Commit Graph

7807 Commits

Author SHA1 Message Date
Vladimir Homutov
53d47318c5 Sorted functions and functions declarations. 2020-04-14 16:30:41 +03:00
Vladimir Homutov
9542c975b7 Added reordering support for STREAM frames.
Each stream node now includes incoming frames queue and sent/received counters
for tracking offset. The sent counter is not used, c->sent is used, not like
in crypto buffers, which have no connections.
2020-04-15 11:11:54 +03:00
Maxim Dounin
01efecb795 Updated OpenSSL used for win32 builds. 2020-04-14 15:15:16 +03:00
Vladimir Homutov
081682cd3c Crypto buffer frames reordering.
If offset in CRYPTO frame doesn't match expected, following actions are taken:
    a) Duplicate frames or frames within [0...current offset] are ignored
    b) New data from intersecting ranges (starts before current_offset, ends
       after) is consumed
    c) "Future" frames are stored in a sorted queue (min offset .. max offset)

Once a frame is consumed, current offset is updated and the queue is inspected:
    we iterate the queue until the gap is found and act as described
    above for each frame.

The amount of data in buffered frames is limited by corresponding macro.

The CRYPTO and STREAM frame structures are now compatible: they share
the same set of initial fields.  This allows to have code that deals with
both of this frames.

The ordering layer now processes the frame with offset and invokes the
handler when it can organise an ordered stream of data.
2020-04-14 12:16:25 +03:00
Vladimir Homutov
76e99f668d Cleaned up magic numbers in ngx_quic_output_frames(). 2020-04-13 14:57:58 +03:00
Vladimir Homutov
fbf6494f5f Rename types and variables used for packet number space.
Quote: Conceptually, a packet number space is the context in which a packet
       can be processed and acknowledged.

ngx_quic_namespace_t => ngx_quic_send_ctx_t
qc->ns               => qc->send_ctx
ns->largest          => send_ctx->largest_ack

The ngx_quic_ns(level) macro now returns pointer, not just index:
    ngx_quic_get_send_ctx(c->quic, level)

ngx_quic_retransmit_ns() => ngx_quic_retransmit()
ngx_quic_output_ns() => ngx_quic_output_frames()
2020-04-14 12:06:32 +03:00
Sergey Kandaurov
987a1216e7 Merged with the default branch. 2020-04-14 19:35:20 +03:00
Roman Arutyunyan
b77fd3dc58 HTTP/3: fixed reading request body. 2020-04-13 17:54:23 +03:00
Ruslan Ermilov
b82c08f610 The new auth_delay directive for delaying unauthorized requests.
The request processing is delayed by a timer.  Since nginx updates
internal time once at the start of each event loop iteration, this
normally ensures constant time delay, adding a mitigation from
time-based attacks.

A notable exception to this is the case when there are no additional
events before the timer expires.  To ensure constant-time processing
in this case as well, we trigger an additional event loop iteration
by posting a dummy event for the next event loop iteration.
2020-04-08 01:02:17 +03:00
Vladimir Homutov
c64a3939e4 Added basic offset support in client CRYPTO frames.
The offset in client CRYPTO frames is tracked in c->quic->crypto_offset_in.
This means that CRYPTO frames with non-zero offset are now accepted making
possible to finish handshake with client certificates that exceed max packet
size (if no reordering happens).

The c->quic->crypto_offset field is renamed to crypto_offset_out to avoid
confusion with tracking of incoming CRYPTO stream.
2020-04-07 15:50:38 +03:00
Sergey Kandaurov
f540602ad2 Fixed build with OpenSSL using old callbacks API. 2020-04-07 12:54:34 +03:00
Vladimir Homutov
35878c3796 ACK ranges processing.
+ since number of ranges in unknown, provide a function to parse them once
   again in handler to avoid memory allocation

 + ack handler now processes all ranges, not only the first

 + ECN counters are parsed and saved into frame if present
2020-04-06 16:19:26 +03:00
Vladimir Homutov
1c9ddadd76 Ignore non-yet-implemented frames.
Such frames are grouped together in a switch and just ignored, instead of
closing the connection  This may improve test coverage.  All such frames
require acknowledgment.
2020-04-06 11:16:45 +03:00
Vladimir Homutov
757b3e7bcf Added check for SSL_get_current_cipher() results.
The function may return NULL and result need to be checked before use.
2020-04-04 22:25:41 +03:00
Vladimir Homutov
61aa190cfb Added a bit more debugging in STREAM frame parser. 2020-04-06 11:17:14 +03:00
Vladimir Homutov
5b41275219 Do not set timers after the connection is closed.
The qc->closing flag is set when a connection close is initiated for the first
time.

No timers will be set if the flag is active.

TODO: this is a temporary solution to avoid running timer handlers after
connection (and it's pool) was destroyed.  It looks like currently we have
no clear policy of connection closing in regard to timers.
2020-04-04 22:27:29 +03:00
Sergey Kandaurov
3f3315aea6 Discarding Handshake packets if no Handshake keys yet.
Found with a previously received Initial packet with ACK only, which
instantiates a new connection but do not produce the handshake keys.

This can be triggered by a fairly well behaving client, if the server
stands behind a load balancer that stripped Initial packets exchange.

Found by F5 test suite.
2020-04-06 14:54:10 +03:00
Sergey Kandaurov
cc704a8c31 Rejecting new connections with non-zero Initial packet. 2020-04-06 14:54:10 +03:00
Sergey Kandaurov
1381982aaa TLS Key Update in QUIC.
Old keys retention is yet to be implemented.
2020-04-06 14:54:08 +03:00
Sergey Kandaurov
3b77fb705b Removed excessive debugging in QUIC packet creation.
While here, eliminated further difference in between.
2020-04-04 17:34:39 +03:00
Sergey Kandaurov
671ed4b3b1 Logging of packet numbers in QUIC packet creation. 2020-04-04 17:34:04 +03:00
Vladimir Homutov
4cfc98c63f Removed unneccesary milliseconds conversion. 2020-04-03 16:33:59 +03:00
Vladimir Homutov
b3300b5220 Proper handling of packet number in header.
- fixed setting of largest received packet number.
 - sending properly truncated packet number
 - added support for multi-byte packet number
2020-04-03 14:02:16 +03:00
Sergey Kandaurov
b4719e8ea4 Advertizing MAX_STREAMS (0x12) credit in advance.
This makes sending large number of bidirectional stream work within ngtcp2,
which doesn't bother sending optional STREAMS_BLOCKED when exhausted.

This also introduces tracking currently opened and maximum allowed streams.
2020-04-03 13:49:44 +03:00
Sergey Kandaurov
569da72e4b Fixed computing nonce again, by properly shifting packet number. 2020-04-03 13:49:40 +03:00
Vladimir Homutov
723c276a7b Fixed missing propagation of need_ack flag from frames to packet. 2020-04-03 09:53:51 +03:00
Vladimir Homutov
932bfe7b36 Fixed excessive push timer firing.
The timer is set when an output frame is generated; there is no need to arm
it after it was fired.
2020-04-02 14:53:01 +03:00
Sergey Kandaurov
9c8a7a52e1 Fixed computing nonce by xoring all packet number bytes.
Previously, the stub worked only with pnl=0.
2020-04-02 11:40:25 +03:00
Vladimir Homutov
01bddf4533 Output buffering.
Currently, the output is called periodically, each 200 ms to invoke
ngx_quic_output() that will push all pending frames into packets.

TODO: implement flags a-là Nagle & co (NO_DELAY/NO_PUSH...)
2020-04-01 17:09:11 +03:00
Vladimir Homutov
7b1a3df37c Implemented retransmission and retransmit queue.
All frames collected to packet are moved into a per-namespace send queue.
QUIC connection has a timer which fires on the closest max_ack_delay time.
The frame is deleted from the queue when a corresponding packet is acknowledged.

The NGX_QUIC_MAX_RETRANSMISSION is a timeout that defines maximum length
of retransmission of a frame.
2020-04-01 17:06:26 +03:00
Vladimir Homutov
d7eeb2e30b Introduced packet namespace in QUIC connection.
The structure contains all data that is related to the namespace:
packet number and output queue (next patch).
2020-04-01 14:31:08 +03:00
Vladimir Homutov
9595417396 Refactored QUIC secrets storage.
The quic->keys[4] array now contains secrets related to the corresponding
encryption level.  All protection-level functions get proper keys and do
not need to switch manually between levels.
2020-04-01 14:25:25 +03:00
Vladimir Homutov
c6859361e3 Added missing debug description. 2020-04-01 17:21:52 +03:00
Sergey Kandaurov
6abff71fc4 TLS Early Data support. 2020-04-01 13:27:42 +03:00
Sergey Kandaurov
140a89ce01 TLS Early Data key derivation support. 2020-04-01 13:27:42 +03:00
Sergey Kandaurov
22671b37e3 Sending HANDSHAKE_DONE just once with BoringSSL.
If early data is accepted, SSL_do_handshake() completes as soon as ClientHello
is processed.  SSL_in_init() will report the handshake is still in progress.
2020-04-01 13:27:42 +03:00
Sergey Kandaurov
833a28244f QUIC packet padding to fulfil header protection sample demands. 2020-04-01 13:27:42 +03:00
Sergey Kandaurov
e9d67086c7 Improved SSL_do_handshake() error handling in QUIC.
It can either return a recoverable SSL_ERROR_WANT_READ or fatal errors.
2020-04-01 13:27:42 +03:00
Sergey Kandaurov
86029005a5 Style. 2020-04-01 13:27:41 +03:00
Vladimir Homutov
c3b7927e24 Removed unused field from ngx_quic_header_t. 2020-03-31 13:13:12 +03:00
Sergey Kandaurov
4502e5b1e9 HTTP/3: http3 variable. 2020-03-28 18:41:31 +03:00
Sergey Kandaurov
7a0b840c51 HTTP/3: static table cleanup. 2020-03-28 18:02:20 +03:00
Roman Arutyunyan
fa1e1beadc Parsing HTTP/3 request body. 2020-03-27 19:41:06 +03:00
Roman Arutyunyan
84a7835015 Fixed handling QUIC stream eof.
Set r->pending_eof flag for a new QUIC stream with the fin bit.  Also, keep
r->ready set when r->pending_eof is set and buffer is empty.
2020-03-27 10:02:45 +03:00
Roman Arutyunyan
89a6a4f198 Push QUIC stream frames in send() and cleanup handler. 2020-03-27 19:08:24 +03:00
Roman Arutyunyan
80a38580bd Chunked response body in HTTP/3. 2020-03-27 19:46:54 +03:00
Roman Arutyunyan
81f7cff632 Fixed buffer overflow. 2020-03-27 15:50:42 +03:00
Sergey Kandaurov
3fbdc04072 Unbreak sending CONNECTION_CLOSE from the send_alert callback. 2020-03-27 12:52:08 +03:00
Vladimir Homutov
41a8b8d392 Merged ngx_quic_send_packet() into ngx_quic_send_frames().
This allows to avoid extra allocation and use two static buffers instead.
Adjusted maximum paket size calculation: need to account a tag.
2020-03-26 18:29:38 +03:00
Vladimir Homutov
7d408f1bba Got rid of memory allocation in decryption.
Static buffers are used instead in functions where decryption takes place.

The pkt->plaintext points to the beginning of a static buffer.
The pkt->payload.data points to decrypted data actual start.
2020-03-26 16:54:46 +03:00