IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

QUIC draft-28 transport parameters support.

Browse Source 
Draft-27 and draft-28 support can now be enabled interchangeably,
it's based on the compile-time macro NGX_QUIC_DRAFT_VERSION.
This commit is contained in:
Sergey Kandaurov 2020-05-29 15:06:33 +03:00
parent 25f5ab5e2d
commit 7d41fd85b8
5 changed files with 67 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/event/ngx_event_quic.c
View File

@ -426,6 +426,17 @@ ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn,
return 0;
}
#if (NGX_QUIC_DRAFT_VERSION >= 28)
if (qc->scid.len != qc->ctp.initial_scid.len
|| ngx_memcmp(qc->scid.data, qc->ctp.initial_scid.data,
qc->scid.len) != 0)
{
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"quic client initial_source_connection_id mismatch");
return 0;
}
#endif
qc->client_tp_done = 1;
}
}
@ -641,6 +652,9 @@ ngx_quic_new_connection(ngx_connection_t *c, ngx_ssl_t *ssl, ngx_quic_tp_t *tp,
return NGX_ERROR;
}
qc->tp.original_dcid = c->quic->odcid;
qc->tp.initial_scid = c->quic->dcid;
qc->scid.len = pkt->scid.len;
qc->scid.data = ngx_pnalloc(c->pool, qc->scid.len);
if (qc->scid.data == NULL) {
@ -782,7 +796,7 @@ ngx_quic_retry(ngx_connection_t *c)
}
c->quic->token = token;
c->quic->tp.original_connection_id = c->quic->odcid;
c->quic->tp.retry_scid = c->quic->dcid;
c->quic->in_retry = 1;
return NGX_OK;
@ -1483,6 +1497,7 @@ ngx_quic_retry_input(ngx_connection_t *c, ngx_quic_header_t *pkt)
}
qc = c->quic;
qc->tp.initial_scid = c->quic->dcid;
keys = &c->quic->keys[ssl_encryption_initial];

5
src/event/ngx_event_quic.h
View File

@ -12,6 +12,7 @@
#include <ngx_core.h>
/* Supported drafts: 27, 28 */
#define NGX_QUIC_DRAFT_VERSION 27
#define NGX_QUIC_VERSION (0xff000000 + NGX_QUIC_DRAFT_VERSION)
@ -56,7 +57,9 @@ typedef struct {
ngx_uint_t ack_delay_exponent;
ngx_uint_t disable_active_migration;
ngx_uint_t active_connection_id_limit;
ngx_str_t original_connection_id;
ngx_str_t original_dcid;
ngx_str_t initial_scid;
ngx_str_t retry_scid;
ngx_flag_t retry;
u_char token_key[32]; /* AES 256 */

46
src/event/ngx_event_quic_transport.c
View File

@ -1354,6 +1354,10 @@ ngx_quic_parse_transport_param(u_char *p, u_char *end, uint16_t id,
ngx_quic_tp_t *dst)
{
uint64_t varint;
ngx_str_t str;
varint = 0;
ngx_str_null(&str);
switch (id) {
@ -1383,6 +1387,12 @@ ngx_quic_parse_transport_param(u_char *p, u_char *end, uint16_t id,
}
break;
case NGX_QUIC_TP_INITIAL_SCID:
str.len = end - p;
p = ngx_quic_read_bytes(p, end, str.len, &str.data);
break;
default:
return NGX_DECLINED;
}
@ -1433,6 +1443,10 @@ ngx_quic_parse_transport_param(u_char *p, u_char *end, uint16_t id,
dst->active_connection_id_limit = varint;
break;
case NGX_QUIC_TP_INITIAL_SCID:
dst->initial_scid = str;
break;
default:
return NGX_ERROR;
}
@ -1457,8 +1471,9 @@ ngx_quic_parse_transport_params(u_char *p, u_char *end, ngx_quic_tp_t *tp,
}
switch (id) {
case NGX_QUIC_TP_ORIGINAL_CONNECTION_ID:
case NGX_QUIC_TP_ORIGINAL_DCID:
case NGX_QUIC_TP_PREFERRED_ADDRESS:
case NGX_QUIC_TP_RETRY_SCID:
case NGX_QUIC_TP_STATELESS_RESET_TOKEN:
ngx_log_error(NGX_LOG_INFO, log, 0,
"quic client sent forbidden transport param"
@ -1547,6 +1562,11 @@ ngx_quic_parse_transport_params(u_char *p, u_char *end, ngx_quic_tp_t *tp,
"quic tp active_connection_id_limit: %ui",
tp->active_connection_id_limit);
#if (NGX_QUIC_DRAFT_VERSION >= 28)
ngx_quic_hexdump(log, "quic tp initial_source_connection_id:",
tp->initial_scid.data, tp->initial_scid.len);
#endif
return NGX_OK;
}
@ -1650,9 +1670,17 @@ ngx_quic_create_transport_params(u_char *pos, u_char *end, ngx_quic_tp_t *tp)
len += ngx_quic_tp_len(NGX_QUIC_TP_MAX_IDLE_TIMEOUT,
tp->max_idle_timeout);
#if (NGX_QUIC_DRAFT_VERSION >= 28)
len += ngx_quic_tp_strlen(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid);
len += ngx_quic_tp_strlen(NGX_QUIC_TP_INITIAL_SCID, tp->initial_scid);
#endif
if (tp->retry) {
len += ngx_quic_tp_strlen(NGX_QUIC_TP_ORIGINAL_CONNECTION_ID,
tp->original_connection_id);
#if (NGX_QUIC_DRAFT_VERSION >= 28)
len += ngx_quic_tp_strlen(NGX_QUIC_TP_RETRY_SCID, tp->retry_scid);
#else
len += ngx_quic_tp_strlen(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid);
#endif
}
if (pos == NULL) {
@ -1683,9 +1711,17 @@ ngx_quic_create_transport_params(u_char *pos, u_char *end, ngx_quic_tp_t *tp)
ngx_quic_tp_vint(NGX_QUIC_TP_MAX_IDLE_TIMEOUT,
tp->max_idle_timeout);
#if (NGX_QUIC_DRAFT_VERSION >= 28)
ngx_quic_tp_str(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid);
ngx_quic_tp_str(NGX_QUIC_TP_INITIAL_SCID, tp->initial_scid);
#endif
if (tp->retry) {
ngx_quic_tp_str(NGX_QUIC_TP_ORIGINAL_CONNECTION_ID,
tp->original_connection_id);
#if (NGX_QUIC_DRAFT_VERSION >= 28)
ngx_quic_tp_str(NGX_QUIC_TP_RETRY_SCID, tp->retry_scid);
#else
ngx_quic_tp_str(NGX_QUIC_TP_ORIGINAL_DCID, tp->original_dcid);
#endif
}
return p - pos;

4
src/event/ngx_event_quic_transport.h
View File

@ -96,7 +96,7 @@
#define NGX_QUIC_ERR_LAST NGX_QUIC_ERR_CRYPTO_ERROR
/* Transport parameters */
#define NGX_QUIC_TP_ORIGINAL_CONNECTION_ID 0x00
#define NGX_QUIC_TP_ORIGINAL_DCID 0x00
#define NGX_QUIC_TP_MAX_IDLE_TIMEOUT 0x01
#define NGX_QUIC_TP_STATELESS_RESET_TOKEN 0x02
#define NGX_QUIC_TP_MAX_UDP_PAYLOAD_SIZE 0x03
@ -111,6 +111,8 @@
#define NGX_QUIC_TP_DISABLE_ACTIVE_MIGRATION 0x0C
#define NGX_QUIC_TP_PREFERRED_ADDRESS 0x0D
#define NGX_QUIC_TP_ACTIVE_CONNECTION_ID_LIMIT 0x0E
#define NGX_QUIC_TP_INITIAL_SCID 0x0F
#define NGX_QUIC_TP_RETRY_SCID 0x10
#define NGX_QUIC_CID_LEN_MIN 8
#define NGX_QUIC_CID_LEN_MAX 20

4
src/http/v3/ngx_http_v3_module.c
View File

@ -245,7 +245,9 @@ ngx_http_v3_create_srv_conf(ngx_conf_t *cf)
/*
* set by ngx_pcalloc():
* v3cf->quic.original_connection_id = 0;
* v3cf->quic.original_dcid = { 0, NULL };
* v3cf->quic.initial_scid = { 0, NULL };
* v3cf->quic.retry_scid = { 0, NULL };
* v3cf->quic.stateless_reset_token = { 0 }
* conf->quic.preferred_address = NULL
*/