Commit Graph

7193 Commits

Author SHA1 Message Date
Roman Arutyunyan
5727f9a1e0 OCSP: certificate status cache.
When enabled, certificate status is stored in cache and is used to validate
the certificate in future requests.

New directive ssl_ocsp_cache is added to configure the cache.
2020-05-22 17:25:27 +03:00
Roman Arutyunyan
60438ae395 SSL: client certificate validation with OCSP (ticket #1534).
OCSP validation for client certificates is enabled by the "ssl_ocsp" directive.
OCSP responder can be optionally specified by "ssl_ocsp_responder".

When session is reused, peer chain is not available for validation.
If the verified chain contains certificates from the peer chain not available
at the server, validation will fail.
2020-05-22 17:30:12 +03:00
Roman Arutyunyan
aa94ee82f6 OCSP stapling: iterate over all responder addresses.
Previously only the first responder address was used per each stapling update.
Now, in case of a network or parsing error, next address is used.

This also fixes the issue with unsupported responder address families
(ticket #1330).
2020-05-22 20:35:05 +03:00
Roman Arutyunyan
abdb9aebc6 OCSP stapling: keep extra chain in the staple object. 2020-05-17 14:24:35 +03:00
Roman Arutyunyan
097d8a87b3 HTTP/3: reallocate strings inserted into the dynamic table.
They should always be allocated from the main QUIC connection pool.
2020-05-14 16:02:32 +03:00
Roman Arutyunyan
94764fda6e Fixed client buffer reallocation for HTTP/3.
Preserving pointers within the client buffer is not needed for HTTP/3 because
all data is either allocated from pool or static.  Unlike with HTTP/1, data
typically cannot be referenced directly within the client buffer.  Trying to
preserve NULLs or external pointers lead to broken pointers.

Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant
for HTTP/3 to minimize diff to mainstream.
2020-05-19 16:20:33 +03:00
Roman Arutyunyan
d6b6b6dfc5 Fixed $request_length for HTTP/3.
New field r->parse_start is introduced to substitute r->request_start and
r->header_name_start for request length accounting.  These fields only work for
this purpose in HTTP/1 because HTTP/1 request line and header line start with
these values.

Also, error logging is now fixed to output the right part of the request.
2020-05-19 15:47:37 +03:00
Roman Arutyunyan
d25937c2b5 HTTP/3: restricted symbols in header names.
As per HTTP/3 draft 27, a request or response containing uppercase header
field names MUST be treated as malformed.  Also, existing rules applied
when parsing HTTP/1 header names are also applied to HTTP/3 header names:

- null character is not allowed
- underscore character may or may not be treated as invalid depending on the
  value of "underscores_in_headers"
- all non-alphanumeric characters with the exception of '-' are treated as
  invalid

Also, the r->locase_header field is now filled while parsing an HTTP/3
header.

Error logging for invalid headers is fixed as well.
2020-05-19 15:34:00 +03:00
Roman Arutyunyan
6abb50658f HTTP/3: split header parser in two functions.
The first one parses pseudo-headers and is analagous to the request line
parser in HTTP/1.  The second one parses regular headers and is analogous to
the header parser in HTTP/1.

Additionally, error handling of client passing malformed uri is now fixed.
2020-05-19 15:29:10 +03:00
Roman Arutyunyan
d69f678e9c HTTP/3: move body parser call out of ngx_http_parse_chunked().
The function ngx_http_parse_chunked() is also called from the proxy module to
parse the upstream response.  It should always parse HTTP/1 body in this case.
2020-05-14 14:49:53 +03:00
Roman Arutyunyan
1c54340e0a HTTP/3: prevent array access by negative index for unknown streams.
Currently there are no such streams, but the function
ngx_http_v3_get_uni_stream() supports them.
2020-05-19 15:41:41 +03:00
Sergey Kandaurov
e0eb261b83 README: documented Retry, 0-RTT, TLSv1.3 configuration. 2020-05-23 14:41:08 +03:00
Vladimir Homutov
74564bdd0d Style.
Rephrased error message and removed trailing space.  Long comments were
shortened/rephrased.
2020-05-21 15:48:39 +03:00
Vladimir Homutov
57696b56e9 Added sending of extra CONNECTION_CLOSE frames.
According to quic-transport draft 28 section 10.3.1:

   When sending CONNECTION_CLOSE, the goal is to ensure that the peer
   will process the frame.  Generally, this means sending the frame in a
   packet with the highest level of packet protection to avoid the
   packet being discarded.  After the handshake is confirmed (see
   Section 4.1.2 of [QUIC-TLS]), an endpoint MUST send any
   CONNECTION_CLOSE frames in a 1-RTT packet.  However, prior to
   confirming the handshake, it is possible that more advanced packet
   protection keys are not available to the peer, so another
   CONNECTION_CLOSE frame MAY be sent in a packet that uses a lower
   packet protection level.
2020-05-22 18:14:35 +03:00
Vladimir Homutov
76605fa07a Added more context to CONNECTION CLOSE frames.
Now it is possible to specify frame type that caused an error
and a human-readable reason phrase.
2020-05-22 18:08:02 +03:00
Vladimir Homutov
4444320473 Fixed retransmission of frames after closing connection.
Frames in sent queues are discarded, as no acknowledgment is expected
if the connection is closing.
2020-05-21 15:41:01 +03:00
Vladimir Homutov
7e0314de24 Avoided excessive definitions for connection state.
There is no need in a separate type for the QUIC connection state.
The only state not found in the SSL library is NGX_QUIC_ST_UNAVAILABLE,
which is actually a flag used by the ngx_quic_close_quic() function
to prevent cleanup of uninitialized connection.
2020-05-21 15:38:52 +03:00
Sergey Kandaurov
089bc0baf4 README: pointed out Alt-Svc "ma" parameter useful with curl. 2020-05-22 18:22:00 +03:00
Vladimir Homutov
c19b7b6b1a Fixed a typo. 2020-05-22 18:16:34 +03:00
Sergey Kandaurov
51e4e31a8d Assorted fixes.
Found by Clang Static Analyzer.
2020-05-20 15:36:24 +03:00
Vladimir Homutov
04efd355aa Avoid retransmitting of packets with discarded keys.
Sections 4.10.1 and 4.10.2 of quic transport describe discarding of initial
and handshake keys.  Since the keys are discarded, we no longer need
to retransmit packets and corresponding queues should be emptied.

This patch removes previously added workaround that did not require
acknowledgement for initial packets, resulting in avoiding retransmission,
which is wrong because a packet could be lost and we have to retransmit it.
2020-05-18 13:54:53 +03:00
Vladimir Homutov
0041c3f6b7 Fixed frame retransmissions.
It was possible that retransmit timer was not set after the first
retransmission attempt, due to ngx_quic_retransmit() did not set
wait time properly, and the condition in retransmit handler was incorrect.
2020-05-18 13:54:35 +03:00
Vladimir Homutov
92df22200e Removed outdated debug. 2020-05-14 18:10:53 +03:00
Vladimir Homutov
d6887ac1f0 Fixed a typo. 2020-05-14 17:22:29 +03:00
Sergey Kandaurov
50123aec3a README: Retry support, protocol error messages implemented. 2020-05-14 16:33:46 +03:00
Vladimir Homutov
6f7477f6c6 Fixed time comparison. 2020-05-12 18:45:44 +03:00
Vladimir Homutov
5ccda6882e Added tests for connection id lengths in initial packet. 2020-05-14 14:49:28 +03:00
Vladimir Homutov
d4f9bba111 Discard packets without fixed bit or reserved bits set.
Section 17.2 and 17.3 of QUIC transport:

Fixed bit: Packets containing a zero value for this bit are not
valid packets in this version and MUST be discarded.

Reserved bit: An endpoint MUST treat receipt of a packet that has
a non-zero value for these bits, after removing both packet and
header protection, as a connection error of type PROTOCOL_VIOLATION.
2020-05-14 01:06:45 +03:00
Vladimir Homutov
cb316c5f58 Added generation of CC frames with error on connection termination.
When an error occurs, then c->quic->error field may be populated
with an appropriate error code, and the CONNECTION CLOSE frame will be
sent to the peer before the connection is closed.  Otherwise, the error
treated as internal and INTERNAL_ERROR code is sent.

The pkt->error field is populated by functions processing packets to
indicate an error when it does not fit into pass/fail return status.
2020-05-14 15:54:45 +03:00
Sergey Kandaurov
9b1800d09a Address validation using NEW_TOKEN frame. 2020-05-14 15:47:24 +03:00
Sergey Kandaurov
ad2289e70e Address validation using Retry packets.
The behaviour is toggled with the new directive "quic_retry on|off".
QUIC token construction is made suitable for issuing with NEW_TOKEN.
2020-05-14 15:47:18 +03:00
Sergey Kandaurov
d35eebede2 Server CID change refactored. 2020-05-13 18:34:34 +03:00
Sergey Kandaurov
a0cc9398ed Preserve original DCID and unbreak parsing 0-RTT packets.
As per QUIC transport, the first flight of 0-RTT packets obviously uses same
Destination and Source Connection ID values as the client's first Initial.

The fix is to match 0-RTT against original DCID after it has been switched.
2020-05-12 18:18:58 +03:00
Sergey Kandaurov
7ab07b3409 Removed redundant long packet type checks. 2020-05-09 17:41:07 +03:00
Sergey Kandaurov
13fb3fbd67 Removed redundant SSL_do_handshake call before any handshake data. 2020-05-09 17:39:47 +03:00
Vladimir Homutov
7017a64183 Cleaned up reordering code.
The ordered frame handler is always called for the existing stream, as it is
allocated from this stream.  Instead of searching stream by id, pointer to the
stream node is passed.
2020-05-08 13:08:04 +03:00
Vladimir Homutov
1816f3af58 Cleaned up firefox workaround.
The idea is to skip any zeroes that follow valid QUIC packet.  Currently such
behavior can be only observed with Firefox which sends zero-padded initial
packets.
2020-05-07 12:34:04 +03:00
Roman Arutyunyan
3f2ac979eb OCSP stapling: moved response verification to a separate function. 2020-05-06 21:44:14 +03:00
Jinhua Tan
b47c1f35e2 Upstream: jump out of loop after matching the status code. 2020-05-13 22:02:47 +08:00
Sergey Kandaurov
41ecd45a5b Variables: fixed buffer over-read when evaluating "$arg_". 2020-05-08 19:19:16 +03:00
Sergey Kandaurov
9ed0d4c9ae Restored ngx_quic_encrypt return type.
It was inadvertently changed while working on removing memory allocations.
2020-05-06 14:34:44 +03:00
Vladimir Homutov
5e5c703656 Store clearflags in pkt->flags after decryption.
It doesn't make sense to store protected flags.
2020-04-30 12:22:35 +03:00
Sergey Kandaurov
1a6fc01fb8 Configure: fixed static compilation with OpenSSL 1.1.1 / BoringSSL.
See 7246:04ebf29eaf5b for details.
2020-05-01 13:02:30 +03:00
Sergey Kandaurov
cf5168c9e0 Mention quic branch in README. 2020-04-30 15:59:14 +03:00
Sergey Kandaurov
b7b3aca704 Configure: unbreak with old OpenSSL, --with-http_v3_module added. 2020-04-30 15:47:43 +03:00
Vladimir Homutov
be47823248 Removed outdated/incorrect comments and fixed style.
- we need transport parameters early to get packet size limits at least.
2020-04-29 14:45:55 +03:00
Vladimir Homutov
ed461dbff7 Reworked macros for parsing/assembling packet types.
Previously, macros checking a packet type with the long header also checked
whether this is a long header.  Now it requires a separate preceding check.
2020-04-30 12:38:38 +03:00
Sergey Kandaurov
4c2ccf217a Renamed retransmit event object in preparation for retry support. 2020-04-29 14:59:21 +03:00
Sergey Kandaurov
9aeb2c0ece Server CID change. 2020-04-28 18:24:01 +03:00
Sergey Kandaurov
467c8a13c9 Factored out sending ACK from payload handler.
Now there's no need to annotate every frame in ACK-eliciting packet.
Sending ACK was moved to the first place, so that queueing ACK frame
no longer postponed up to the next packet after pushing STREAM frames.
2020-04-28 18:23:56 +03:00