ngx_quic_connection_t *qc; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stream id:0x%xL create", id); + + qc = ngx_quic_get_connection(c); + + pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, c->log); + if (pool == NULL) { + return NULL; + } + + sn = ngx_pcalloc(pool, sizeof(ngx_quic_stream_t)); + if (sn == NULL) { + ngx_destroy_pool(pool); + return NULL; + } + + sn->node.key = id; + sn->parent = c; + sn->id = id; + + sn->b = ngx_create_temp_buf(pool, rcvbuf_size); + if (sn->b == NULL) { + ngx_destroy_pool(pool); + return NULL; + } + + ngx_queue_init(&sn->fs.frames); + + log = ngx_palloc(pool, sizeof(ngx_log_t)); + if (log == NULL) { + ngx_destroy_pool(pool); + return NULL; + } + + *log = *c->log; + pool->log = log; + + sn->c = ngx_get_connection(-1, log); + if (sn->c == NULL) { + ngx_destroy_pool(pool); + return NULL; + } + + sn->c->quic = sn; + sn->c->type = SOCK_STREAM; + sn->c->pool = pool; + sn->c->ssl = c->ssl; + sn->c->sockaddr = c->sockaddr; + sn->c->listening = c->listening; + sn->c->addr_text = c->addr_text; + sn->c->local_sockaddr = c->local_sockaddr; + sn->c->local_socklen = c->local_socklen; + sn->c->number = ngx_atomic_fetch_add(ngx_connection_counter, 1); + + sn->c->recv = ngx_quic_stream_recv; + sn->c->send = ngx_quic_stream_send; + sn->c->send_chain = ngx_quic_stream_send_chain; + + sn->c->read->log = log; + sn->c->write->log = log; + + log->connection = sn->c->number; + + if ((id & NGX_QUIC_STREAM_UNIDIRECTIONAL) == 0 + || (id & NGX_QUIC_STREAM_SERVER_INITIATED)) + { + sn->c->write->ready = 1; + } + + if (id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { + if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { + sn->send_max_data = qc->ctp.initial_max_stream_data_uni; + } + + } else { + if (id & NGX_QUIC_STREAM_SERVER_INITIATED) { + sn->send_max_data = qc->ctp.initial_max_stream_data_bidi_remote; + } else { + sn->send_max_data = qc->ctp.initial_max_stream_data_bidi_local; + } + } + + cln = ngx_pool_cleanup_add(pool, 0); + if (cln == NULL) { + ngx_close_connection(sn->c); + ngx_destroy_pool(pool); + return NULL; + } + + cln->handler = ngx_quic_stream_cleanup_handler; + cln->data = sn->c; + + ngx_rbtree_insert(&qc->streams.tree, &sn->node); + + return sn; +} + + +static ssize_t +ngx_quic_stream_recv(ngx_connection_t *c, u_char *buf, size_t size) +{ + ssize_t len; + ngx_buf_t *b; + ngx_event_t *rev; + ngx_connection_t *pc; + ngx_quic_frame_t *frame; + ngx_quic_stream_t *qs; + ngx_quic_connection_t *qc; + + qs = c->quic; + b = qs->b; + pc = qs->parent; + qc = ngx_quic_get_connection(pc); + rev = c->read; + + if (rev->error) { + return NGX_ERROR; + } + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stream recv id:0x%xL eof:%d avail:%z", + qs->id, rev->pending_eof, b->last - b->pos); + + if (b->pos == b->last) { + rev->ready = 0; + + if (rev->pending_eof) { + rev->eof = 1; + return 0; + } + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stream id:0x%xL recv() not ready", qs->id); + return NGX_AGAIN; + } + + len = ngx_min(b->last - b->pos, (ssize_t) size); + + ngx_memcpy(buf, b->pos, len); + + b->pos += len; + qc->streams.received += len; + + if (b->pos == b->last) { + b->pos = b->start; + b->last = b->start; + rev->ready = rev->pending_eof; + } + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stream id:0x%xL recv len:%z of size:%uz", + qs->id, len, size); + + if (!rev->pending_eof) { + frame = ngx_quic_alloc_frame(pc); + if (frame == NULL) { + return NGX_ERROR; + } + + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_MAX_STREAM_DATA; + frame->u.max_stream_data.id = qs->id; + frame->u.max_stream_data.limit = qs->fs.received + (b->pos - b->start) + + (b->end - b->last); + + ngx_quic_queue_frame(qc, frame); + } + + if ((qc->streams.recv_max_data / 2) < qc->streams.received) { + + frame = ngx_quic_alloc_frame(pc); + + if (frame == NULL) { + return NGX_ERROR; + } + + qc->streams.recv_max_data *= 2; + + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_MAX_DATA; + frame->u.max_data.max_data = qc->streams.recv_max_data; + + ngx_quic_queue_frame(qc, frame); + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stream id:0x%xL recv: increased max_data:%uL", + qs->id, qc->streams.recv_max_data); + } + + return len; +} + + +static ssize_t +ngx_quic_stream_send(ngx_connection_t *c, u_char *buf, size_t size) +{ + ngx_buf_t b; + ngx_chain_t cl; + + ngx_memzero(&b, sizeof(ngx_buf_t)); + + b.memory = 1; + b.pos = buf; + b.last = buf + size; + + cl.buf = &b; + cl.next = NULL; + + if (ngx_quic_stream_send_chain(c, &cl, 0) == NGX_CHAIN_ERROR) { + return NGX_ERROR; + } + + if (b.pos == buf) { + return NGX_AGAIN; + } + + return b.pos - buf; +} + + +static ngx_chain_t * +ngx_quic_stream_send_chain(ngx_connection_t *c, ngx_chain_t *in, off_t limit) +{ + size_t n, flow; + ngx_event_t *wev; + ngx_chain_t *cl; + ngx_connection_t *pc; + ngx_quic_frame_t *frame; + ngx_quic_stream_t *qs; + ngx_quic_connection_t *qc; + + qs = c->quic; + pc = qs->parent; + qc = ngx_quic_get_connection(pc); + wev = c->write; + + if (wev->error) { + return NGX_CHAIN_ERROR; + } + + flow = ngx_quic_max_stream_flow(c); + if (flow == 0) { + wev->ready = 0; + return in; + } + + n = (limit && (size_t) limit < flow) ? (size_t) limit : flow; + + frame = ngx_quic_alloc_frame(pc); + if (frame == NULL) { + return NGX_CHAIN_ERROR; + } + + frame->data = ngx_quic_copy_chain(pc, in, n); + if (frame->data == NGX_CHAIN_ERROR) { + return NGX_CHAIN_ERROR; + } + + for (n = 0, cl = frame->data; cl; cl = cl->next) { + n += ngx_buf_size(cl->buf); + } + + while (in && ngx_buf_size(in->buf) == 0) { + in = in->next; + } + + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_STREAM6; /* OFF=1 LEN=1 FIN=0 */ + frame->u.stream.off = 1; + frame->u.stream.len = 1; + frame->u.stream.fin = 0; + + frame->u.stream.type = frame->type; + frame->u.stream.stream_id = qs->id; + frame->u.stream.offset = c->sent; + frame->u.stream.length = n; + + c->sent += n; + qc->streams.sent += n; + + ngx_quic_queue_frame(qc, frame); + + wev->ready = (n < flow) ? 1 : 0; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic send_chain sent:%uz", n); + + return in; +} + + +static size_t +ngx_quic_max_stream_flow(ngx_connection_t *c) +{ + size_t size; + uint64_t sent, unacked; + ngx_quic_stream_t *qs; + ngx_quic_connection_t *qc; + + qs = c->quic; + qc = ngx_quic_get_connection(qs->parent); + + size = NGX_QUIC_STREAM_BUFSIZE; + sent = c->sent; + unacked = sent - qs->acked; + + if (qc->streams.send_max_data == 0) { + qc->streams.send_max_data = qc->ctp.initial_max_data; + } + + if (unacked >= NGX_QUIC_STREAM_BUFSIZE) { + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic send flow hit buffer size"); + return 0; + } + + if (unacked + size > NGX_QUIC_STREAM_BUFSIZE) { + size = NGX_QUIC_STREAM_BUFSIZE - unacked; + } + + if (qc->streams.sent >= qc->streams.send_max_data) { + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic send flow hit MAX_DATA"); + return 0; + } + + if (qc->streams.sent + size > qc->streams.send_max_data) { + size = qc->streams.send_max_data - qc->streams.sent; + } + + if (sent >= qs->send_max_data) { + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic send flow hit MAX_STREAM_DATA"); + return 0; + } + + if (sent + size > qs->send_max_data) { + size = qs->send_max_data - sent; + } + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic send flow:%uz", size); + + return size; +} + + +static void +ngx_quic_stream_cleanup_handler(void *data) +{ + ngx_connection_t *c = data; + + ngx_connection_t *pc; + ngx_quic_frame_t *frame; + ngx_quic_stream_t *qs; + ngx_quic_connection_t *qc; + + qs = c->quic; + pc = qs->parent; + qc = ngx_quic_get_connection(pc); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stream id:0x%xL cleanup", qs->id); + + ngx_rbtree_delete(&qc->streams.tree, &qs->node); + ngx_quic_free_frames(pc, &qs->fs.frames); + + if (qc->closing) { + /* schedule handler call to continue ngx_quic_close_connection() */ + ngx_post_event(pc->read, &ngx_posted_events); + return; + } + + if ((qs->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0 + || (qs->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) == 0) + { + if (!c->read->pending_eof && !c->read->error) { + frame = ngx_quic_alloc_frame(pc); + if (frame == NULL) { + return; + } + + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_STOP_SENDING; + frame->u.stop_sending.id = qs->id; + frame->u.stop_sending.error_code = 0x100; /* HTTP/3 no error */ + + ngx_quic_queue_frame(qc, frame); + } + } + + if ((qs->id & NGX_QUIC_STREAM_SERVER_INITIATED) == 0) { + frame = ngx_quic_alloc_frame(pc); + if (frame == NULL) { + return; + } + + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_MAX_STREAMS; + + if (qs->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { + frame->u.max_streams.limit = ++qc->streams.client_max_streams_uni; + frame->u.max_streams.bidi = 0; + + } else { + frame->u.max_streams.limit = ++qc->streams.client_max_streams_bidi; + frame->u.max_streams.bidi = 1; + } + + ngx_quic_queue_frame(qc, frame); + + if (qs->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) { + /* do not send fin for client unidirectional streams */ + return; + } + } + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stream id:0x%xL send fin", qs->id); + + frame = ngx_quic_alloc_frame(pc); + if (frame == NULL) { + return; + } + + frame->level = ssl_encryption_application; + frame->type = NGX_QUIC_FT_STREAM7; /* OFF=1 LEN=1 FIN=1 */ + frame->u.stream.off = 1; + frame->u.stream.len = 1; + frame->u.stream.fin = 1; + + frame->u.stream.type = frame->type; + frame->u.stream.stream_id = qs->id; + frame->u.stream.offset = c->sent; + frame->u.stream.length = 0; + + ngx_quic_queue_frame(qc, frame); + + (void) ngx_quic_output(pc); +} + + +static ngx_quic_frame_t * +ngx_quic_alloc_frame(ngx_connection_t *c) +{ + ngx_queue_t *q; + ngx_quic_frame_t *frame; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (!ngx_queue_empty(&qc->free_frames)) { + + q = ngx_queue_head(&qc->free_frames); + frame = ngx_queue_data(q, ngx_quic_frame_t, queue); + + ngx_queue_remove(&frame->queue); + +#ifdef NGX_QUIC_DEBUG_ALLOC + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic reuse frame n:%ui", qc->nframes); +#endif + + } else { + frame = ngx_pcalloc(c->pool, sizeof(ngx_quic_frame_t)); + if (frame == NULL) { + return NULL; + } + +#ifdef NGX_QUIC_DEBUG_ALLOC + ++qc->nframes; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic alloc frame n:%ui", qc->nframes); +#endif + } + + ngx_memzero(frame, sizeof(ngx_quic_frame_t)); + + return frame; +} + + +static void +ngx_quic_congestion_ack(ngx_connection_t *c, ngx_quic_frame_t *f) +{ + ngx_msec_t timer; + ngx_quic_congestion_t *cg; + ngx_quic_connection_t *qc; + + if (f->plen == 0) { + return; + } + + qc = ngx_quic_get_connection(c); + cg = &qc->congestion; + + cg->in_flight -= f->plen; + + timer = f->last - cg->recovery_start; + + if ((ngx_msec_int_t) timer <= 0) { + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic congestion ack recovery win:%uz ss:%z if:%uz", + cg->window, cg->ssthresh, cg->in_flight); + + return; + } + + if (cg->window < cg->ssthresh) { + cg->window += f->plen; + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic congestion slow start win:%uz ss:%z if:%uz", + cg->window, cg->ssthresh, cg->in_flight); + + } else { + cg->window += qc->tp.max_udp_payload_size * f->plen / cg->window; + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic congestion avoidance win:%uz ss:%z if:%uz", + cg->window, cg->ssthresh, cg->in_flight); + } + + /* prevent recovery_start from wrapping */ + + timer = cg->recovery_start - ngx_current_msec + qc->tp.max_idle_timeout * 2; + + if ((ngx_msec_int_t) timer < 0) { + cg->recovery_start = ngx_current_msec - qc->tp.max_idle_timeout * 2; + } +} + + +static void +ngx_quic_congestion_lost(ngx_connection_t *c, ngx_quic_frame_t *f) +{ + ngx_msec_t timer; + ngx_quic_congestion_t *cg; + ngx_quic_connection_t *qc; + + if (f->plen == 0) { + return; + } + + qc = ngx_quic_get_connection(c); + cg = &qc->congestion; + + cg->in_flight -= f->plen; + f->plen = 0; + + timer = f->last - cg->recovery_start; + + if ((ngx_msec_int_t) timer <= 0) { + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic congestion lost recovery win:%uz ss:%z if:%uz", + cg->window, cg->ssthresh, cg->in_flight); + + return; + } + + cg->recovery_start = ngx_current_msec; + cg->window /= 2; + + if (cg->window < qc->tp.max_udp_payload_size * 2) { + cg->window = qc->tp.max_udp_payload_size * 2; + } + + cg->ssthresh = cg->window; + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic congestion lost win:%uz ss:%z if:%uz", + cg->window, cg->ssthresh, cg->in_flight); +} + + +static void +ngx_quic_free_frame(ngx_connection_t *c, ngx_quic_frame_t *frame) +{ + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (frame->data) { + ngx_quic_free_bufs(c, frame->data); + } + + ngx_queue_insert_head(&qc->free_frames, &frame->queue); + +#ifdef NGX_QUIC_DEBUG_ALLOC + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic free frame n:%ui", qc->nframes); +#endif +} + + +uint32_t +ngx_quic_version(ngx_connection_t *c) +{ + uint32_t version; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + version = qc->version; + + return (version & 0xff000000) == 0xff000000 ? version & 0xff : version; +} + + +static ngx_chain_t * +ngx_quic_alloc_buf(ngx_connection_t *c) +{ + ngx_buf_t *b; + ngx_chain_t *cl; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + if (qc->free_bufs) { + cl = qc->free_bufs; + qc->free_bufs = cl->next; + + b = cl->buf; + b->pos = b->start; + b->last = b->start; + +#ifdef NGX_QUIC_DEBUG_ALLOC + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic reuse buffer n:%ui", qc->nbufs); +#endif + + return cl; + } + + cl = ngx_alloc_chain_link(c->pool); + if (cl == NULL) { + return NULL; + } + + b = ngx_create_temp_buf(c->pool, NGX_QUIC_BUFFER_SIZE); + if (b == NULL) { + return NULL; + } + + b->tag = (ngx_buf_tag_t) &ngx_quic_alloc_buf; + + cl->buf = b; + +#ifdef NGX_QUIC_DEBUG_ALLOC + ++qc->nbufs; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic alloc buffer n:%ui", qc->nbufs); +#endif + + return cl; +} + + +static void +ngx_quic_free_bufs(ngx_connection_t *c, ngx_chain_t *in) +{ + ngx_buf_t *b, *shadow; + ngx_chain_t *cl; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + while (in) { +#ifdef NGX_QUIC_DEBUG_ALLOC + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic free buffer n:%ui", qc->nbufs); +#endif + + cl = in; + in = in->next; + b = cl->buf; + + if (b->shadow) { + if (!b->last_shadow) { + b->recycled = 1; + ngx_free_chain(c->pool, cl); + continue; + } + + do { + shadow = b->shadow; + b->shadow = qc->free_shadow_bufs; + qc->free_shadow_bufs = b; + b = shadow; + } while (b->recycled); + + if (b->shadow) { + b->last_shadow = 1; + ngx_free_chain(c->pool, cl); + continue; + } + + cl->buf = b; + } + + cl->next = qc->free_bufs; + qc->free_bufs = cl; + } +} + + +static ngx_chain_t * +ngx_quic_copy_buf(ngx_connection_t *c, u_char *data, size_t len) +{ + size_t n; + ngx_buf_t *b; + ngx_chain_t *cl, *out, **ll; + + out = NULL; + ll = &out; + + while (len) { + cl = ngx_quic_alloc_buf(c); + if (cl == NULL) { + return NGX_CHAIN_ERROR; + } + + b = cl->buf; + n = ngx_min((size_t) (b->end - b->last), len); + + b->last = ngx_cpymem(b->last, data, n); + + data += n; + len -= n; + + *ll = cl; + ll = &cl->next; + } + + *ll = NULL; + + return out; +} + + +static ngx_chain_t * +ngx_quic_copy_chain(ngx_connection_t *c, ngx_chain_t *in, size_t limit) +{ + size_t n; + ngx_buf_t *b; + ngx_chain_t *cl, *out, **ll; + + out = NULL; + ll = &out; + + while (in) { + if (!ngx_buf_in_memory(in->buf) || ngx_buf_size(in->buf) == 0) { + in = in->next; + continue; + } + + cl = ngx_quic_alloc_buf(c); + if (cl == NULL) { + return NGX_CHAIN_ERROR; + } + + *ll = cl; + ll = &cl->next; + + b = cl->buf; + + while (in && b->last != b->end) { + + n = ngx_min(in->buf->last - in->buf->pos, b->end - b->last); + + if (limit > 0 && n > limit) { + n = limit; + } + + b->last = ngx_cpymem(b->last, in->buf->pos, n); + + in->buf->pos += n; + if (in->buf->pos == in->buf->last) { + in = in->next; + } + + if (limit > 0) { + if (limit == n) { + goto done; + } + + limit -= n; + } + } + + } + +done: + + *ll = NULL; + + return out; +} + + +static ngx_chain_t * +ngx_quic_split_bufs(ngx_connection_t *c, ngx_chain_t *in, size_t len) +{ + size_t n; + ngx_buf_t *b; + ngx_chain_t *out; + ngx_quic_connection_t *qc; + + qc = ngx_quic_get_connection(c); + + while (in) { + n = ngx_buf_size(in->buf); + + if (n == len) { + out = in->next; + in->next = NULL; + return out; + } + + if (n > len) { + break; + } + + len -= n; + in = in->next; + } + + if (in == NULL) { + return NULL; + } + + /* split in->buf by creating shadow bufs which reference it */ + + if (in->buf->shadow == NULL) { + if (qc->free_shadow_bufs) { + b = qc->free_shadow_bufs; + qc->free_shadow_bufs = b->shadow; + + } else { + b = ngx_alloc_buf(c->pool); + if (b == NULL) { + return NGX_CHAIN_ERROR; + } + } + + *b = *in->buf; + b->shadow = in->buf; + b->last_shadow = 1; + in->buf = b; + } + + out = ngx_alloc_chain_link(c->pool); + if (out == NULL) { + return NGX_CHAIN_ERROR; + } + + if (qc->free_shadow_bufs) { + b = qc->free_shadow_bufs; + qc->free_shadow_bufs = b->shadow; + + } else { + b = ngx_alloc_buf(c->pool); + if (b == NULL) { + ngx_free_chain(c->pool, out); + return NGX_CHAIN_ERROR; + } + } + + out->buf = b; + out->next = in->next; + in->next = NULL; + + *b = *in->buf; + b->last_shadow = 0; + b->pos = b->pos + len; + + in->buf->shadow = b; + in->buf->last = in->buf->pos + len; + + return out; +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/event/quic/ngx_event_quic.h Fri Dec 25 14:01:28 2020 +0300 @@ -0,0 +1,143 @@ + +/* + * Copyright (C) Nginx, Inc. + */ + + +#ifndef _NGX_EVENT_QUIC_H_INCLUDED_ +#define _NGX_EVENT_QUIC_H_INCLUDED_ + + +#include <ngx_config.h> +#include <ngx_core.h> + + +/* Supported drafts: 27, 28, 29 */ +#ifndef NGX_QUIC_DRAFT_VERSION +#define NGX_QUIC_DRAFT_VERSION 29 +#endif + +#define NGX_QUIC_MAX_SHORT_HEADER 25 /* 1 flags + 20 dcid + 4 pn */ +#define NGX_QUIC_MAX_LONG_HEADER 56 + /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */ + +#define NGX_QUIC_MAX_UDP_PAYLOAD_SIZE 65527 +#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT 1252 +#define NGX_QUIC_MAX_UDP_PAYLOAD_OUT6 1232 + +#define NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT 3 +#define NGX_QUIC_DEFAULT_MAX_ACK_DELAY 25 +#define NGX_QUIC_DEFAULT_SRT_KEY_LEN 32 + +#define NGX_QUIC_RETRY_TIMEOUT 3000 +#define NGX_QUIC_RETRY_LIFETIME 30000 +#define NGX_QUIC_RETRY_BUFFER_SIZE 128 + /* 1 flags + 4 version + 3 x (1 + 20) s/o/dcid + itag + token(44) */ +#define NGX_QUIC_MAX_TOKEN_SIZE 32 + /* sizeof(struct in6_addr) + sizeof(ngx_msec_t) up to AES-256 block size */ + +/* quic-recovery, section 6.2.2, kInitialRtt */ +#define NGX_QUIC_INITIAL_RTT 333 /* ms */ + +/* quic-recovery, section 6.1.1, Packet Threshold */ +#define NGX_QUIC_PKT_THR 3 /* packets */ +/* quic-recovery, section 6.1.2, Time Threshold */ +#define NGX_QUIC_TIME_THR 1.125 +#define NGX_QUIC_TIME_GRANULARITY 1 /* ms */ + +#define NGX_QUIC_CC_MIN_INTERVAL 1000 /* 1s */ + +#define NGX_QUIC_MIN_INITIAL_SIZE 1200 + +#define NGX_QUIC_STREAM_SERVER_INITIATED 0x01 +#define NGX_QUIC_STREAM_UNIDIRECTIONAL 0x02 + +#define NGX_QUIC_STREAM_BUFSIZE 65536 + +#define NGX_QUIC_MAX_CID_LEN 20 +#define NGX_QUIC_SERVER_CID_LEN NGX_QUIC_MAX_CID_LEN + +#define NGX_QUIC_SR_TOKEN_LEN 16 + +#define NGX_QUIC_MAX_SERVER_IDS 8 + +#define NGX_QUIC_BUFFER_SIZE 4096 + +#define ngx_quic_get_connection(c) ((ngx_quic_connection_t *)(c)->udp) + + +typedef struct { + /* configurable */ + ngx_msec_t max_idle_timeout; + ngx_msec_t max_ack_delay; + + size_t max_udp_payload_size; + size_t initial_max_data; + size_t initial_max_stream_data_bidi_local; + size_t initial_max_stream_data_bidi_remote; + size_t initial_max_stream_data_uni; + ngx_uint_t initial_max_streams_bidi; + ngx_uint_t initial_max_streams_uni; + ngx_uint_t ack_delay_exponent; + ngx_uint_t active_connection_id_limit; + ngx_flag_t disable_active_migration; + ngx_str_t original_dcid; + ngx_str_t initial_scid; + ngx_str_t retry_scid; + u_char sr_token[NGX_QUIC_SR_TOKEN_LEN]; + + /* TODO */ + void *preferred_address; +} ngx_quic_tp_t; + + +typedef struct { + ngx_ssl_t *ssl; + ngx_quic_tp_t tp; + ngx_flag_t retry; + ngx_flag_t require_alpn; + u_char token_key[32]; /* AES 256 */ + ngx_str_t sr_token_key; /* stateless reset token key */ +} ngx_quic_conf_t; + + +typedef struct { + uint64_t sent; + uint64_t received; + ngx_queue_t frames; /* reorder queue */ + size_t total; /* size of buffered data */ +} ngx_quic_frames_stream_t; + + +struct ngx_quic_stream_s { + ngx_rbtree_node_t node; + ngx_connection_t *parent; + ngx_connection_t *c; + uint64_t id; + uint64_t acked; + uint64_t send_max_data; + ngx_buf_t *b; + ngx_quic_frames_stream_t fs; +}; + + +typedef struct ngx_quic_keys_s ngx_quic_keys_t; + + +void ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf); +ngx_connection_t *ngx_quic_open_stream(ngx_connection_t *c, ngx_uint_t bidi); +void ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err, + const char *reason); +uint32_t ngx_quic_version(ngx_connection_t *c); +ngx_int_t ngx_quic_get_packet_dcid(ngx_log_t *log, u_char *data, size_t len, + ngx_str_t *dcid); + + +/********************************* DEBUG *************************************/ + +/* #define NGX_QUIC_DEBUG_PACKETS */ /* dump packet contents */ +/* #define NGX_QUIC_DEBUG_FRAMES */ /* dump frames contents */ +/* #define NGX_QUIC_DEBUG_ALLOC */ /* log frames and bufs alloc */ +/* #define NGX_QUIC_DEBUG_CRYPTO */ + +#endif /* _NGX_EVENT_QUIC_H_INCLUDED_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/event/quic/ngx_event_quic_protection.c Fri Dec 25 14:01:28 2020 +0300 @@ -0,0 +1,1188 @@ + +/* + * Copyright (C) Nginx, Inc. + */ + + +#include <ngx_config.h> +#include <ngx_core.h> +#include <ngx_event.h> +#include <ngx_event_quic_transport.h> +#include <ngx_event_quic_protection.h> + + +#define NGX_QUIC_IV_LEN 12 + +#define NGX_AES_128_GCM_SHA256 0x1301 +#define NGX_AES_256_GCM_SHA384 0x1302 +#define NGX_CHACHA20_POLY1305_SHA256 0x1303 + + +#ifdef OPENSSL_IS_BORINGSSL +#define ngx_quic_cipher_t EVP_AEAD +#else +#define ngx_quic_cipher_t EVP_CIPHER +#endif + + +typedef struct { + const ngx_quic_cipher_t *c; + const EVP_CIPHER *hp; + const EVP_MD *d; +} ngx_quic_ciphers_t; + + +typedef struct ngx_quic_secret_s { + ngx_str_t secret; + ngx_str_t key; + ngx_str_t iv; + ngx_str_t hp; +} ngx_quic_secret_t; + + +typedef struct { + ngx_quic_secret_t client; + ngx_quic_secret_t server; +} ngx_quic_secrets_t; + + +struct ngx_quic_keys_s { + ngx_quic_secrets_t secrets[NGX_QUIC_ENCRYPTION_LAST]; + ngx_quic_secrets_t next_key; + ngx_uint_t cipher; +}; + + +static ngx_int_t ngx_hkdf_expand(u_char *out_key, size_t out_len, + const EVP_MD *digest, const u_char *prk, size_t prk_len, + const u_char *info, size_t info_len); +static ngx_int_t ngx_hkdf_extract(u_char *out_key, size_t *out_len, + const EVP_MD *digest, const u_char *secret, size_t secret_len, + const u_char *salt, size_t salt_len); + +static uint64_t ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask, + uint64_t *largest_pn); +static void ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn); +static ngx_int_t ngx_quic_ciphers(ngx_uint_t id, + ngx_quic_ciphers_t *ciphers, enum ssl_encryption_level_t level); + +static ngx_int_t ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, + ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, + ngx_str_t *ad, ngx_log_t *log); +static ngx_int_t ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, + ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, + ngx_str_t *ad, ngx_log_t *log); +static ngx_int_t ngx_quic_tls_hp(ngx_log_t *log, const EVP_CIPHER *cipher, + ngx_quic_secret_t *s, u_char *out, u_char *in); +static ngx_int_t ngx_quic_hkdf_expand(ngx_pool_t *pool, const EVP_MD *digest, + ngx_str_t *out, ngx_str_t *label, const uint8_t *prk, size_t prk_len); + +static ngx_int_t ngx_quic_create_packet(ngx_quic_header_t *pkt, + ngx_str_t *res); +static ngx_int_t ngx_quic_create_retry_packet(ngx_quic_header_t *pkt, + ngx_str_t *res); + + +static ngx_int_t +ngx_quic_ciphers(ngx_uint_t id, ngx_quic_ciphers_t *ciphers, + enum ssl_encryption_level_t level) +{ + ngx_int_t len; + + if (level == ssl_encryption_initial) { + id = NGX_AES_128_GCM_SHA256; + } + + switch (id) { + + case NGX_AES_128_GCM_SHA256: +#ifdef OPENSSL_IS_BORINGSSL + ciphers->c = EVP_aead_aes_128_gcm(); +#else + ciphers->c = EVP_aes_128_gcm(); +#endif + ciphers->hp = EVP_aes_128_ctr(); + ciphers->d = EVP_sha256(); + len = 16; + break; + + case NGX_AES_256_GCM_SHA384: +#ifdef OPENSSL_IS_BORINGSSL + ciphers->c = EVP_aead_aes_256_gcm(); +#else + ciphers->c = EVP_aes_256_gcm(); +#endif + ciphers->hp = EVP_aes_256_ctr(); + ciphers->d = EVP_sha384(); + len = 32; + break; + + case NGX_CHACHA20_POLY1305_SHA256: +#ifdef OPENSSL_IS_BORINGSSL + ciphers->c = EVP_aead_chacha20_poly1305(); +#else + ciphers->c = EVP_chacha20_poly1305(); +#endif +#ifdef OPENSSL_IS_BORINGSSL + ciphers->hp = (const EVP_CIPHER *) EVP_aead_chacha20_poly1305(); +#else + ciphers->hp = EVP_chacha20(); +#endif + ciphers->d = EVP_sha256(); + len = 32; + break; + + default: + return NGX_ERROR; + } + + return len; +} + + +ngx_int_t +ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, ngx_quic_keys_t *keys, + ngx_str_t *secret) +{ + size_t is_len; + uint8_t is[SHA256_DIGEST_LENGTH]; + ngx_uint_t i; + const EVP_MD *digest; + const EVP_CIPHER *cipher; + ngx_quic_secret_t *client, *server; + + static const uint8_t salt[20] = +#if (NGX_QUIC_DRAFT_VERSION >= 29) + "\xaf\xbf\xec\x28\x99\x93\xd2\x4c\x9e\x97" + "\x86\xf1\x9c\x61\x11\xe0\x43\x90\xa8\x99"; +#else + "\xc3\xee\xf7\x12\xc7\x2e\xbb\x5a\x11\xa7" + "\xd2\x43\x2b\xb4\x63\x65\xbe\xf9\xf5\x02"; +#endif + + client = &keys->secrets[ssl_encryption_initial].client; + server = &keys->secrets[ssl_encryption_initial].server; + + /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ + + cipher = EVP_aes_128_gcm(); + digest = EVP_sha256(); + + if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len, + salt, sizeof(salt)) + != NGX_OK) + { + return NGX_ERROR; + } + + ngx_str_t iss = { + .data = is, + .len = is_len + }; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pool->log, 0, + "quic ngx_quic_set_initial_secret"); +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, + "quic salt len:%uz %*xs", sizeof(salt), sizeof(salt), salt); + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, + "quic initial secret len:%uz %*xs", is_len, is_len, is); +#endif + + /* draft-ietf-quic-tls-23#section-5.2 */ + client->secret.len = SHA256_DIGEST_LENGTH; + server->secret.len = SHA256_DIGEST_LENGTH; + + client->key.len = EVP_CIPHER_key_length(cipher); + server->key.len = EVP_CIPHER_key_length(cipher); + + client->hp.len = EVP_CIPHER_key_length(cipher); + server->hp.len = EVP_CIPHER_key_length(cipher); + + client->iv.len = EVP_CIPHER_iv_length(cipher); + server->iv.len = EVP_CIPHER_iv_length(cipher); + + struct { + ngx_str_t label; + ngx_str_t *key; + ngx_str_t *prk; + } seq[] = { + + /* draft-ietf-quic-tls-23#section-5.2 */ + { ngx_string("tls13 client in"), &client->secret, &iss }, + { + ngx_string("tls13 quic key"), + &client->key, + &client->secret, + }, + { + ngx_string("tls13 quic iv"), + &client->iv, + &client->secret, + }, + { + /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ + ngx_string("tls13 quic hp"), + &client->hp, + &client->secret, + }, + { ngx_string("tls13 server in"), &server->secret, &iss }, + { + /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ + ngx_string("tls13 quic key"), + &server->key, + &server->secret, + }, + { + ngx_string("tls13 quic iv"), + &server->iv, + &server->secret, + }, + { + /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ + ngx_string("tls13 quic hp"), + &server->hp, + &server->secret, + }, + + }; + + for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { + + if (ngx_quic_hkdf_expand(pool, digest, seq[i].key, &seq[i].label, + seq[i].prk->data, seq[i].prk->len) + != NGX_OK) + { + return NGX_ERROR; + } + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_hkdf_expand(ngx_pool_t *pool, const EVP_MD *digest, ngx_str_t *out, + ngx_str_t *label, const uint8_t *prk, size_t prk_len) +{ + size_t info_len; + uint8_t *p; + uint8_t info[20]; + + if (out->data == NULL) { + out->data = ngx_pnalloc(pool, out->len); + if (out->data == NULL) { + return NGX_ERROR; + } + } + + info_len = 2 + 1 + label->len + 1; + + info[0] = 0; + info[1] = out->len; + info[2] = label->len; + p = ngx_cpymem(&info[3], label->data, label->len); + *p = '\0'; + + if (ngx_hkdf_expand(out->data, out->len, digest, + prk, prk_len, info, info_len) + != NGX_OK) + { + ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, + "ngx_hkdf_expand(%V) failed", label); + return NGX_ERROR; + } + +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, + "quic expand %V key len:%uz %xV", label, out->len, out); +#endif + + return NGX_OK; +} + + +static ngx_int_t +ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, + const uint8_t *prk, size_t prk_len, const u_char *info, size_t info_len) +{ +#ifdef OPENSSL_IS_BORINGSSL + if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) + == 0) + { + return NGX_ERROR; + } +#else + + EVP_PKEY_CTX *pctx; + + pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); + + if (EVP_PKEY_derive_init(pctx) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_CTX_set1_hkdf_key(pctx, prk, prk_len) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) { + return NGX_ERROR; + } + +#endif + + return NGX_OK; +} + + +static ngx_int_t +ngx_hkdf_extract(u_char *out_key, size_t *out_len, const EVP_MD *digest, + const u_char *secret, size_t secret_len, const u_char *salt, + size_t salt_len) +{ +#ifdef OPENSSL_IS_BORINGSSL + if (HKDF_extract(out_key, out_len, digest, secret, secret_len, salt, + salt_len) + == 0) + { + return NGX_ERROR; + } +#else + + EVP_PKEY_CTX *pctx; + + pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); + + if (EVP_PKEY_derive_init(pctx) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0) { + return NGX_ERROR; + } + + if (EVP_PKEY_derive(pctx, out_key, out_len) <= 0) { + return NGX_ERROR; + } + +#endif + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, + ngx_str_t *out, u_char *nonce, ngx_str_t *in, ngx_str_t *ad, + ngx_log_t *log) +{ + +#ifdef OPENSSL_IS_BORINGSSL + EVP_AEAD_CTX *ctx; + + ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len, + EVP_AEAD_DEFAULT_TAG_LENGTH); + if (ctx == NULL) { + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_new() failed"); + return NGX_ERROR; + } + + if (EVP_AEAD_CTX_open(ctx, out->data, &out->len, out->len, nonce, s->iv.len, + in->data, in->len, ad->data, ad->len) + != 1) + { + EVP_AEAD_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_open() failed"); + return NGX_ERROR; + } + + EVP_AEAD_CTX_free(ctx); +#else + int len; + u_char *tag; + EVP_CIPHER_CTX *ctx; + + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_CIPHER_CTX_new() failed"); + return NGX_ERROR; + } + + if (EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptInit_ex() failed"); + return NGX_ERROR; + } + + if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL) + == 0) + { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, + "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed"); + return NGX_ERROR; + } + + if (EVP_DecryptInit_ex(ctx, NULL, NULL, s->key.data, nonce) != 1) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptInit_ex() failed"); + return NGX_ERROR; + } + + if (EVP_DecryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptUpdate() failed"); + return NGX_ERROR; + } + + if (EVP_DecryptUpdate(ctx, out->data, &len, in->data, + in->len - EVP_GCM_TLS_TAG_LEN) + != 1) + { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptUpdate() failed"); + return NGX_ERROR; + } + + out->len = len; + tag = in->data + in->len - EVP_GCM_TLS_TAG_LEN; + + if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, EVP_GCM_TLS_TAG_LEN, tag) + == 0) + { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, + "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_TAG) failed"); + return NGX_ERROR; + } + + if (EVP_DecryptFinal_ex(ctx, out->data + len, &len) <= 0) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptFinal_ex failed"); + return NGX_ERROR; + } + + out->len += len; + + EVP_CIPHER_CTX_free(ctx); +#endif + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, + ngx_str_t *out, u_char *nonce, ngx_str_t *in, ngx_str_t *ad, ngx_log_t *log) +{ + +#ifdef OPENSSL_IS_BORINGSSL + EVP_AEAD_CTX *ctx; + + ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len, + EVP_AEAD_DEFAULT_TAG_LENGTH); + if (ctx == NULL) { + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_new() failed"); + return NGX_ERROR; + } + + if (EVP_AEAD_CTX_seal(ctx, out->data, &out->len, out->len, nonce, s->iv.len, + in->data, in->len, ad->data, ad->len) + != 1) + { + EVP_AEAD_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_seal() failed"); + return NGX_ERROR; + } + + EVP_AEAD_CTX_free(ctx); +#else + int len; + EVP_CIPHER_CTX *ctx; + + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_CIPHER_CTX_new() failed"); + return NGX_ERROR; + } + + if (EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); + return NGX_ERROR; + } + + if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL) + == 0) + { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, + "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed"); + return NGX_ERROR; + } + + if (EVP_EncryptInit_ex(ctx, NULL, NULL, s->key.data, nonce) != 1) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); + return NGX_ERROR; + } + + if (EVP_EncryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); + return NGX_ERROR; + } + + if (EVP_EncryptUpdate(ctx, out->data, &len, in->data, in->len) != 1) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); + return NGX_ERROR; + } + + out->len = len; + + if (EVP_EncryptFinal_ex(ctx, out->data + out->len, &len) <= 0) { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptFinal_ex failed"); + return NGX_ERROR; + } + + out->len += len; + + if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, EVP_GCM_TLS_TAG_LEN, + out->data + in->len) + == 0) + { + EVP_CIPHER_CTX_free(ctx); + ngx_ssl_error(NGX_LOG_INFO, log, 0, + "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_GET_TAG) failed"); + return NGX_ERROR; + } + + EVP_CIPHER_CTX_free(ctx); + + out->len += EVP_GCM_TLS_TAG_LEN; +#endif + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_tls_hp(ngx_log_t *log, const EVP_CIPHER *cipher, + ngx_quic_secret_t *s, u_char *out, u_char *in) +{ + int outlen; + EVP_CIPHER_CTX *ctx; + u_char zero[5] = {0}; + +#ifdef OPENSSL_IS_BORINGSSL + uint32_t counter; + + ngx_memcpy(&counter, in, sizeof(uint32_t)); + + if (cipher == (const EVP_CIPHER *) EVP_aead_chacha20_poly1305()) { + CRYPTO_chacha_20(out, zero, 5, s->hp.data, &in[4], counter); + return NGX_OK; + } +#endif + + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + return NGX_ERROR; + } + + if (EVP_EncryptInit_ex(ctx, cipher, NULL, s->hp.data, in) != 1) { + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); + goto failed; + } + + if (!EVP_EncryptUpdate(ctx, out, &outlen, zero, 5)) { + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); + goto failed; + } + + if (!EVP_EncryptFinal_ex(ctx, out + 5, &outlen)) { + ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptFinal_Ex() failed"); + goto failed; + } + + EVP_CIPHER_CTX_free(ctx); + + return NGX_OK; + +failed: + + EVP_CIPHER_CTX_free(ctx); + + return NGX_ERROR; +} + + +int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, + ngx_quic_keys_t *keys, enum ssl_encryption_level_t level, + const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len) +{ + ngx_int_t key_len; + ngx_uint_t i; + ngx_quic_secret_t *peer_secret; + ngx_quic_ciphers_t ciphers; + + peer_secret = is_write ? &keys->secrets[level].server + : &keys->secrets[level].client; + + keys->cipher = SSL_CIPHER_get_protocol_id(cipher); + + key_len = ngx_quic_ciphers(keys->cipher, &ciphers, level); + + if (key_len == NGX_ERROR) { + ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher"); + return 0; + } + + if (level == ssl_encryption_initial) { + return 0; + } + + peer_secret->secret.data = ngx_pnalloc(pool, secret_len); + if (peer_secret->secret.data == NULL) { + return NGX_ERROR; + } + + peer_secret->secret.len = secret_len; + ngx_memcpy(peer_secret->secret.data, secret, secret_len); + + peer_secret->key.len = key_len; + peer_secret->iv.len = NGX_QUIC_IV_LEN; + peer_secret->hp.len = key_len; + + struct { + ngx_str_t label; + ngx_str_t *key; + const uint8_t *secret; + } seq[] = { + { ngx_string("tls13 quic key"), &peer_secret->key, secret }, + { ngx_string("tls13 quic iv"), &peer_secret->iv, secret }, + { ngx_string("tls13 quic hp"), &peer_secret->hp, secret }, + }; + + for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { + + if (ngx_quic_hkdf_expand(pool, ciphers.d, seq[i].key, &seq[i].label, + seq[i].secret, secret_len) + != NGX_OK) + { + return 0; + } + } + + return 1; +} + + +ngx_quic_keys_t * +ngx_quic_keys_new(ngx_pool_t *pool) +{ + return ngx_pcalloc(pool, sizeof(ngx_quic_keys_t)); +} + + +ngx_uint_t +ngx_quic_keys_available(ngx_quic_keys_t *keys, + enum ssl_encryption_level_t level) +{ + return keys->secrets[level].client.key.len != 0; +} + + +void +ngx_quic_keys_discard(ngx_quic_keys_t *keys, + enum ssl_encryption_level_t level) +{ + keys->secrets[level].client.key.len = 0; +} + + +void +ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys) +{ + ngx_quic_secrets_t *current, *next, tmp; + + current = &keys->secrets[ssl_encryption_application]; + next = &keys->next_key; + + tmp = *current; + *current = *next; + *next = tmp; +} + + +ngx_int_t +ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys) +{ + ngx_uint_t i; + ngx_quic_ciphers_t ciphers; + ngx_quic_secrets_t *current, *next; + + current = &keys->secrets[ssl_encryption_application]; + next = &keys->next_key; + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic key update"); + + if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application) + == NGX_ERROR) + { + return NGX_ERROR; + } + + next->client.secret.len = current->client.secret.len; + next->client.key.len = current->client.key.len; + next->client.iv.len = current->client.iv.len; + next->client.hp = current->client.hp; + + next->server.secret.len = current->server.secret.len; + next->server.key.len = current->server.key.len; + next->server.iv.len = current->server.iv.len; + next->server.hp = current->server.hp; + + struct { + ngx_str_t label; + ngx_str_t *key; + ngx_str_t *secret; + } seq[] = { + { + ngx_string("tls13 quic ku"), + &next->client.secret, + ¤t->client.secret, + }, + { + ngx_string("tls13 quic key"), + &next->client.key, + &next->client.secret, + }, + { + ngx_string("tls13 quic iv"), + &next->client.iv, + &next->client.secret, + }, + { + ngx_string("tls13 quic ku"), + &next->server.secret, + ¤t->server.secret, + }, + { + ngx_string("tls13 quic key"), + &next->server.key, + &next->server.secret, + }, + { + ngx_string("tls13 quic iv"), + &next->server.iv, + &next->server.secret, + }, + }; + + for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { + + if (ngx_quic_hkdf_expand(c->pool, ciphers.d, seq[i].key, &seq[i].label, + seq[i].secret->data, seq[i].secret->len) + != NGX_OK) + { + return NGX_ERROR; + } + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_create_packet(ngx_quic_header_t *pkt, ngx_str_t *res) +{ + u_char *pnp, *sample; + ngx_str_t ad, out; + ngx_uint_t i; + ngx_quic_secret_t *secret; + ngx_quic_ciphers_t ciphers; + u_char nonce[12], mask[16]; + + out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; + + ad.data = res->data; + ad.len = ngx_quic_create_header(pkt, ad.data, out.len, &pnp); + + out.data = res->data + ad.len; + +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic ad len:%uz %xV", ad.len, &ad); +#endif + + if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR) + { + return NGX_ERROR; + } + + secret = &pkt->keys->secrets[pkt->level].server; + + ngx_memcpy(nonce, secret->iv.data, secret->iv.len); + ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number); + + if (ngx_quic_tls_seal(ciphers.c, secret, &out, + nonce, &pkt->payload, &ad, pkt->log) + != NGX_OK) + { + return NGX_ERROR; + } + + sample = &out.data[4 - pkt->num_len]; + if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) + != NGX_OK) + { + return NGX_ERROR; + } + + /* quic-tls: 5.4.1. Header Protection Application */ + ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); + + for (i = 0; i < pkt->num_len; i++) { + pnp[i] ^= mask[i + 1]; + } + + res->len = ad.len + out.len; + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_create_retry_packet(ngx_quic_header_t *pkt, ngx_str_t *res) +{ + u_char *start; + ngx_str_t ad, itag; + ngx_quic_secret_t secret; + ngx_quic_ciphers_t ciphers; + + /* 5.8. Retry Packet Integrity */ + static u_char key[16] = +#if (NGX_QUIC_DRAFT_VERSION >= 29) + "\xcc\xce\x18\x7e\xd0\x9a\x09\xd0\x57\x28\x15\x5a\x6c\xb9\x6b\xe1"; +#else + "\x4d\x32\xec\xdb\x2a\x21\x33\xc8\x41\xe4\x04\x3d\xf2\x7d\x44\x30"; +#endif + static u_char nonce[12] = +#if (NGX_QUIC_DRAFT_VERSION >= 29) + "\xe5\x49\x30\xf9\x7f\x21\x36\xf0\x53\x0a\x8c\x1c"; +#else + "\x4d\x16\x11\xd0\x55\x13\xa5\x52\xc5\x87\xd5\x75"; +#endif + static ngx_str_t in = ngx_string(""); + + ad.data = res->data; + ad.len = ngx_quic_create_retry_itag(pkt, ad.data, &start); + + itag.data = ad.data + ad.len; + itag.len = EVP_GCM_TLS_TAG_LEN; + +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic retry itag len:%uz %xV", ad.len, &ad); +#endif + + if (ngx_quic_ciphers(0, &ciphers, pkt->level) == NGX_ERROR) { + return NGX_ERROR; + } + + secret.key.len = sizeof(key); + secret.key.data = key; + secret.iv.len = sizeof(nonce); + + if (ngx_quic_tls_seal(ciphers.c, &secret, &itag, nonce, &in, &ad, pkt->log) + != NGX_OK) + { + return NGX_ERROR; + } + + res->len = itag.data + itag.len - start; + res->data = start; + + return NGX_OK; +} + + +ngx_int_t +ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid, ngx_str_t *secret, + u_char *token) +{ + uint8_t *p; + size_t is_len, key_len, info_len; + ngx_str_t label; + const EVP_MD *digest; + uint8_t info[20]; + uint8_t is[SHA256_DIGEST_LENGTH]; + uint8_t key[SHA256_DIGEST_LENGTH]; + + /* 10.4.2. Calculating a Stateless Reset Token */ + + digest = EVP_sha256(); + ngx_str_set(&label, "sr_token_key"); + + if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len, + cid->data, cid->len) + != NGX_OK) + { + ngx_ssl_error(NGX_LOG_INFO, c->log, 0, + "ngx_hkdf_extract(%V) failed", &label); + return NGX_ERROR; + } + + key_len = SHA256_DIGEST_LENGTH; + + info_len = 2 + 1 + label.len + 1; + + info[0] = 0; + info[1] = key_len; + info[2] = label.len; + + p = ngx_cpymem(&info[3], label.data, label.len); + *p = '\0'; + + if (ngx_hkdf_expand(key, key_len, digest, is, is_len, info, info_len) + != NGX_OK) + { + ngx_ssl_error(NGX_LOG_INFO, c->log, 0, + "ngx_hkdf_expand(%V) failed", &label); + return NGX_ERROR; + } + + ngx_memcpy(token, key, NGX_QUIC_SR_TOKEN_LEN); + +#if (NGX_DEBUG) + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, + "quic stateless reset token %*xs", + (size_t) NGX_QUIC_SR_TOKEN_LEN, token); +#endif + + return NGX_OK; +} + + +static uint64_t +ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask, + uint64_t *largest_pn) +{ + u_char *p; + uint64_t truncated_pn, expected_pn, candidate_pn; + uint64_t pn_nbits, pn_win, pn_hwin, pn_mask; + + pn_nbits = ngx_min(len * 8, 62); + + p = *pos; + truncated_pn = *p++ ^ *mask++; + + while (--len) { + truncated_pn = (truncated_pn << 8) + (*p++ ^ *mask++); + } + + *pos = p; + + expected_pn = *largest_pn + 1; + pn_win = 1ULL << pn_nbits; + pn_hwin = pn_win / 2; + pn_mask = pn_win - 1; + + candidate_pn = (expected_pn & ~pn_mask) | truncated_pn; + + if ((int64_t) candidate_pn <= (int64_t) (expected_pn - pn_hwin) + && candidate_pn < (1ULL << 62) - pn_win) + { + candidate_pn += pn_win; + + } else if (candidate_pn > expected_pn + pn_hwin + && candidate_pn >= pn_win) + { + candidate_pn -= pn_win; + } + + *largest_pn = ngx_max((int64_t) *largest_pn, (int64_t) candidate_pn); + + return candidate_pn; +} + + +static void +ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn) +{ + nonce[len - 4] ^= (pn & 0xff000000) >> 24; + nonce[len - 3] ^= (pn & 0x00ff0000) >> 16; + nonce[len - 2] ^= (pn & 0x0000ff00) >> 8; + nonce[len - 1] ^= (pn & 0x000000ff); +} + + +ngx_int_t +ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res) +{ + if (ngx_quic_pkt_retry(pkt->flags)) { + return ngx_quic_create_retry_packet(pkt, res); + } + + return ngx_quic_create_packet(pkt, res); +} + + +ngx_int_t +ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn) +{ + u_char *p, *sample; + size_t len; + uint64_t pn, lpn; + ngx_int_t pnl, rc, key_phase; + ngx_str_t in, ad; + ngx_quic_secret_t *secret; + ngx_quic_ciphers_t ciphers; + uint8_t mask[16], nonce[12]; + + if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR) + { + return NGX_ERROR; + } + + secret = &pkt->keys->secrets[pkt->level].client; + + p = pkt->raw->pos; + len = pkt->data + pkt->len - p; + + /* draft-ietf-quic-tls-23#section-5.4.2: + * the Packet Number field is assumed to be 4 bytes long + * draft-ietf-quic-tls-23#section-5.4.[34]: + * AES-Based and ChaCha20-Based header protections sample 16 bytes + */ + + if (len < EVP_GCM_TLS_TAG_LEN + 4) { + return NGX_DECLINED; + } + + sample = p + 4; + + /* header protection */ + + if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) + != NGX_OK) + { + return NGX_DECLINED; + } + + pkt->flags ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); + + if (ngx_quic_short_pkt(pkt->flags)) { + key_phase = (pkt->flags & NGX_QUIC_PKT_KPHASE) != 0; + + if (key_phase != pkt->key_phase) { + secret = &pkt->keys->next_key.client; + pkt->key_update = 1; + } + } + + lpn = *largest_pn; + + pnl = (pkt->flags & 0x03) + 1; + pn = ngx_quic_parse_pn(&p, pnl, &mask[1], &lpn); + + pkt->pn = pn; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic packet rx clearflags:%xd", pkt->flags); + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic packet rx number:%uL len:%xi", pn, pnl); + + /* packet protection */ + + in.data = p; + in.len = len - pnl; + + ad.len = p - pkt->data; + ad.data = pkt->plaintext; + + ngx_memcpy(ad.data, pkt->data, ad.len); + ad.data[0] = pkt->flags; + + do { + ad.data[ad.len - pnl] = pn >> (8 * (pnl - 1)) % 256; + } while (--pnl); + + ngx_memcpy(nonce, secret->iv.data, secret->iv.len); + ngx_quic_compute_nonce(nonce, sizeof(nonce), pn); + +#ifdef NGX_QUIC_DEBUG_CRYPTO + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic ad len:%uz %xV", ad.len, &ad); +#endif + + pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN; + pkt->payload.data = pkt->plaintext + ad.len; + + rc = ngx_quic_tls_open(ciphers.c, secret, &pkt->payload, + nonce, &in, &ad, pkt->log); + if (rc != NGX_OK) { + return NGX_DECLINED; + } + + if (pkt->payload.len == 0) { + /* + * An endpoint MUST treat receipt of a packet containing no + * frames as a connection error of type PROTOCOL_VIOLATION. + */ + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic zero-length packet"); + pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; + return NGX_ERROR; + } + + if (pkt->flags & ngx_quic_pkt_rb_mask(pkt->flags)) { + /* + * An endpoint MUST treat receipt of a packet that has + * a non-zero value for these bits, after removing both + * packet and header protection, as a connection error + * of type PROTOCOL_VIOLATION. + */ + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic reserved bit set in packet"); + pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; + return NGX_ERROR; + } + +#if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS) + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic packet payload len:%uz %xV", + pkt->payload.len, &pkt->payload); +#endif + + *largest_pn = lpn; + + return NGX_OK; +} +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/event/quic/ngx_event_quic_protection.h Fri Dec 25 14:01:28 2020 +0300 @@ -0,0 +1,38 @@ + +/* + * Copyright (C) Nginx, Inc. + */ + + +#ifndef _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_ +#define _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_ + + +#include <ngx_config.h> +#include <ngx_core.h> + + +#define NGX_QUIC_ENCRYPTION_LAST ((ssl_encryption_application) + 1) + + +ngx_quic_keys_t *ngx_quic_keys_new(ngx_pool_t *pool); +ngx_int_t ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, + ngx_quic_keys_t *keys, ngx_str_t *secret); +int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, + ngx_quic_keys_t *keys, enum ssl_encryption_level_t level, + const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len); +ngx_uint_t ngx_quic_keys_available(ngx_quic_keys_t *keys, + enum ssl_encryption_level_t level); +void ngx_quic_keys_discard(ngx_quic_keys_t *keys, + enum ssl_encryption_level_t level); +void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys); +ngx_int_t ngx_quic_keys_update(ngx_connection_t *c, ngx_quic_keys_t *keys); + +ngx_int_t ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid, + ngx_str_t *key, u_char *token); + +ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res); +ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn); + + +#endif /* _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_ */
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/event/quic/ngx_event_quic_transport.c Fri Dec 25 14:01:28 2020 +0300 @@ -0,0 +1,1983 @@ + +/* + * Copyright (C) Nginx, Inc. + */ + + +#include <ngx_config.h> +#include <ngx_core.h> +#include <ngx_event.h> +#include <ngx_event_quic_transport.h> + + +#define NGX_QUIC_LONG_DCID_LEN_OFFSET 5 +#define NGX_QUIC_LONG_DCID_OFFSET 6 +#define NGX_QUIC_SHORT_DCID_OFFSET 1 + + +#if (NGX_HAVE_NONALIGNED) + +#define ngx_quic_parse_uint16(p) ntohs(*(uint16_t *) (p)) +#define ngx_quic_parse_uint32(p) ntohl(*(uint32_t *) (p)) + +#define ngx_quic_write_uint16 ngx_quic_write_uint16_aligned +#define ngx_quic_write_uint32 ngx_quic_write_uint32_aligned + +#else + +#define ngx_quic_parse_uint16(p) ((p)[0] << 8 | (p)[1]) +#define ngx_quic_parse_uint32(p) \ + ((uint32_t) (p)[0] << 24 | (p)[1] << 16 | (p)[2] << 8 | (p)[3]) + +#define ngx_quic_write_uint16(p, s) \ + ((p)[0] = (u_char) ((s) >> 8), \ + (p)[1] = (u_char) (s), \ + (p) + sizeof(uint16_t)) + +#define ngx_quic_write_uint32(p, s) \ + ((p)[0] = (u_char) ((s) >> 24), \ + (p)[1] = (u_char) ((s) >> 16), \ + (p)[2] = (u_char) ((s) >> 8), \ + (p)[3] = (u_char) (s), \ + (p) + sizeof(uint32_t)) + +#endif + +#define ngx_quic_write_uint24(p, s) \ + ((p)[0] = (u_char) ((s) >> 16), \ + (p)[1] = (u_char) ((s) >> 8), \ + (p)[2] = (u_char) (s), \ + (p) + 3) + +#define ngx_quic_write_uint16_aligned(p, s) \ + (*(uint16_t *) (p) = htons((uint16_t) (s)), (p) + sizeof(uint16_t)) + +#define ngx_quic_write_uint32_aligned(p, s) \ + (*(uint32_t *) (p) = htonl((uint32_t) (s)), (p) + sizeof(uint32_t)) + +#define NGX_QUIC_VERSION(c) (0xff000000 + (c)) + + +static u_char *ngx_quic_parse_int(u_char *pos, u_char *end, uint64_t *out); +static ngx_uint_t ngx_quic_varint_len(uint64_t value); +static void ngx_quic_build_int(u_char **pos, uint64_t value); + +static u_char *ngx_quic_read_uint8(u_char *pos, u_char *end, uint8_t *value); +static u_char *ngx_quic_read_uint32(u_char *pos, u_char *end, uint32_t *value); +static u_char *ngx_quic_read_bytes(u_char *pos, u_char *end, size_t len, + u_char **out); +static u_char *ngx_quic_copy_bytes(u_char *pos, u_char *end, size_t len, + u_char *dst); + +static ngx_int_t ngx_quic_parse_short_header(ngx_quic_header_t *pkt, + size_t dcid_len); +static ngx_int_t ngx_quic_parse_long_header(ngx_quic_header_t *pkt); +static ngx_int_t ngx_quic_supported_version(uint32_t version); +static ngx_int_t ngx_quic_parse_long_header_v1(ngx_quic_header_t *pkt); + +static size_t ngx_quic_create_long_header(ngx_quic_header_t *pkt, u_char *out, + size_t pkt_len, u_char **pnp); +static size_t ngx_quic_create_short_header(ngx_quic_header_t *pkt, u_char *out, + size_t pkt_len, u_char **pnp); + +static ngx_int_t ngx_quic_frame_allowed(ngx_quic_header_t *pkt, + ngx_uint_t frame_type); +static size_t ngx_quic_create_ack(u_char *p, ngx_quic_ack_frame_t *ack, + ngx_chain_t *ranges); +static size_t ngx_quic_create_stop_sending(u_char *p, + ngx_quic_stop_sending_frame_t *ss); +static size_t ngx_quic_create_crypto(u_char *p, + ngx_quic_crypto_frame_t *crypto, ngx_chain_t *data); +static size_t ngx_quic_create_hs_done(u_char *p); +static size_t ngx_quic_create_new_token(u_char *p, + ngx_quic_new_token_frame_t *token); +static size_t ngx_quic_create_stream(u_char *p, ngx_quic_stream_frame_t *sf, + ngx_chain_t *data); +static size_t ngx_quic_create_max_streams(u_char *p, + ngx_quic_max_streams_frame_t *ms); +static size_t ngx_quic_create_max_stream_data(u_char *p, + ngx_quic_max_stream_data_frame_t *ms); +static size_t ngx_quic_create_max_data(u_char *p, + ngx_quic_max_data_frame_t *md); +static size_t ngx_quic_create_path_response(u_char *p, + ngx_quic_path_challenge_frame_t *pc); +static size_t ngx_quic_create_new_connection_id(u_char *p, + ngx_quic_new_conn_id_frame_t *rcid); +static size_t ngx_quic_create_retire_connection_id(u_char *p, + ngx_quic_retire_cid_frame_t *rcid); +static size_t ngx_quic_create_close(u_char *p, ngx_quic_close_frame_t *cl); + +static ngx_int_t ngx_quic_parse_transport_param(u_char *p, u_char *end, + uint16_t id, ngx_quic_tp_t *dst); + + +uint32_t ngx_quic_versions[] = { +#if (NGX_QUIC_DRAFT_VERSION >= 29) + /* pretend we support all versions in range draft-29..v1 */ + NGX_QUIC_VERSION(29), + NGX_QUIC_VERSION(30), + NGX_QUIC_VERSION(31), + NGX_QUIC_VERSION(32), + /* QUICv1 */ + 0x00000001 +#else + NGX_QUIC_VERSION(NGX_QUIC_DRAFT_VERSION) +#endif +}; + +#define NGX_QUIC_NVERSIONS \ + (sizeof(ngx_quic_versions) / sizeof(ngx_quic_versions[0])) + + +/* literal errors indexed by corresponding value */ +static char *ngx_quic_errors[] = { + "NO_ERROR", + "INTERNAL_ERROR", + "CONNECTION_REFUSED", + "FLOW_CONTROL_ERROR", + "STREAM_LIMIT_ERROR", + "STREAM_STATE_ERROR", + "FINAL_SIZE_ERROR", + "FRAME_ENCODING_ERROR", + "TRANSPORT_PARAMETER_ERROR", + "CONNECTION_ID_LIMIT_ERROR", + "PROTOCOL_VIOLATION", + "INVALID_TOKEN", + "APPLICATION_ERROR", + "CRYPTO_BUFFER_EXCEEDED", + "KEY_UPDATE_ERROR", +}; + + +static ngx_inline u_char * +ngx_quic_parse_int(u_char *pos, u_char *end, uint64_t *out) +{ + u_char *p; + uint64_t value; + ngx_uint_t len; + + if (pos >= end) { + return NULL; + } + + p = pos; + len = 1 << (*p >> 6); + + value = *p++ & 0x3f; + + if ((size_t)(end - p) < (len - 1)) { + return NULL; + } + + while (--len) { + value = (value << 8) + *p++; + } + + *out = value; + + return p; +} + + +static ngx_inline u_char * +ngx_quic_read_uint8(u_char *pos, u_char *end, uint8_t *value) +{ + if ((size_t)(end - pos) < 1) { + return NULL; + } + + *value = *pos; + + return pos + 1; +} + + +static ngx_inline u_char * +ngx_quic_read_uint32(u_char *pos, u_char *end, uint32_t *value) +{ + if ((size_t)(end - pos) < sizeof(uint32_t)) { + return NULL; + } + + *value = ngx_quic_parse_uint32(pos); + + return pos + sizeof(uint32_t); +} + + +static ngx_inline u_char * +ngx_quic_read_bytes(u_char *pos, u_char *end, size_t len, u_char **out) +{ + if ((size_t)(end - pos) < len) { + return NULL; + } + + *out = pos; + + return pos + len; +} + + +static u_char * +ngx_quic_copy_bytes(u_char *pos, u_char *end, size_t len, u_char *dst) +{ + if ((size_t)(end - pos) < len) { + return NULL; + } + + ngx_memcpy(dst, pos, len); + + return pos + len; +} + + +static ngx_uint_t +ngx_quic_varint_len(uint64_t value) +{ + ngx_uint_t bits; + + bits = 0; + while (value >> ((8 << bits) - 2)) { + bits++; + } + + return 1 << bits; +} + + +static void +ngx_quic_build_int(u_char **pos, uint64_t value) +{ + u_char *p; + ngx_uint_t bits, len; + + p = *pos; + bits = 0; + + while (value >> ((8 << bits) - 2)) { + bits++; + } + + len = (1 << bits); + + while (len--) { + *p++ = value >> (len * 8); + } + + **pos |= bits << 6; + *pos = p; +} + + +u_char * +ngx_quic_error_text(uint64_t error_code) +{ + if (error_code >= NGX_QUIC_ERR_CRYPTO_ERROR) { + return (u_char *) "handshake error"; + } + + if (error_code >= NGX_QUIC_ERR_LAST) { + return (u_char *) "unknown error"; + } + + return (u_char *) ngx_quic_errors[error_code]; +} + + +ngx_int_t +ngx_quic_parse_packet(ngx_quic_header_t *pkt) +{ + if (!ngx_quic_long_pkt(pkt->flags)) { + pkt->level = ssl_encryption_application; + + if (ngx_quic_parse_short_header(pkt, NGX_QUIC_SERVER_CID_LEN) != NGX_OK) + { + return NGX_DECLINED; + } + + return NGX_OK; + } + + if (ngx_quic_parse_long_header(pkt) != NGX_OK) { + return NGX_DECLINED; + } + + if (!ngx_quic_supported_version(pkt->version)) { + return NGX_ABORT; + } + + if (ngx_quic_parse_long_header_v1(pkt) != NGX_OK) { + return NGX_DECLINED; + } + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_parse_short_header(ngx_quic_header_t *pkt, size_t dcid_len) +{ + u_char *p, *end; + + p = pkt->raw->pos; + end = pkt->data + pkt->len; + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic packet rx short flags:%xd", pkt->flags); + + if (!(pkt->flags & NGX_QUIC_PKT_FIXED_BIT)) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic fixed bit is not set"); + return NGX_ERROR; + } + + pkt->dcid.len = dcid_len; + + p = ngx_quic_read_bytes(p, end, dcid_len, &pkt->dcid.data); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet is too small to read dcid"); + return NGX_ERROR; + } + + pkt->raw->pos = p; + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_parse_long_header(ngx_quic_header_t *pkt) +{ + u_char *p, *end; + uint8_t idlen; + + p = pkt->raw->pos; + end = pkt->data + pkt->len; + + p = ngx_quic_read_uint32(p, end, &pkt->version); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet is too small to read version"); + return NGX_ERROR; + } + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic packet rx long flags:%xd version:%xD", + pkt->flags, pkt->version); + + if (!(pkt->flags & NGX_QUIC_PKT_FIXED_BIT)) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic fixed bit is not set"); + return NGX_ERROR; + } + + p = ngx_quic_read_uint8(p, end, &idlen); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet is too small to read dcid len"); + return NGX_ERROR; + } + + if (idlen > NGX_QUIC_CID_LEN_MAX) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet dcid is too long"); + return NGX_ERROR; + } + + pkt->dcid.len = idlen; + + p = ngx_quic_read_bytes(p, end, idlen, &pkt->dcid.data); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet is too small to read dcid"); + return NGX_ERROR; + } + + p = ngx_quic_read_uint8(p, end, &idlen); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet is too small to read scid len"); + return NGX_ERROR; + } + + if (idlen > NGX_QUIC_CID_LEN_MAX) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet scid is too long"); + return NGX_ERROR; + } + + pkt->scid.len = idlen; + + p = ngx_quic_read_bytes(p, end, idlen, &pkt->scid.data); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet is too small to read scid"); + return NGX_ERROR; + } + + pkt->raw->pos = p; + + return NGX_OK; +} + + +static ngx_int_t +ngx_quic_supported_version(uint32_t version) +{ + ngx_uint_t i; + + for (i = 0; i < NGX_QUIC_NVERSIONS; i++) { + if (ngx_quic_versions[i] == version) { + return 1; + } + } + + return 0; +} + + +static ngx_int_t +ngx_quic_parse_long_header_v1(ngx_quic_header_t *pkt) +{ + u_char *p, *end; + uint64_t varint; + + p = pkt->raw->pos; + end = pkt->raw->last; + + pkt->log->action = "parsing quic long header"; + + if (ngx_quic_pkt_in(pkt->flags)) { + + if (pkt->len < NGX_QUIC_MIN_INITIAL_SIZE) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic UDP datagram is too small for initial packet"); + return NGX_DECLINED; + } + + p = ngx_quic_parse_int(p, end, &varint); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic failed to parse token length"); + return NGX_ERROR; + } + + pkt->token.len = varint; + + p = ngx_quic_read_bytes(p, end, pkt->token.len, &pkt->token.data); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic packet too small to read token data"); + return NGX_ERROR; + } + + pkt->level = ssl_encryption_initial; + + } else if (ngx_quic_pkt_zrtt(pkt->flags)) { + pkt->level = ssl_encryption_early_data; + + } else if (ngx_quic_pkt_hs(pkt->flags)) { + pkt->level = ssl_encryption_handshake; + + } else { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic bad packet type"); + return NGX_DECLINED; + } + + p = ngx_quic_parse_int(p, end, &varint); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic bad packet length"); + return NGX_ERROR; + } + + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic packet rx %s len:%uL", + ngx_quic_level_name(pkt->level), varint); + + if (varint > (uint64_t) ((pkt->data + pkt->len) - p)) { + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, "quic truncated %s packet", + ngx_quic_level_name(pkt->level)); + return NGX_ERROR; + } + + pkt->raw->pos = p; + pkt->len = p + varint - pkt->data; + + return NGX_OK; +} + + +ngx_int_t +ngx_quic_get_packet_dcid(ngx_log_t *log, u_char *data, size_t n, + ngx_str_t *dcid) +{ + size_t len, offset; + + if (n == 0) { + goto failed; + } + + if (ngx_quic_long_pkt(*data)) { + if (n < NGX_QUIC_LONG_DCID_LEN_OFFSET + 1) { + goto failed; + } + + len = data[NGX_QUIC_LONG_DCID_LEN_OFFSET]; + offset = NGX_QUIC_LONG_DCID_OFFSET; + + } else { + len = NGX_QUIC_SERVER_CID_LEN; + offset = NGX_QUIC_SHORT_DCID_OFFSET; + } + + if (n < len + offset) { + goto failed; + } + + dcid->len = len; + dcid->data = &data[offset]; + + return NGX_OK; + +failed: + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0, "quic malformed packet"); + + return NGX_ERROR; +} + + +size_t +ngx_quic_create_version_negotiation(ngx_quic_header_t *pkt, u_char *out) +{ + u_char *p, *start; + ngx_uint_t i; + + p = start = out; + + *p++ = pkt->flags; + + /* + * The Version field of a Version Negotiation packet + * MUST be set to 0x00000000 + */ + p = ngx_quic_write_uint32(p, 0); + + *p++ = pkt->dcid.len; + p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); + + *p++ = pkt->scid.len; + p = ngx_cpymem(p, pkt->scid.data, pkt->scid.len); + + for (i = 0; i < NGX_QUIC_NVERSIONS; i++) { + p = ngx_quic_write_uint32(p, ngx_quic_versions[i]); + } + + return p - start; +} + + +size_t +ngx_quic_create_header(ngx_quic_header_t *pkt, u_char *out, size_t pkt_len, + u_char **pnp) +{ + return ngx_quic_short_pkt(pkt->flags) + ? ngx_quic_create_short_header(pkt, out, pkt_len, pnp) + : ngx_quic_create_long_header(pkt, out, pkt_len, pnp); +} + + +static size_t +ngx_quic_create_long_header(ngx_quic_header_t *pkt, u_char *out, + size_t pkt_len, u_char **pnp) +{ + u_char *p, *start; + + if (out == NULL) { + return 5 + 2 + pkt->dcid.len + pkt->scid.len + + ngx_quic_varint_len(pkt_len + pkt->num_len) + pkt->num_len + + (pkt->level == ssl_encryption_initial ? 1 : 0); + } + + p = start = out; + + *p++ = pkt->flags; + + p = ngx_quic_write_uint32(p, pkt->version); + + *p++ = pkt->dcid.len; + p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); + + *p++ = pkt->scid.len; + p = ngx_cpymem(p, pkt->scid.data, pkt->scid.len); + + if (pkt->level == ssl_encryption_initial) { + ngx_quic_build_int(&p, 0); + } + + ngx_quic_build_int(&p, pkt_len + pkt->num_len); + + *pnp = p; + + switch (pkt->num_len) { + case 1: + *p++ = pkt->trunc; + break; + case 2: + p = ngx_quic_write_uint16(p, pkt->trunc); + break; + case 3: + p = ngx_quic_write_uint24(p, pkt->trunc); + break; + case 4: + p = ngx_quic_write_uint32(p, pkt->trunc); + break; + } + + return p - start; +} + + +static size_t +ngx_quic_create_short_header(ngx_quic_header_t *pkt, u_char *out, + size_t pkt_len, u_char **pnp) +{ + u_char *p, *start; + + if (out == NULL) { + return 1 + pkt->dcid.len + pkt->num_len; + } + + p = start = out; + + *p++ = pkt->flags; + + p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); + + *pnp = p; + + switch (pkt->num_len) { + case 1: + *p++ = pkt->trunc; + break; + case 2: + p = ngx_quic_write_uint16(p, pkt->trunc); + break; + case 3: + p = ngx_quic_write_uint24(p, pkt->trunc); + break; + case 4: + p = ngx_quic_write_uint32(p, pkt->trunc); + break; + } + + return p - start; +} + + +size_t +ngx_quic_create_retry_itag(ngx_quic_header_t *pkt, u_char *out, + u_char **start) +{ + u_char *p; + + p = out; + + *p++ = pkt->odcid.len; + p = ngx_cpymem(p, pkt->odcid.data, pkt->odcid.len); + + *start = p; + + *p++ = 0xff; + + p = ngx_quic_write_uint32(p, pkt->version); + + *p++ = pkt->dcid.len; + p = ngx_cpymem(p, pkt->dcid.data, pkt->dcid.len); + + *p++ = pkt->scid.len; + p = ngx_cpymem(p, pkt->scid.data, pkt->scid.len); + + p = ngx_cpymem(p, pkt->token.data, pkt->token.len); + + return p - out; +} + + +#define ngx_quic_stream_bit_off(val) (((val) & 0x04) ? 1 : 0) +#define ngx_quic_stream_bit_len(val) (((val) & 0x02) ? 1 : 0) +#define ngx_quic_stream_bit_fin(val) (((val) & 0x01) ? 1 : 0) + +ssize_t +ngx_quic_parse_frame(ngx_quic_header_t *pkt, u_char *start, u_char *end, + ngx_quic_frame_t *f) +{ + u_char *p; + uint64_t varint; + ngx_buf_t *b; + ngx_uint_t i; + + b = f->data->buf; + + p = start; + + p = ngx_quic_parse_int(p, end, &varint); + if (p == NULL) { + pkt->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic failed to obtain quic frame type"); + return NGX_ERROR; + } + + f->type = varint; + + if (ngx_quic_frame_allowed(pkt, f->type) != NGX_OK) { + pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION; + return NGX_ERROR; + } + + switch (f->type) { + + case NGX_QUIC_FT_CRYPTO: + + p = ngx_quic_parse_int(p, end, &f->u.crypto.offset); + if (p == NULL) { + goto error; + } + + p = ngx_quic_parse_int(p, end, &f->u.crypto.length); + if (p == NULL) { + goto error; + } + + p = ngx_quic_read_bytes(p, end, f->u.crypto.length, &b->pos); + if (p == NULL) { + goto error; + } + + b->last = p; + + break; + + case NGX_QUIC_FT_PADDING: + + while (p < end && *p == NGX_QUIC_FT_PADDING) { + p++; + } + + break; + + case NGX_QUIC_FT_ACK: + case NGX_QUIC_FT_ACK_ECN: + + if (!((p = ngx_quic_parse_int(p, end, &f->u.ack.largest)) + && (p = ngx_quic_parse_int(p, end, &f->u.ack.delay)) + && (p = ngx_quic_parse_int(p, end, &f->u.ack.range_count)) + && (p = ngx_quic_parse_int(p, end, &f->u.ack.first_range)))) + { + goto error; + } + + b->pos = p; + + /* process all ranges to get bounds, values are ignored */ + for (i = 0; i < f->u.ack.range_count; i++) { + + p = ngx_quic_parse_int(p, end, &varint); + if (p) { + p = ngx_quic_parse_int(p, end, &varint); + } + + if (p == NULL) { + goto error; + } + } + + b->last = p; + + f->u.ack.ranges_length = b->last - b->pos; + + if (f->type == NGX_QUIC_FT_ACK_ECN) { + + if (!((p = ngx_quic_parse_int(p, end, &f->u.ack.ect0)) + && (p = ngx_quic_parse_int(p, end, &f->u.ack.ect1)) + && (p = ngx_quic_parse_int(p, end, &f->u.ack.ce)))) + { + goto error; + } + + ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pkt->log, 0, + "quic ACK ECN counters ect0:%uL ect1:%uL ce:%uL", + f->u.ack.ect0, f->u.ack.ect1, f->u.ack.ce); + } + + break; + + case NGX_QUIC_FT_PING: + break; + + case NGX_QUIC_FT_NEW_CONNECTION_ID: + + p = ngx_quic_parse_int(p, end, &f->u.ncid.seqnum); + if (p == NULL) { + goto error; + } + + p = ngx_quic_parse_int(p, end, &f->u.ncid.retire); + if (p == NULL) { + goto error; + } + + if (f->u.ncid.retire > f->u.ncid.seqnum) { + goto error; + } + + p = ngx_quic_read_uint8(p, end, &f->u.ncid.len); + if (p == NULL) { + goto error; + } + + if (f->u.ncid.len < 1 || f->u.ncid.len > NGX_QUIC_CID_LEN_MAX) { + goto error; + } + + p = ngx_quic_copy_bytes(p, end, f->u.ncid.len, f->u.ncid.cid); + if (p == NULL) { + goto error; + } + + p = ngx_quic_copy_bytes(p, end, NGX_QUIC_SR_TOKEN_LEN, f->u.ncid.srt); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_RETIRE_CONNECTION_ID: + + p = ngx_quic_parse_int(p, end, &f->u.retire_cid.sequence_number); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_CONNECTION_CLOSE: + case NGX_QUIC_FT_CONNECTION_CLOSE_APP: + + p = ngx_quic_parse_int(p, end, &f->u.close.error_code); + if (p == NULL) { + goto error; + } + + if (f->type == NGX_QUIC_FT_CONNECTION_CLOSE) { + p = ngx_quic_parse_int(p, end, &f->u.close.frame_type); + if (p == NULL) { + goto error; + } + } + + p = ngx_quic_parse_int(p, end, &varint); + if (p == NULL) { + goto error; + } + + f->u.close.reason.len = varint; + + p = ngx_quic_read_bytes(p, end, f->u.close.reason.len, + &f->u.close.reason.data); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_STREAM0: + case NGX_QUIC_FT_STREAM1: + case NGX_QUIC_FT_STREAM2: + case NGX_QUIC_FT_STREAM3: + case NGX_QUIC_FT_STREAM4: + case NGX_QUIC_FT_STREAM5: + case NGX_QUIC_FT_STREAM6: + case NGX_QUIC_FT_STREAM7: + + f->u.stream.type = f->type; + + f->u.stream.off = ngx_quic_stream_bit_off(f->type); + f->u.stream.len = ngx_quic_stream_bit_len(f->type); + f->u.stream.fin = ngx_quic_stream_bit_fin(f->type); + + p = ngx_quic_parse_int(p, end, &f->u.stream.stream_id); + if (p == NULL) { + goto error; + } + + if (f->type & 0x04) { + p = ngx_quic_parse_int(p, end, &f->u.stream.offset); + if (p == NULL) { + goto error; + } + + } else { + f->u.stream.offset = 0; + } + + if (f->type & 0x02) { + p = ngx_quic_parse_int(p, end, &f->u.stream.length); + if (p == NULL) { + goto error; + } + + } else { + f->u.stream.length = end - p; /* up to packet end */ + } + + p = ngx_quic_read_bytes(p, end, f->u.stream.length, &b->pos); + if (p == NULL) { + goto error; + } + + b->last = p; + break; + + case NGX_QUIC_FT_MAX_DATA: + + p = ngx_quic_parse_int(p, end, &f->u.max_data.max_data); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_RESET_STREAM: + + if (!((p = ngx_quic_parse_int(p, end, &f->u.reset_stream.id)) + && (p = ngx_quic_parse_int(p, end, &f->u.reset_stream.error_code)) + && (p = ngx_quic_parse_int(p, end, + &f->u.reset_stream.final_size)))) + { + goto error; + } + + break; + + case NGX_QUIC_FT_STOP_SENDING: + + p = ngx_quic_parse_int(p, end, &f->u.stop_sending.id); + if (p == NULL) { + goto error; + } + + p = ngx_quic_parse_int(p, end, &f->u.stop_sending.error_code); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_STREAMS_BLOCKED: + case NGX_QUIC_FT_STREAMS_BLOCKED2: + + p = ngx_quic_parse_int(p, end, &f->u.streams_blocked.limit); + if (p == NULL) { + goto error; + } + + f->u.streams_blocked.bidi = + (f->type == NGX_QUIC_FT_STREAMS_BLOCKED) ? 1 : 0; + break; + + case NGX_QUIC_FT_MAX_STREAMS: + case NGX_QUIC_FT_MAX_STREAMS2: + + p = ngx_quic_parse_int(p, end, &f->u.max_streams.limit); + if (p == NULL) { + goto error; + } + + f->u.max_streams.bidi = (f->type == NGX_QUIC_FT_MAX_STREAMS) ? 1 : 0; + + break; + + case NGX_QUIC_FT_MAX_STREAM_DATA: + + p = ngx_quic_parse_int(p, end, &f->u.max_stream_data.id); + if (p == NULL) { + goto error; + } + + p = ngx_quic_parse_int(p, end, &f->u.max_stream_data.limit); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_DATA_BLOCKED: + + p = ngx_quic_parse_int(p, end, &f->u.data_blocked.limit); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_STREAM_DATA_BLOCKED: + + p = ngx_quic_parse_int(p, end, &f->u.stream_data_blocked.id); + if (p == NULL) { + goto error; + } + + p = ngx_quic_parse_int(p, end, &f->u.stream_data_blocked.limit); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_PATH_CHALLENGE: + + p = ngx_quic_copy_bytes(p, end, 8, f->u.path_challenge.data); + if (p == NULL) { + goto error; + } + + break; + + case NGX_QUIC_FT_PATH_RESPONSE: + + p = ngx_quic_copy_bytes(p, end, 8, f->u.path_response.data); + if (p == NULL) { + goto error; + } + + break; + + default: + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic unknown frame type 0x%xi", f->type); + return NGX_ERROR; + } + + f->level = pkt->level; + + return p - start; + +error: + + pkt->error = NGX_QUIC_ERR_FRAME_ENCODING_ERROR; + + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic failed to parse frame type:0x%xi", f->type); + + return NGX_ERROR; +} + + +static ngx_int_t +ngx_quic_frame_allowed(ngx_quic_header_t *pkt, ngx_uint_t frame_type) +{ + uint8_t ptype; + + /* frame permissions per packet: 4 bits: IH01: 12.4, Table 3 */ + static uint8_t ngx_quic_frame_masks[] = { + /* PADDING */ 0xF, + /* PING */ 0xF, + /* ACK */ 0xD, + /* ACK_ECN */ 0xD, + /* RESET_STREAM */ 0x3, + /* STOP_SENDING */ 0x3, + /* CRYPTO */ 0xD, + /* NEW_TOKEN */ 0x0, /* only sent by server */ + /* STREAM0 */ 0x3, + /* STREAM1 */ 0x3, + /* STREAM2 */ 0x3, + /* STREAM3 */ 0x3, + /* STREAM4 */ 0x3, + /* STREAM5 */ 0x3, + /* STREAM6 */ 0x3, + /* STREAM7 */ 0x3, + /* MAX_DATA */ 0x3, + /* MAX_STREAM_DATA */ 0x3, + /* MAX_STREAMS */ 0x3, + /* MAX_STREAMS2 */ 0x3, + /* DATA_BLOCKED */ 0x3, + /* STREAM_DATA_BLOCKED */ 0x3, + /* STREAMS_BLOCKED */ 0x3, + /* STREAMS_BLOCKED2 */ 0x3, + /* NEW_CONNECTION_ID */ 0x3, + /* RETIRE_CONNECTION_ID */ 0x3, + /* PATH_CHALLENGE */ 0x3, + /* PATH_RESPONSE */ 0x3, +#if (NGX_QUIC_DRAFT_VERSION >= 28) + /* CONNECTION_CLOSE */ 0xF, + /* CONNECTION_CLOSE2 */ 0x3, +#else + /* CONNECTION_CLOSE */ 0xD, + /* CONNECTION_CLOSE2 */ 0x1, +#endif + /* HANDSHAKE_DONE */ 0x0, /* only sent by server */ + }; + + if (ngx_quic_long_pkt(pkt->flags)) { + + if (ngx_quic_pkt_in(pkt->flags)) { + ptype = 8; /* initial */ + + } else if (ngx_quic_pkt_hs(pkt->flags)) { + ptype = 4; /* handshake */ + + } else { + ptype = 2; /* zero-rtt */ + } + + } else { + ptype = 1; /* application data */ + } + + if (ptype & ngx_quic_frame_masks[frame_type]) { + return NGX_OK; + } + + ngx_log_error(NGX_LOG_INFO, pkt->log, 0, + "quic frame type 0x%xi is not " + "allowed in packet with flags 0x%xd", + frame_type, pkt->flags); + + return NGX_DECLINED; +} + + +ssize_t +ngx_quic_parse_ack_range(ngx_log_t *log, u_char *start, u_char *end, + uint64_t *gap, uint64_t *range) +{ + u_char *p; + + p = start; + + p = ngx_quic_parse_int(p, end, gap); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, log, 0, + "quic failed to parse ack frame gap"); + return NGX_ERROR; + } + + p = ngx_quic_parse_int(p, end, range); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, log, 0, + "quic failed to parse ack frame range"); + return NGX_ERROR; + } + + return p - start; +} + + +size_t +ngx_quic_create_ack_range(u_char *p, uint64_t gap, uint64_t range) +{ + size_t len; + u_char *start; + + if (p == NULL) { + len = ngx_quic_varint_len(gap); + len += ngx_quic_varint_len(range); + return len; + } + + start = p; + + ngx_quic_build_int(&p, gap); + ngx_quic_build_int(&p, range); + + return p - start; +} + + +ssize_t +ngx_quic_create_frame(u_char *p, ngx_quic_frame_t *f) +{ + /* + * QUIC-recovery, section 2: + * + * Ack-eliciting Frames: All frames other than ACK, PADDING, and + * CONNECTION_CLOSE are considered ack-eliciting. + */ + f->need_ack = 1; + + switch (f->type) { + case NGX_QUIC_FT_ACK: + f->need_ack = 0; + return ngx_quic_create_ack(p, &f->u.ack, f->data); + + case NGX_QUIC_FT_STOP_SENDING: + return ngx_quic_create_stop_sending(p, &f->u.stop_sending); + + case NGX_QUIC_FT_CRYPTO: + return ngx_quic_create_crypto(p, &f->u.crypto, f->data); + + case NGX_QUIC_FT_HANDSHAKE_DONE: + return ngx_quic_create_hs_done(p); + + case NGX_QUIC_FT_NEW_TOKEN: + return ngx_quic_create_new_token(p, &f->u.token); + + case NGX_QUIC_FT_STREAM0: + case NGX_QUIC_FT_STREAM1: + case NGX_QUIC_FT_STREAM2: + case NGX_QUIC_FT_STREAM3: + case NGX_QUIC_FT_STREAM4: + case NGX_QUIC_FT_STREAM5: + case NGX_QUIC_FT_STREAM6: + case NGX_QUIC_FT_STREAM7: + return ngx_quic_create_stream(p, &f->u.stream, f->data); + + case NGX_QUIC_FT_CONNECTION_CLOSE: + case NGX_QUIC_FT_CONNECTION_CLOSE_APP: + f->need_ack = 0; + return ngx_quic_create_close(p, &f->u.close); + + case NGX_QUIC_FT_MAX_STREAMS: + return ngx_quic_create_max_streams(p, &f->u.max_streams); + + case NGX_QUIC_FT_MAX_STREAM_DATA: + return ngx_quic_create_max_stream_data(p, &f->u.max_stream_data); + + case NGX_QUIC_FT_MAX_DATA: + return ngx_quic_create_max_data(p, &f->u.max_data); + + case NGX_QUIC_FT_PATH_RESPONSE: + return ngx_quic_create_path_response(p, &f->u.path_response); + + case NGX_QUIC_FT_NEW_CONNECTION_ID: + return ngx_quic_create_new_connection_id(p, &f->u.ncid); + + case NGX_QUIC_FT_RETIRE_CONNECTION_ID: + return ngx_quic_create_retire_connection_id(p, &f->u.retire_cid); + + default: + /* BUG: unsupported frame type generated */ + return NGX_ERROR; + } +} + + +static size_t +ngx_quic_create_ack(u_char *p, ngx_quic_ack_frame_t *ack, ngx_chain_t *ranges) +{ + size_t len; + u_char *start; + ngx_buf_t *b; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_ACK); + len += ngx_quic_varint_len(ack->largest); + len += ngx_quic_varint_len(ack->delay); + len += ngx_quic_varint_len(ack->range_count); + len += ngx_quic_varint_len(ack->first_range); + len += ack->ranges_length; + + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_ACK); + ngx_quic_build_int(&p, ack->largest); + ngx_quic_build_int(&p, ack->delay); + ngx_quic_build_int(&p, ack->range_count); + ngx_quic_build_int(&p, ack->first_range); + + while (ranges) { + b = ranges->buf; + p = ngx_cpymem(p, b->pos, b->last - b->pos); + ranges = ranges->next; + } + + return p - start; +} + + +static size_t +ngx_quic_create_stop_sending(u_char *p, ngx_quic_stop_sending_frame_t *ss) +{ + size_t len; + u_char *start; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_STOP_SENDING); + len += ngx_quic_varint_len(ss->id); + len += ngx_quic_varint_len(ss->error_code); + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_STOP_SENDING); + ngx_quic_build_int(&p, ss->id); + ngx_quic_build_int(&p, ss->error_code); + + return p - start; +} + + +static size_t +ngx_quic_create_crypto(u_char *p, ngx_quic_crypto_frame_t *crypto, + ngx_chain_t *data) +{ + size_t len; + u_char *start; + ngx_buf_t *b; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_CRYPTO); + len += ngx_quic_varint_len(crypto->offset); + len += ngx_quic_varint_len(crypto->length); + len += crypto->length; + + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_CRYPTO); + ngx_quic_build_int(&p, crypto->offset); + ngx_quic_build_int(&p, crypto->length); + + while (data) { + b = data->buf; + p = ngx_cpymem(p, b->pos, b->last - b->pos); + data = data->next; + } + + return p - start; +} + + +static size_t +ngx_quic_create_hs_done(u_char *p) +{ + u_char *start; + + if (p == NULL) { + return ngx_quic_varint_len(NGX_QUIC_FT_HANDSHAKE_DONE); + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_HANDSHAKE_DONE); + + return p - start; +} + + +static size_t +ngx_quic_create_new_token(u_char *p, ngx_quic_new_token_frame_t *token) +{ + size_t len; + u_char *start; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_NEW_TOKEN); + len += ngx_quic_varint_len(token->length); + len += token->length; + + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_NEW_TOKEN); + ngx_quic_build_int(&p, token->length); + p = ngx_cpymem(p, token->data, token->length); + + return p - start; +} + + +static size_t +ngx_quic_create_stream(u_char *p, ngx_quic_stream_frame_t *sf, + ngx_chain_t *data) +{ + size_t len; + u_char *start; + ngx_buf_t *b; + + if (p == NULL) { + len = ngx_quic_varint_len(sf->type); + + if (sf->off) { + len += ngx_quic_varint_len(sf->offset); + } + + len += ngx_quic_varint_len(sf->stream_id); + + /* length is always present in generated frames */ + len += ngx_quic_varint_len(sf->length); + + len += sf->length; + + return len; + } + + start = p; + + ngx_quic_build_int(&p, sf->type); + ngx_quic_build_int(&p, sf->stream_id); + + if (sf->off) { + ngx_quic_build_int(&p, sf->offset); + } + + /* length is always present in generated frames */ + ngx_quic_build_int(&p, sf->length); + + while (data) { + b = data->buf; + p = ngx_cpymem(p, b->pos, b->last - b->pos); + data = data->next; + } + + return p - start; +} + + +static size_t +ngx_quic_create_max_streams(u_char *p, ngx_quic_max_streams_frame_t *ms) +{ + size_t len; + u_char *start; + ngx_uint_t type; + + type = ms->bidi ? NGX_QUIC_FT_MAX_STREAMS : NGX_QUIC_FT_MAX_STREAMS2; + + if (p == NULL) { + len = ngx_quic_varint_len(type); + len += ngx_quic_varint_len(ms->limit); + return len; + } + + start = p; + + ngx_quic_build_int(&p, type); + ngx_quic_build_int(&p, ms->limit); + + return p - start; +} + + +static ngx_int_t +ngx_quic_parse_transport_param(u_char *p, u_char *end, uint16_t id, + ngx_quic_tp_t *dst) +{ + uint64_t varint; + ngx_str_t str; + + varint = 0; + ngx_str_null(&str); + + switch (id) { + + case NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION: + /* zero-length option */ + if (end - p != 0) { + return NGX_ERROR; + } + dst->disable_active_migration = 1; + return NGX_OK; + + case NGX_QUIC_TP_MAX_IDLE_TIMEOUT: + case NGX_QUIC_TP_MAX_UDP_PAYLOAD_SIZE: + case NGX_QUIC_TP_INITIAL_MAX_DATA: + case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL: + case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE: + case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI: + case NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI: + case NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI: + case NGX_QUIC_TP_ACK_DELAY_EXPONENT: + case NGX_QUIC_TP_MAX_ACK_DELAY: + case NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT: + + p = ngx_quic_parse_int(p, end, &varint); + if (p == NULL) { + return NGX_ERROR; + } + break; + + case NGX_QUIC_TP_INITIAL_SCID: + + str.len = end - p; + str.data = p; + break; + + default: + return NGX_DECLINED; + } + + switch (id) { + + case NGX_QUIC_TP_MAX_IDLE_TIMEOUT: + dst->max_idle_timeout = varint; + break; + + case NGX_QUIC_TP_MAX_UDP_PAYLOAD_SIZE: + dst->max_udp_payload_size = varint; + break; + + case NGX_QUIC_TP_INITIAL_MAX_DATA: + dst->initial_max_data = varint; + break; + + case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL: + dst->initial_max_stream_data_bidi_local = varint; + break; + + case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE: + dst->initial_max_stream_data_bidi_remote = varint; + break; + + case NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI: + dst->initial_max_stream_data_uni = varint; + break; + + case NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI: + dst->initial_max_streams_bidi = varint; + break; + + case NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI: + dst->initial_max_streams_uni = varint; + break; + + case NGX_QUIC_TP_ACK_DELAY_EXPONENT: + dst->ack_delay_exponent = varint; + break; + + case NGX_QUIC_TP_MAX_ACK_DELAY: + dst->max_ack_delay = varint; + break; + + case NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT: + dst->active_connection_id_limit = varint; + break; + + case NGX_QUIC_TP_INITIAL_SCID: + dst->initial_scid = str; + break; + + default: + return NGX_ERROR; + } + + return NGX_OK; +} + + +ngx_int_t +ngx_quic_parse_transport_params(u_char *p, u_char *end, ngx_quic_tp_t *tp, + ngx_log_t *log) +{ + uint64_t id, len; + ngx_int_t rc; + + while (p < end) { + p = ngx_quic_parse_int(p, end, &id); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, log, 0, + "quic failed to parse transport param id"); + return NGX_ERROR; + } + + switch (id) { + case NGX_QUIC_TP_ORIGINAL_DCID: + case NGX_QUIC_TP_PREFERRED_ADDRESS: + case NGX_QUIC_TP_RETRY_SCID: + case NGX_QUIC_TP_SR_TOKEN: + ngx_log_error(NGX_LOG_INFO, log, 0, + "quic client sent forbidden transport param" + " id:0x%xL", id); + return NGX_ERROR; + } + + p = ngx_quic_parse_int(p, end, &len); + if (p == NULL) { + ngx_log_error(NGX_LOG_INFO, log, 0, + "quic failed to parse" + " transport param id:0x%xL length", id); + return NGX_ERROR; + } + + rc = ngx_quic_parse_transport_param(p, p + len, id, tp); + + if (rc == NGX_ERROR) { + ngx_log_error(NGX_LOG_INFO, log, 0, + "quic failed to parse" + " transport param id:0x%xL data", id); + return NGX_ERROR; + } + + if (rc == NGX_DECLINED) { + ngx_log_error(NGX_LOG_INFO, log, 0, + "quic unknown transport param id:0x%xL, skipped", id); + } + + p += len; + } + + if (p != end) { + ngx_log_error(NGX_LOG_INFO, log, 0, + "quic trailing garbage in" + " transport parameters: bytes:%ui", + end - p); + return NGX_ERROR; + } + + ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0, + "quic transport parameters parsed ok"); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp disable active migration: %ui", + tp->disable_active_migration); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, "quic tp idle_timeout:%ui", + tp->max_idle_timeout); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp max_udp_payload_size:%ui", + tp->max_udp_payload_size); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, "quic tp max_data:%ui", + tp->initial_max_data); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp max_stream_data_bidi_local:%ui", + tp->initial_max_stream_data_bidi_local); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp max_stream_data_bidi_remote:%ui", + tp->initial_max_stream_data_bidi_remote); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp max_stream_data_uni:%ui", + tp->initial_max_stream_data_uni); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp initial_max_streams_bidi:%ui", + tp->initial_max_streams_bidi); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp initial_max_streams_uni:%ui", + tp->initial_max_streams_uni); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp ack_delay_exponent:%ui", + tp->ack_delay_exponent); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, "quic tp max_ack_delay:%ui", + tp->max_ack_delay); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp active_connection_id_limit:%ui", + tp->active_connection_id_limit); + +#if (NGX_QUIC_DRAFT_VERSION >= 28) + ngx_log_debug2(NGX_LOG_DEBUG_EVENT, log, 0, + "quic tp initial source_connection_id len:%uz %xV", + tp->initial_scid.len, &tp->initial_scid); +#endif + + return NGX_OK; +} + + +static size_t +ngx_quic_create_max_stream_data(u_char *p, ngx_quic_max_stream_data_frame_t *ms) +{ + size_t len; + u_char *start; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_MAX_STREAM_DATA); + len += ngx_quic_varint_len(ms->id); + len += ngx_quic_varint_len(ms->limit); + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_MAX_STREAM_DATA); + ngx_quic_build_int(&p, ms->id); + ngx_quic_build_int(&p, ms->limit); + + return p - start; +} + + +static size_t +ngx_quic_create_max_data(u_char *p, ngx_quic_max_data_frame_t *md) +{ + size_t len; + u_char *start; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_MAX_DATA); + len += ngx_quic_varint_len(md->max_data); + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_MAX_DATA); + ngx_quic_build_int(&p, md->max_data); + + return p - start; +} + + +static size_t +ngx_quic_create_path_response(u_char *p, ngx_quic_path_challenge_frame_t *pc) +{ + size_t len; + u_char *start; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_PATH_RESPONSE); + len += sizeof(pc->data); + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_PATH_RESPONSE); + p = ngx_cpymem(p, &pc->data, sizeof(pc->data)); + + return p - start; +} + + +static size_t +ngx_quic_create_new_connection_id(u_char *p, ngx_quic_new_conn_id_frame_t *ncid) +{ + size_t len; + u_char *start; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_NEW_CONNECTION_ID); + len += ngx_quic_varint_len(ncid->seqnum); + len += ngx_quic_varint_len(ncid->retire); + len++; + len += ncid->len; + len += NGX_QUIC_SR_TOKEN_LEN; + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_NEW_CONNECTION_ID); + ngx_quic_build_int(&p, ncid->seqnum); + ngx_quic_build_int(&p, ncid->retire); + *p++ = ncid->len; + p = ngx_cpymem(p, ncid->cid, ncid->len); + p = ngx_cpymem(p, ncid->srt, NGX_QUIC_SR_TOKEN_LEN); + + return p - start; +} + + +static size_t +ngx_quic_create_retire_connection_id(u_char *p, + ngx_quic_retire_cid_frame_t *rcid) +{ + size_t len; + u_char *start; + + if (p == NULL) { + len = ngx_quic_varint_len(NGX_QUIC_FT_RETIRE_CONNECTION_ID); + len += ngx_quic_varint_len(rcid->sequence_number); + return len; + } + + start = p; + + ngx_quic_build_int(&p, NGX_QUIC_FT_RETIRE_CONNECTION_ID); + ngx_quic_build_int(&p, rcid->sequence_number); + + return p - start; +} + + +ssize_t +ngx_quic_create_transport_params(u_char *pos, u_char *end, ngx_quic_tp_t *tp, + size_t *clen) +{ + u_char *p; + size_t len; + +#define ngx_quic_tp_len(id, value) \ + ngx_quic_varint_len(id) \ + + ngx_quic_varint_len(value) \ + + ngx_quic_varint_len(ngx_quic_varint_len(value)) + +#define ngx_quic_tp_vint(id, value) \ + do { \ + ngx_quic_build_int(&p, id); \ + ngx_quic_build_int(&p, ngx_quic_varint_len(value)); \ + ngx_quic_build_int(&p, value); \ + } while (0) + +#define ngx_quic_tp_strlen(id, value) \ + ngx_quic_varint_len(id) \ + + ngx_quic_varint_len(value.len) \ + + value.len + +#define ngx_quic_tp_str(id, value) \ + do { \ + ngx_quic_build_int(&p, id); \ + ngx_quic_build_int(&p, value.len); \ + p = ngx_cpymem(p, value.data, value.len); \ + } while (0) + + p = pos; + + len = ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_DATA, tp->initial_max_data); + + len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI, + tp->initial_max_streams_uni); + + len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI, + tp->initial_max_streams_bidi); + + len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL, + tp->initial_max_stream_data_bidi_local); + + len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE, + tp->initial_max_stream_data_bidi_remote); + + len += ngx_quic_tp_len(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI, + tp->initial_max_stream_data_uni); + + len += ngx_quic_tp_len(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, + tp->max_idle_timeout); + + if (clen) { + *clen = len; + } + + if (tp->disable_active_migration) { + len += ngx_quic_varint_len(NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION); + len += ngx_quic_varint_len(0); + } + + len += ngx_quic_tp_len(NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT, + tp->active_connection_id_limit); + +#if (NGX_QUIC_DRAFT_VERSION >= 28) + len += ngx_quic_tp_strlen(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid); + len += ngx_quic_tp_strlen(NGX_QUIC_TP_INITIAL_SCID, tp->initial_scid); + + if (tp->retry_scid.len) { + len += ngx_quic_tp_strlen(NGX_QUIC_TP_RETRY_SCID, tp->retry_scid); + } +#else + if (tp->original_dcid.len) { + len += ngx_quic_tp_strlen(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid); + } +#endif + + len += ngx_quic_varint_len(NGX_QUIC_TP_SR_TOKEN); + len += ngx_quic_varint_len(NGX_QUIC_SR_TOKEN_LEN); + len += NGX_QUIC_SR_TOKEN_LEN; + + if (pos == NULL) { + return len; + } + + ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_DATA, + tp->initial_max_data); + + ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI, + tp->initial_max_streams_uni); + + ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI, + tp->initial_max_streams_bidi); + + ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL, + tp->initial_max_stream_data_bidi_local); + + ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE, + tp->initial_max_stream_data_bidi_remote); + + ngx_quic_tp_vint(NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI, + tp->initial_max_stream_data_uni); + + ngx_quic_tp_vint(NGX_QUIC_TP_MAX_IDLE_TIMEOUT, + tp->max_idle_timeout); + + if (tp->disable_active_migration) { + ngx_quic_build_int(&p, NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION); + ngx_quic_build_int(&p, 0); + } + + ngx_quic_tp_vint(NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT, + tp->active_connection_id_limit); + +#if (NGX_QUIC_DRAFT_VERSION >= 28) + ngx_quic_tp_str(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid); + ngx_quic_tp_str(NGX_QUIC_TP_INITIAL_SCID, tp->initial_scid); + + if (tp->retry_scid.len) { + ngx_quic_tp_str(NGX_QUIC_TP_RETRY_SCID, tp->retry_scid); + } +#else + if (tp->original_dcid.len) { + ngx_quic_tp_str(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid); + } +#endif + + ngx_quic_build_int(&p, NGX_QUIC_TP_SR_TOKEN); + ngx_quic_build_int(&p, NGX_QUIC_SR_TOKEN_LEN); + p = ngx_cpymem(p, tp->sr_token, NGX_QUIC_SR_TOKEN_LEN); + + return p - pos; +} + + +static size_t +ngx_quic_create_close(u_char *p, ngx_quic_close_frame_t *cl) +{ + size_t len; + u_char *start; + ngx_uint_t type; + + type = cl->app ? NGX_QUIC_FT_CONNECTION_CLOSE_APP + : NGX_QUIC_FT_CONNECTION_CLOSE; + + if (p == NULL) { + len = ngx_quic_varint_len(type); + len += ngx_quic_varint_len(cl->error_code); + + if (!cl->app) { + len += ngx_quic_varint_len(cl->frame_type); + } + + len += ngx_quic_varint_len(cl->reason.len); + len += cl->reason.len; + + return len; + } + + start = p; + + ngx_quic_build_int(&p, type); + ngx_quic_build_int(&p, cl->error_code); + + if (!cl->app) { + ngx_quic_build_int(&p, cl->frame_type); + } + + ngx_quic_build_int(&p, cl->reason.len); + p = ngx_cpymem(p, cl->reason.data, cl->reason.len); + + return p - start; +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/event/quic/ngx_event_quic_transport.h Fri Dec 25 14:01:28 2020 +0300 @@ -0,0 +1,356 @@ + +/* + * Copyright (C) Nginx, Inc. + */ + + +#ifndef _NGX_EVENT_QUIC_WIRE_H_INCLUDED_ +#define _NGX_EVENT_QUIC_WIRE_H_INCLUDED_ + + +#include <ngx_config.h> +#include <ngx_core.h> + + +/* QUIC flags in first byte, see quic-transport 17.2 and 17.3 */ + +#define NGX_QUIC_PKT_LONG 0x80 /* header form */ +#define NGX_QUIC_PKT_FIXED_BIT 0x40 +#define NGX_QUIC_PKT_TYPE 0x30 /* in long packet */ +#define NGX_QUIC_PKT_KPHASE 0x04 /* in short packet */ + +#define ngx_quic_long_pkt(flags) ((flags) & NGX_QUIC_PKT_LONG) +#define ngx_quic_short_pkt(flags) (((flags) & NGX_QUIC_PKT_LONG) == 0) + +/* Long packet types */ +#define NGX_QUIC_PKT_INITIAL 0x00 +#define NGX_QUIC_PKT_ZRTT 0x10 +#define NGX_QUIC_PKT_HANDSHAKE 0x20 +#define NGX_QUIC_PKT_RETRY 0x30 + +#define ngx_quic_pkt_in(flags) \ + (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_INITIAL) +#define ngx_quic_pkt_zrtt(flags) \ + (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_ZRTT) +#define ngx_quic_pkt_hs(flags) \ + (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_HANDSHAKE) +#define ngx_quic_pkt_retry(flags) \ + (((flags) & NGX_QUIC_PKT_TYPE) == NGX_QUIC_PKT_RETRY) + +#define ngx_quic_pkt_rb_mask(flags) \ + (ngx_quic_long_pkt(flags) ? 0x0C : 0x18) +#define ngx_quic_pkt_hp_mask(flags) \ + (ngx_quic_long_pkt(flags) ? 0x0F : 0x1F) + +#define ngx_quic_level_name(lvl) \ + (lvl == ssl_encryption_application) ? "app" \ + : (lvl == ssl_encryption_initial) ? "init" \ + : (lvl == ssl_encryption_handshake) ? "hs" : "early" + + +/* 12.4. Frames and Frame Types */ +#define NGX_QUIC_FT_PADDING 0x00 +#define NGX_QUIC_FT_PING 0x01 +#define NGX_QUIC_FT_ACK 0x02 +#define NGX_QUIC_FT_ACK_ECN 0x03 +#define NGX_QUIC_FT_RESET_STREAM 0x04 +#define NGX_QUIC_FT_STOP_SENDING 0x05 +#define NGX_QUIC_FT_CRYPTO 0x06 +#define NGX_QUIC_FT_NEW_TOKEN 0x07 +#define NGX_QUIC_FT_STREAM0 0x08 +#define NGX_QUIC_FT_STREAM1 0x09 +#define NGX_QUIC_FT_STREAM2 0x0A +#define NGX_QUIC_FT_STREAM3 0x0B +#define NGX_QUIC_FT_STREAM4 0x0C +#define NGX_QUIC_FT_STREAM5 0x0D +#define NGX_QUIC_FT_STREAM6 0x0E +#define NGX_QUIC_FT_STREAM7 0x0F +#define NGX_QUIC_FT_MAX_DATA 0x10 +#define NGX_QUIC_FT_MAX_STREAM_DATA 0x11 +#define NGX_QUIC_FT_MAX_STREAMS 0x12 +#define NGX_QUIC_FT_MAX_STREAMS2 0x13 +#define NGX_QUIC_FT_DATA_BLOCKED 0x14 +#define NGX_QUIC_FT_STREAM_DATA_BLOCKED 0x15 +#define NGX_QUIC_FT_STREAMS_BLOCKED 0x16 +#define NGX_QUIC_FT_STREAMS_BLOCKED2 0x17 +#define NGX_QUIC_FT_NEW_CONNECTION_ID 0x18 +#define NGX_QUIC_FT_RETIRE_CONNECTION_ID 0x19 +#define NGX_QUIC_FT_PATH_CHALLENGE 0x1A +#define NGX_QUIC_FT_PATH_RESPONSE 0x1B +#define NGX_QUIC_FT_CONNECTION_CLOSE 0x1C +#define NGX_QUIC_FT_CONNECTION_CLOSE_APP 0x1D +#define NGX_QUIC_FT_HANDSHAKE_DONE 0x1E + +/* 22.4. QUIC Transport Error Codes Registry */ +/* Keep in sync with ngx_quic_errors[] */ +#define NGX_QUIC_ERR_NO_ERROR 0x00 +#define NGX_QUIC_ERR_INTERNAL_ERROR 0x01 +#define NGX_QUIC_ERR_CONNECTION_REFUSED 0x02 +#define NGX_QUIC_ERR_FLOW_CONTROL_ERROR 0x03 +#define NGX_QUIC_ERR_STREAM_LIMIT_ERROR 0x04 +#define NGX_QUIC_ERR_STREAM_STATE_ERROR 0x05 +#define NGX_QUIC_ERR_FINAL_SIZE_ERROR 0x06 +#define NGX_QUIC_ERR_FRAME_ENCODING_ERROR 0x07 +#define NGX_QUIC_ERR_TRANSPORT_PARAMETER_ERROR 0x08 +#define NGX_QUIC_ERR_CONNECTION_ID_LIMIT_ERROR 0x09 +#define NGX_QUIC_ERR_PROTOCOL_VIOLATION 0x0A +#define NGX_QUIC_ERR_INVALID_TOKEN 0x0B +#define NGX_QUIC_ERR_APPLICATION_ERROR 0x0C +#define NGX_QUIC_ERR_CRYPTO_BUFFER_EXCEEDED 0x0D +#define NGX_QUIC_ERR_KEY_UPDATE_ERROR 0x0E + +#define NGX_QUIC_ERR_LAST 0x0F +#define NGX_QUIC_ERR_CRYPTO_ERROR 0x100 + +#define NGX_QUIC_ERR_CRYPTO(e) (NGX_QUIC_ERR_CRYPTO_ERROR + (e)) + + +/* Transport parameters */ +#define NGX_QUIC_TP_ORIGINAL_DCID 0x00 +#define NGX_QUIC_TP_MAX_IDLE_TIMEOUT 0x01 +#define NGX_QUIC_TP_SR_TOKEN 0x02 +#define NGX_QUIC_TP_MAX_UDP_PAYLOAD_SIZE 0x03 +#define NGX_QUIC_TP_INITIAL_MAX_DATA 0x04 +#define NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_LOCAL 0x05 +#define NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_BIDI_REMOTE 0x06 +#define NGX_QUIC_TP_INITIAL_MAX_STREAM_DATA_UNI 0x07 +#define NGX_QUIC_TP_INITIAL_MAX_STREAMS_BIDI 0x08 +#define NGX_QUIC_TP_INITIAL_MAX_STREAMS_UNI 0x09 +#define NGX_QUIC_TP_ACK_DELAY_EXPONENT 0x0A +#define NGX_QUIC_TP_MAX_ACK_DELAY 0x0B +#define NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION 0x0C +#define NGX_QUIC_TP_PREFERRED_ADDRESS 0x0D +#define NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT 0x0E +#define NGX_QUIC_TP_INITIAL_SCID 0x0F +#define NGX_QUIC_TP_RETRY_SCID 0x10 + +#define NGX_QUIC_CID_LEN_MIN 8 +#define NGX_QUIC_CID_LEN_MAX 20 + +#define NGX_QUIC_MAX_RANGES 10 + + +typedef struct { + uint64_t gap; + uint64_t range; +} ngx_quic_ack_range_t; + + +typedef struct { + uint64_t largest; + uint64_t delay; + uint64_t range_count; + uint64_t first_range; + uint64_t ect0; + uint64_t ect1; + uint64_t ce; + uint64_t ranges_length; +} ngx_quic_ack_frame_t; + + +typedef struct { + uint64_t seqnum; + uint64_t retire; + uint8_t len; + u_char cid[NGX_QUIC_CID_LEN_MAX]; + u_char srt[NGX_QUIC_SR_TOKEN_LEN]; +} ngx_quic_new_conn_id_frame_t; + + +typedef struct { + uint64_t length; + u_char *data; +} ngx_quic_new_token_frame_t; + +/* + * common layout for CRYPTO and STREAM frames; + * conceptually, CRYPTO frame is also a stream + * frame lacking some properties + */ +typedef struct { + uint64_t offset; + uint64_t length; +} ngx_quic_ordered_frame_t; + +typedef ngx_quic_ordered_frame_t ngx_quic_crypto_frame_t; + + +typedef struct { + /* initial fields same as in ngx_quic_ordered_frame_t */ + uint64_t offset; + uint64_t length; + + uint8_t type; + uint64_t stream_id; + unsigned off:1; + unsigned len:1; + unsigned fin:1; +} ngx_quic_stream_frame_t; + + +typedef struct { + uint64_t max_data; +} ngx_quic_max_data_frame_t; + + +typedef struct { + uint64_t error_code; + uint64_t frame_type; + ngx_str_t reason; + ngx_uint_t app; /* unsigned app:1; */ +} ngx_quic_close_frame_t; + + +typedef struct { + uint64_t id; + uint64_t error_code; + uint64_t final_size; +} ngx_quic_reset_stream_frame_t; + + +typedef struct { + uint64_t id; + uint64_t error_code; +} ngx_quic_stop_sending_frame_t; + + +typedef struct { + uint64_t limit; + ngx_uint_t bidi; /* unsigned: bidi:1 */ +} ngx_quic_streams_blocked_frame_t; + + +typedef struct { + uint64_t limit; + ngx_uint_t bidi; /* unsigned: bidi:1 */ +} ngx_quic_max_streams_frame_t; + + +typedef struct { + uint64_t id; + uint64_t limit; +} ngx_quic_max_stream_data_frame_t; + + +typedef struct { + uint64_t limit; +} ngx_quic_data_blocked_frame_t; + + +typedef struct { + uint64_t id; + uint64_t limit; +} ngx_quic_stream_data_blocked_frame_t; + + +typedef struct { + uint64_t sequence_number; +} ngx_quic_retire_cid_frame_t; + + +typedef struct { + u_char data[8]; +} ngx_quic_path_challenge_frame_t; + + +typedef struct ngx_quic_frame_s ngx_quic_frame_t; + +struct ngx_quic_frame_s { + ngx_uint_t type; + enum ssl_encryption_level_t level; + ngx_queue_t queue; + uint64_t pnum; + size_t plen; + ngx_msec_t first; + ngx_msec_t last; + ssize_t len; + ngx_uint_t need_ack; + /* unsigned need_ack:1; */ + + ngx_chain_t *data; + union { + ngx_quic_ack_frame_t ack; + ngx_quic_crypto_frame_t crypto; + ngx_quic_ordered_frame_t ord; + ngx_quic_new_conn_id_frame_t ncid; + ngx_quic_new_token_frame_t token; + ngx_quic_stream_frame_t stream; + ngx_quic_max_data_frame_t max_data; + ngx_quic_close_frame_t close; + ngx_quic_reset_stream_frame_t reset_stream; + ngx_quic_stop_sending_frame_t stop_sending; + ngx_quic_streams_blocked_frame_t streams_blocked; + ngx_quic_max_streams_frame_t max_streams; + ngx_quic_max_stream_data_frame_t max_stream_data; + ngx_quic_data_blocked_frame_t data_blocked; + ngx_quic_stream_data_blocked_frame_t stream_data_blocked; + ngx_quic_retire_cid_frame_t retire_cid; + ngx_quic_path_challenge_frame_t path_challenge; + ngx_quic_path_challenge_frame_t path_response; + } u; +}; + + +typedef struct { + ngx_log_t *log; + + ngx_quic_keys_t *keys; + + ngx_msec_t received; + uint64_t number; + uint8_t num_len; + uint32_t trunc; + uint8_t flags; + uint32_t version; + ngx_str_t token; + enum ssl_encryption_level_t level; + ngx_uint_t error; + + /* filled in by parser */ + ngx_buf_t *raw; /* udp datagram */ + + u_char *data; /* quic packet */ + size_t len; + + /* cleartext fields */ + ngx_str_t odcid; /* retry packet tag */ + ngx_str_t dcid; + ngx_str_t scid; + uint64_t pn; + u_char *plaintext; + ngx_str_t payload; /* decrypted data */ + + unsigned need_ack:1; + unsigned key_phase:1; + unsigned key_update:1; + unsigned parsed:1; + unsigned decrypted:1; +} ngx_quic_header_t; + + +u_char *ngx_quic_error_text(uint64_t error_code); + +ngx_int_t ngx_quic_parse_packet(ngx_quic_header_t *pkt); + +size_t ngx_quic_create_version_negotiation(ngx_quic_header_t *pkt, u_char *out); + +size_t ngx_quic_create_header(ngx_quic_header_t *pkt, u_char *out, + size_t pkt_len, u_char **pnp); + +size_t ngx_quic_create_retry_itag(ngx_quic_header_t *pkt, u_char *out, + u_char **start); + +ssize_t ngx_quic_parse_frame(ngx_quic_header_t *pkt, u_char *start, u_char *end, + ngx_quic_frame_t *frame); +ssize_t ngx_quic_create_frame(u_char *p, ngx_quic_frame_t *f); + +ssize_t ngx_quic_parse_ack_range(ngx_log_t *log, u_char *start, + u_char *end, uint64_t *gap, uint64_t *range); +size_t ngx_quic_create_ack_range(u_char *p, uint64_t gap, uint64_t range); + +ngx_int_t ngx_quic_parse_transport_params(u_char *p, u_char *end, + ngx_quic_tp_t *tp, ngx_log_t *log); +ssize_t ngx_quic_create_transport_params(u_char *p, u_char *end, + ngx_quic_tp_t *tp, size_t *clen); + +#endif /* _NGX_EVENT_QUIC_WIRE_H_INCLUDED_ */