mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2024-12-13 11:09:06 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,171 Commits 21 Branches 568 Tags 87 MiB
3309b1e8df
Commit Graph

7171 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sergey Kandaurov
833a28244f QUIC packet padding to fulfil header protection sample demands. 2020-04-01 13:27:42 +03:00
Sergey Kandaurov
e9d67086c7 Improved SSL_do_handshake() error handling in QUIC. 
It can either return a recoverable SSL_ERROR_WANT_READ or fatal errors.
 2020-04-01 13:27:42 +03:00
Sergey Kandaurov
86029005a5 Style. 2020-04-01 13:27:41 +03:00
Vladimir Homutov
c3b7927e24 Removed unused field from ngx_quic_header_t. 2020-03-31 13:13:12 +03:00
Sergey Kandaurov
4502e5b1e9 HTTP/3: http3 variable. 2020-03-28 18:41:31 +03:00
Sergey Kandaurov
7a0b840c51 HTTP/3: static table cleanup. 2020-03-28 18:02:20 +03:00
Roman Arutyunyan
fa1e1beadc Parsing HTTP/3 request body. 2020-03-27 19:41:06 +03:00
Roman Arutyunyan
84a7835015 Fixed handling QUIC stream eof. 
Set r->pending_eof flag for a new QUIC stream with the fin bit.  Also, keep
r->ready set when r->pending_eof is set and buffer is empty.
 2020-03-27 10:02:45 +03:00
Roman Arutyunyan
89a6a4f198 Push QUIC stream frames in send() and cleanup handler. 2020-03-27 19:08:24 +03:00
Roman Arutyunyan
80a38580bd Chunked response body in HTTP/3. 2020-03-27 19:46:54 +03:00
Roman Arutyunyan
81f7cff632 Fixed buffer overflow. 2020-03-27 15:50:42 +03:00
Sergey Kandaurov
3fbdc04072 Unbreak sending CONNECTION_CLOSE from the send_alert callback. 2020-03-27 12:52:08 +03:00
Vladimir Homutov
41a8b8d392 Merged ngx_quic_send_packet() into ngx_quic_send_frames(). 
This allows to avoid extra allocation and use two static buffers instead.
Adjusted maximum paket size calculation: need to account a tag.
 2020-03-26 18:29:38 +03:00
Vladimir Homutov
7d408f1bba Got rid of memory allocation in decryption. 
Static buffers are used instead in functions where decryption takes place.

The pkt->plaintext points to the beginning of a static buffer.
The pkt->payload.data points to decrypted data actual start.
 2020-03-26 16:54:46 +03:00
Vladimir Homutov
7c6e6426c6 Logging cleanup. 
pool->log is replaced with pkt->log or explicit argument passing where
possible.
 2020-03-26 13:54:49 +03:00
Roman Arutyunyan
d71df64e9a QUIC frames reuse. 2020-03-25 23:40:50 +03:00
Vladimir Homutov
715d8a250b Removed memory allocations from encryption code. 
+ ngx_quic_encrypt():
     - no longer accepts pool as argument
     - pkt is 1st arg
     - payload is passed as pkt->payload
     - performs encryption to the specified static buffer

 + ngx_quic_create_long/short_packet() functions:
    - single buffer for everything, allocated by caller
    - buffer layout is: [ ad | payload | TAG ]
      the result is in the beginning of buffer with proper length
    - nonce is calculated on stack
    - log is passed explicitly, pkt is 1st arg
    - no more allocations inside

 + ngx_quic_create_long_header():
    - args changed: no need to pass str_t

 + added ngx_quic_create_short_header()
 2020-03-26 12:11:50 +03:00
Roman Arutyunyan
bcd54c2643 Fixed QUIC stream insert and find. 2020-03-25 14:05:40 +03:00
Roman Arutyunyan
dbf1b41cfb Simplifed handling HTTP/3 streams. 2020-03-25 12:14:24 +03:00
Roman Arutyunyan
95f439630b Safe QUIC stream creation. 2020-03-25 12:56:21 +03:00
Roman Arutyunyan
a0a2e0de1d When closing a QUIC connection, wait for all streams to finish. 
Additionally, streams are now removed from the tree in cleanup handler.
 2020-03-24 18:05:45 +03:00
Roman Arutyunyan
f75e4e3fef Removed ngx_quic_stream_node_t. 
Now ngx_quic_stream_t is directly inserted into the tree.
 2020-03-24 16:38:03 +03:00
Roman Arutyunyan
061a42d966 Implemented eof in QUIC streams. 2020-03-24 13:49:42 +03:00
Vladimir Homutov
c5505648d7 Fixed log initialization. 
Should be done after memzero.
 2020-03-25 19:42:00 +03:00
Sergey Kandaurov
685e7d1451 Advertise our max_idle_timeout in transport parameters. 
So we can easily tune how soon client would decide to close a connection.
 2020-03-24 22:12:52 +03:00
Sergey Kandaurov
d8d42e29e7 QUIC streams don't need filter_need_in_memory after 7f0981be07c4. 
Now they inherit c->ssl always enabled from the main connection,
which makes r->main_filter_need_in_memory set for them.
 2020-03-24 19:17:57 +03:00
Vladimir Homutov
8c26e1d148 Logging cleanup. 
+ Client-related errors (i.e. parsing) are done at INFO level
 + c->log->action is updated through the process of receiving, parsing.
   handling packet/payload and generating frames/output.
 2020-03-24 17:03:39 +03:00
Vladimir Homutov
780f4f660c Added QUIC version check for sending HANDSHAKE_DONE frame. 2020-03-24 12:15:39 +03:00
Vladimir Homutov
57544f7589 Implemented sending HANDSHAKE_DONE frame after handshake. 
This makes it possible to switch to draft 27 by default.
 2020-03-24 11:59:14 +03:00
Sergey Kandaurov
f20af3dabc Fixed client certificate verification. 
For ngx_http_process_request() part to work, this required to set both
r->http_connection->ssl and c->ssl on a QUIC stream.  To avoid damaging
global SSL object, ngx_ssl_shutdown() is managed to ignore QUIC streams.
 2020-03-23 20:48:34 +03:00
Roman Arutyunyan
5ac5e51fdf Respect QUIC max_idle_timeout. 2020-03-23 21:20:20 +03:00
Roman Arutyunyan
9975b088bb Allow ngx_queue_frame() to insert frame in the front. 
Previously a frame could only be inserted after the first element of the list.
 2020-03-23 19:42:09 +03:00
Roman Arutyunyan
ede2656c60 Support for HTTP/3 ALPN. 
This is required by Chrome.
 2020-03-23 19:26:24 +03:00
Roman Arutyunyan
77a4c2d172 Put zero in 'First ACK Range' when acknowledging one packet. 
This fixes Chrome CONNECTION_ID_LIMIT_ERROR with the reason:
"Underflow with first ack block length 2 largest acked is 1".
 2020-03-23 15:32:24 +03:00
Roman Arutyunyan
f4562d7ed9 Avoid using QUIC connection after CONNECTION_CLOSE. 2020-03-23 19:19:44 +03:00
Roman Arutyunyan
3fa1dec9c7 Better flow control and buffering for QUIC streams. 2020-03-23 15:49:31 +03:00
Roman Arutyunyan
72b0a1b32a Limit output QUIC packets with client max_packet_size. 
Additionally, receive larger packets than 512 bytes.
 2020-03-23 18:47:17 +03:00
Sergey Kandaurov
280c18bdce Fixed received ACK fields order in debug logging. 2020-03-23 18:20:42 +03:00
Vladimir Homutov
5018d9eecc Connection states code cleanup. 
+ ngx_quic_init_ssl_methods() is no longer there, we setup methods on SSL
   connection directly.

 + the handshake_handler is actually a generic quic input handler

 + updated c->log->action and debug to reflect changes and be more informative

 + c->quic is always set in ngx_quic_input()

 + the quic connection state is set by the results of SSL_do_handshake();
 2020-03-23 14:53:04 +03:00
Vladimir Homutov
b3129b46f6 Skip unknown transport parameters. 2020-03-23 12:57:24 +03:00
Vladimir Homutov
6a3a0ee19f Add unsupported version into log. 
This makes it easier to understand what client wants.
 2020-03-23 10:57:28 +03:00
Vladimir Homutov
4490aefa70 Added processing of client transport parameters. 
note:
 + parameters are available in SSL connection since they are obtained by ssl
   stack

quote:
   During connection establishment, both endpoints make authenticated
   declarations of their transport parameters.  These declarations are
   made unilaterally by each endpoint.

and really, we send our parameters before we read client's.

no handling of incoming parameters is made by this patch.
 2020-03-21 20:51:59 +03:00
Sergey Kandaurov
de095d5f1d Fixed CRYPTO offset generation. 2020-03-22 12:15:54 +03:00
Sergey Kandaurov
ccb0049e3f Closing connection on NGX_QUIC_FT_CONNECTION_CLOSE. 2020-03-22 11:35:15 +03:00
Vladimir Homutov
63e6c9349e Implemented parsing of remaining frame types. 2020-03-21 20:49:55 +03:00
Sergey Kandaurov
2af37e507d Fixed parsing NGX_QUIC_FT_CONNECTION_CLOSE. 2020-03-21 19:45:24 +03:00
Sergey Kandaurov
79e49c2a16 Fixed buffer overrun in create_transport_params() with -24. 
It writes 16-bit prefix as designed, but length calculation assumed varint.
 2020-03-21 19:22:39 +03:00
Sergey Kandaurov
4764ef1590 Fixed build with macOS's long long abomination. 2020-03-21 18:44:10 +03:00
Roman Arutyunyan
0f77eac8af Removed unused variable. 2020-03-20 23:49:42 +03:00
Vladimir Homutov
b26d5deae4 Removed unused variable. 2020-03-20 20:39:41 +03:00