Commit Graph

8228 Commits

Author SHA1 Message Date
Sergey Kandaurov
dab6035d68 HTTP/3: fixed segfault when using SSL certificates with variables.
A QUIC connection doesn't have c->log->data and friends initialized to sensible
values.  Yet, a request can be created in the certificate callback with such an
assumption, which leads to a segmentation fault due to null pointer dereference
in ngx_http_free_request().  The fix is to adjust initializing the QUIC part of
a connection such that it has all of that in place.

Further, this appends logging error context for unsuccessful QUIC handshakes:
- cannot load certificate .. while handling frames
- SSL_do_handshake() failed .. while sending frames
2021-09-29 15:01:59 +03:00
Sergey Kandaurov
1ea6f35fbf Stream: detect "listen .. quic" without TLSv1.3. 2021-09-29 15:01:56 +03:00
Sergey Kandaurov
2765b63216 Fixed mismerge of ssl_reject_handshake in 71b7453fb11f.
In particular, this fixes rejecting "listen .. quic|http3" configurations
without TLSv1.3 configured.
2021-09-29 15:01:53 +03:00
Sergey Kandaurov
4d92aa7957 HTTP/3: fixed server push after ea9b645472b5.
Unlike in HTTP/2, both "host" and ":authority" reside in r->headers_in.server.
2021-09-27 17:42:53 +03:00
Sergey Kandaurov
a5b5b6ca0f QUIC: moved a variable initialization near to its use.
This tends to produce slightly more optimal code with pos == NULL
when built with Clang on low optimization levels.

Spotted by Ruslan Ermilov.
2021-09-27 15:38:55 +03:00
Ruslan Ermilov
f2859767d4 Configure: fixed QUIC support test.
OpenSSL library QUIC support cannot be tested at configure time when
using the --with-openssl option so assume it's present if requested.
While here, fixed the error message in case QUIC support is missing.
2021-09-27 10:10:38 +03:00
Ruslan Ermilov
8ce1c2c7e9 Configure: check for QUIC 0-RTT support at compile time. 2021-09-27 10:10:37 +03:00
Sergey Kandaurov
2cd173d450 HTTP/3: fixed null pointer dereference with server push.
See details for HTTP/2 fix in 8b0553239592 for a complete description.
2021-09-22 14:10:43 +03:00
Roman Arutyunyan
08dcf62f5b HTTP/3: fixed ngx_stat_active counter.
Previously the counter was not incremented for HTTP/3 streams, but still
decremented in ngx_http_close_connection().  There are two solutions here, one
is to increment the counter for HTTP/3 streams, and the other one is not to
decrement the counter for HTTP/3 streams.  The latter solution looks
inconsistent with ngx_stat_reading/ngx_stat_writing, which are incremented on a
per-request basis.  The change adds ngx_stat_active increment for HTTP/3
request and push streams.
2021-09-22 14:08:21 +03:00
Roman Arutyunyan
3ae914c837 HTTP/3: fixed pushed request finalization in case of error.
Previously request could be finalized twice.  For example, this could happen
if "Host" header was invalid.
2021-09-17 15:28:31 +03:00
Sergey Kandaurov
4e2e70b16c QUIC: set NGX_TCP_NODELAY_DISABLED for fake stream connections.
Notably, it is to avoid setting the TCP_NODELAY flag for QUIC streams
in ngx_http_upstream_send_response().  It is an invalid operation on
inherently SOCK_DGRAM sockets, which leads to QUIC connection close.

The change reduces diff to the default branch in stream content phase.
2021-09-22 14:01:18 +03:00
Roman Arutyunyan
b2c8e690ce QUIC: simplified stream fd initialization. 2021-09-21 18:25:26 +03:00
Ruslan Ermilov
af2121267b Configure: USE_OPENSSL_QUIC=YES implies USE_OPENSSL=YES. 2021-09-21 14:46:30 +03:00
Ruslan Ermilov
cafaea71e9 Configure: ordered directories. 2021-09-21 14:46:25 +03:00
Ruslan Ermilov
3321ca0c83 Configure: simplified condition. 2021-09-21 14:46:17 +03:00
Roman Arutyunyan
0f3eb180d2 HTTP/3: make ngx_http_log_error() static again.
This function was only referenced from ngx_http_v3_create_push_request() to
initialize push connection log.  Now the log handler is copied from the parent
request connection.

The change reduces diff to the default branch.
2021-09-17 16:32:23 +03:00
Roman Arutyunyan
00bb4e4b8d QUIC: separate event handling functions.
The functions ngx_quic_handle_read_event() and ngx_quic_handle_write_event()
are added.  Previously this code was a part of ngx_handle_read_event() and
ngx_handle_write_event().

The change simplifies ngx_handle_read_event() and ngx_handle_write_event()
by moving QUIC-related code to a QUIC source file.
2021-09-09 16:55:00 +03:00
Sergey Kandaurov
9d7f2e7917 HTTP/3: added CONNECT and TRACE methods rejection.
It has got lost in e1eb7f4ca9f1, let alone a subsequent update in 63c66b7cc07c.
2021-09-16 13:13:22 +03:00
Ruslan Ermilov
bd89c448b7 Removed NGX_OPENSSL_QUIC macro, NGX_QUIC is enough. 2021-09-14 12:09:13 +03:00
Sergey Kandaurov
10cafa75a4 HTTP/3: added debug logging of response fields.
Because of QPACK compression it's hard to see what fields are actually
sent by the server.
2021-09-13 16:25:37 +03:00
Sergey Kandaurov
bacd7ef0be HTTP/3: Huffman encoding for the Location response field. 2021-09-13 16:25:32 +03:00
Sergey Kandaurov
12cf623bc2 HTTP/3: Huffman encoding for the Last-Modified response field. 2021-09-13 16:25:31 +03:00
Sergey Kandaurov
ee5d927928 HTTP/3: Huffman encoding for the Content-Type response field. 2021-09-13 16:25:23 +03:00
Sergey Kandaurov
0ac1f6fd47 HTTP/3: implemented QPACK Huffman encoding for response fields. 2021-09-13 16:25:08 +03:00
Roman Arutyunyan
590996466c HTTP/3: reading body buffering in filters.
This change follows similar changes in HTTP/1 and HTTP/2 in 9cf043a5d9ca.
2021-09-09 15:47:29 +03:00
Sergey Kandaurov
4208e67e98 QUIC: removed Firefox workaround for trailing zeroes in datagrams.
This became unnecessary after discarding invalid packets since a6784cf32c13.
2021-09-09 19:12:27 +03:00
Ruslan Ermilov
ef94770e16 QUIC: macro style. 2021-09-09 15:40:08 +03:00
Ruslan Ermilov
7a45071cb6 Changed the OpenSSL QUIC support detection.
As was changed in 253cf267f95a.
2021-09-09 15:34:00 +03:00
Sergey Kandaurov
f27686cf38 Merged with the default branch. 2021-09-08 15:53:00 +03:00
Maxim Dounin
97a5029ef4 release-1.21.3 tag 2021-09-07 18:21:03 +03:00
Maxim Dounin
0b65f34ef0 nginx-1.21.3-RELEASE 2021-09-07 18:21:02 +03:00
Roman Arutyunyan
465362e066 QUIC: store QUIC connection fd in stream fake connection.
Previously it had -1 as fd.  This fixes proxying, which relies on downstream
connection having a real fd.  Also, this reduces diff to the default branch for
ngx_close_connection().
2021-09-06 16:59:00 +03:00
Maxim Dounin
243469df65 HTTP/2: optimized processing of small DATA frames.
The request body filter chain is no longer called after processing
a DATA frame.  Instead, we now post a read event to do this.  This
ensures that multiple small DATA frames read during the same event loop
iteration are coalesced together, resulting in much faster processing.

Since rb->buf can now contain unprocessed data, window update is no
longer sent in ngx_http_v2_state_read_data() in case of flow control
being used due to filter buffering.  Instead, window will be updated
by ngx_http_v2_read_client_request_body_handler() in the posted read
event.
2021-09-06 14:54:50 +03:00
Maxim Dounin
584a30b4d5 HTTP/2: fixed timers left after request body reading.
Following rb->filter_need_buffering changes, request body reading is
only finished after the filter chain is called and rb->last_saved is set.
As such, with r->request_body_no_buffering, timer on fc->read is no
longer removed when the last part of the body is received, potentially
resulting in incorrect behaviour.

The fix is to call ngx_http_v2_process_request_body() from the
ngx_http_v2_read_unbuffered_request_body() function instead of
directly calling ngx_http_v2_filter_request_body(), so the timer
is properly removed.
2021-09-06 14:54:48 +03:00
Maxim Dounin
27fb6cdb9f HTTP/2: fixed window updates when buffering in filters.
In the body read handler, the window was incorrectly calculated
based on the full buffer size instead of the amount of free space
in the buffer.  If the request body is buffered by a filter, and
the buffer is not empty after the read event is generated by the
filter to resume request body processing, this could result in
"http2 negative window update" alerts.

Further, in the body ready handler and in ngx_http_v2_state_read_data()
the buffer wasn't cleared when the data were already written to disk,
so the client might stuck without window updates.
2021-09-06 14:54:47 +03:00
Mariano Di Martino
9985ab86bf QUIC: fixed null pointer dereference in MAX_DATA handler.
If a MAX_DATA frame was received before any stream was created, then the worker
process would crash in nginx_quic_handle_max_data_frame() while traversing the
stream tree.  The issue is solved by adding a check that makes sure the tree is
not empty.
2021-09-03 14:23:50 +03:00
Roman Arutyunyan
16557ff8b6 Fixed debug logging. 2021-09-02 12:25:37 +03:00
Roman Arutyunyan
3575f44a17 Version bump. 2021-09-03 17:19:33 +03:00
Sergey Kandaurov
47c993da63 README: HTTP/3 trailers are now supported. 2021-09-01 11:12:23 +03:00
Sergey Kandaurov
72af057584 Merged with the default branch. 2021-09-01 10:57:25 +03:00
Maxim Dounin
a80a0601b9 release-1.21.2 tag 2021-08-31 18:13:47 +03:00
Maxim Dounin
d16245213a nginx-1.21.2-RELEASE 2021-08-31 18:13:46 +03:00
Maxim Dounin
7e1667ca75 Updated OpenSSL used for win32 builds. 2021-08-31 17:54:54 +03:00
Maxim Dounin
15bf6d8cc9 HTTP/2: avoid memcpy() with NULL source and zero length.
Prodded by Clang Static Analyzer.
2021-08-31 16:44:13 +03:00
Sergey Kandaurov
1e8c0d4e06 Give GCC atomics precedence over deprecated Darwin atomic(3).
This allows to build nginx on macOS with -Wdeprecated-declarations.
2021-08-30 14:45:21 +03:00
Maxim Dounin
67d160bf25 Request body: reading body buffering in filters.
If a filter wants to buffer the request body during reading (for
example, to check an external scanner), it can now do so.  To make
it possible, the code now checks rb->last_saved (introduced in the
previous change) along with rb->rest == 0.

Since in HTTP/2 this requires flow control to avoid overflowing the
request body buffer, so filters which need buffering have to set
the rb->filter_need_buffering flag on the first filter call.  (Note
that each filter is expected to call the next filter, so all filters
will be able set the flag if needed.)
2021-08-29 22:22:02 +03:00
Maxim Dounin
2a70921380 Request body: introduced rb->last_saved flag.
It indicates that the last buffer was received by the save filter,
and can be used to check this at higher levels.  To be used in the
following changes.
2021-08-29 22:21:03 +03:00
Maxim Dounin
fd9d43b087 Request body: added alert to catch duplicate body saving.
If due to an error ngx_http_request_body_save_filter() is called
more than once with rb->rest == 0, this used to result in a segmentation
fault.  Added an alert to catch such errors, just in case.
2021-08-29 22:20:54 +03:00
Maxim Dounin
aa02695f5e Request body: missing comments about initialization. 2021-08-29 22:20:49 +03:00
Maxim Dounin
2862eb40e8 HTTP/2: improved handling of preread unbuffered requests.
Previously, fully preread unbuffered requests larger than client body
buffer size were saved to disk, despite the fact that "unbuffered" is
expected to imply no disk buffering.
2021-08-29 22:20:44 +03:00