One Level Up Top Level

src/event/quic/ngx_event_quic_output.c - nginx source code

Functions defined

Macros defined

Source code


  2. /*
  3. * Copyright (C) Nginx, Inc.
  4. */


  7. #include <ngx_config.h>
  8. #include <ngx_core.h>
  9. #include <ngx_event.h>
  10. #include <ngx_event_quic_connection.h>


  13. #define NGX_QUIC_MAX_UDP_SEGMENT_BUF  65487 /* 65K - IPv6 header */
  14. #define NGX_QUIC_MAX_SEGMENTS            64 /* UDP_MAX_SEGMENTS */

  16. #define NGX_QUIC_RETRY_TOKEN_LIFETIME     3 /* seconds */
  17. #define NGX_QUIC_NEW_TOKEN_LIFETIME     600 /* seconds */
  18. #define NGX_QUIC_RETRY_BUFFER_SIZE      256
  19.     /* 1 flags + 4 version + 3 x (1 + 20) s/o/dcid + itag + token(64) */

  21. /*
  22. * RFC 9000, 10.3.  Stateless Reset
  23. *
  24. * Endpoints MUST discard packets that are too small to be valid QUIC
  25. * packets.  With the set of AEAD functions defined in [QUIC-TLS],
  26. * short header packets that are smaller than 21 bytes are never valid.
  27. */
  28. #define NGX_QUIC_MIN_PKT_LEN             21

  30. #define NGX_QUIC_MIN_SR_PACKET           43 /* 5 rand + 16 srt + 22 padding */
  31. #define NGX_QUIC_MAX_SR_PACKET         1200

  33. #define NGX_QUIC_CC_MIN_INTERVAL       1000 /* 1s */

  35. #define NGX_QUIC_SOCKET_RETRY_DELAY      10 /* ms, for NGX_AGAIN on write */


  38. #define ngx_quic_log_packet(log, pkt)                                         \
  39.     ngx_log_debug6(NGX_LOG_DEBUG_EVENT, log, 0,                               \
  40.                    "quic packet tx %s bytes:%ui need_ack:%d"                  \
  41.                    " number:%L encoded nl:%d trunc:0x%xD",                    \
  42.                    ngx_quic_level_name((pkt)->level), (pkt)->payload.len,     \
  43.                    (pkt)->need_ack, (pkt)->number, (pkt)->num_len,            \
  44.                     (pkt)->trunc);


  47. static ngx_int_t ngx_quic_create_datagrams(ngx_connection_t *c);
  48. static void ngx_quic_commit_send(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx);
  49. static void ngx_quic_revert_send(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx,
  50.     uint64_t pnum);
  51. #if ((NGX_HAVE_UDP_SEGMENT) && (NGX_HAVE_MSGHDR_MSG_CONTROL))
  52. static ngx_uint_t ngx_quic_allow_segmentation(ngx_connection_t *c);
  53. static ngx_int_t ngx_quic_create_segments(ngx_connection_t *c);
  54. static ssize_t ngx_quic_send_segments(ngx_connection_t *c, u_char *buf,
  55.     size_t len, struct sockaddr *sockaddr, socklen_t socklen, size_t segment);
  56. #endif
  57. static ssize_t ngx_quic_output_packet(ngx_connection_t *c,
  58.     ngx_quic_send_ctx_t *ctx, u_char *data, size_t max, size_t min);
  59. static void ngx_quic_init_packet(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx,
  60.     ngx_quic_header_t *pkt, ngx_quic_path_t *path);
  61. static ngx_uint_t ngx_quic_get_padding_level(ngx_connection_t *c);
  62. static ssize_t ngx_quic_send(ngx_connection_t *c, u_char *buf, size_t len,
  63.     struct sockaddr *sockaddr, socklen_t socklen);
  64. static void ngx_quic_set_packet_number(ngx_quic_header_t *pkt,
  65.     ngx_quic_send_ctx_t *ctx);


  68. ngx_int_t
  69. ngx_quic_output(ngx_connection_t *c)
  70. {
  71.     size_t                  in_flight;
  72.     ngx_int_t               rc;
  73.     ngx_quic_congestion_t  *cg;
  74.     ngx_quic_connection_t  *qc;

  76.     c->log->action = "sending frames";

  78.     qc = ngx_quic_get_connection(c);
  79.     cg = &qc->congestion;

  81.     in_flight = cg->in_flight;

  83. #if ((NGX_HAVE_UDP_SEGMENT) && (NGX_HAVE_MSGHDR_MSG_CONTROL))
  84.     if (ngx_quic_allow_segmentation(c)) {
  85.         rc = ngx_quic_create_segments(c);
  86.     } else
  87. #endif
  88.     {
  89.         rc = ngx_quic_create_datagrams(c);
  90.     }

  92.     if (rc != NGX_OK) {
  93.         return NGX_ERROR;
  94.     }

  96.     if (in_flight == cg->in_flight || qc->closing) {
  97.         /* no ack-eliciting data was sent or we are done */
  98.         return NGX_OK;
  99.     }

  101.     if (!qc->send_timer_set) {
  102.         qc->send_timer_set = 1;
  103.         ngx_add_timer(c->read, qc->tp.max_idle_timeout);
  104.     }

  106.     ngx_quic_set_lost_timer(c);

  108.     return NGX_OK;
  109. }


  112. static ngx_int_t
  113. ngx_quic_create_datagrams(ngx_connection_t *c)
  114. {
  115.     size_t                  len, min;
  116.     ssize_t                 n;
  117.     u_char                 *p;
  118.     uint64_t                preserved_pnum[NGX_QUIC_SEND_CTX_LAST];
  119.     ngx_uint_t              i, pad;
  120.     ngx_quic_path_t        *path;
  121.     ngx_quic_send_ctx_t    *ctx;
  122.     ngx_quic_congestion_t  *cg;
  123.     ngx_quic_connection_t  *qc;
  124.     static u_char           dst[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE];

  126.     qc = ngx_quic_get_connection(c);
  127.     cg = &qc->congestion;
  128.     path = qc->path;

  130.     while (cg->in_flight < cg->window) {

  132.         p = dst;

  134.         len = ngx_quic_path_limit(c, path, path->mtu);

  136.         pad = ngx_quic_get_padding_level(c);

  138.         for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) {

  140.             ctx = &qc->send_ctx[i];

  142.             preserved_pnum[i] = ctx->pnum;

  144.             if (ngx_quic_generate_ack(c, ctx) != NGX_OK) {
  145.                 return NGX_ERROR;
  146.             }

  148.             min = (i == pad && p - dst < NGX_QUIC_MIN_INITIAL_SIZE)
  149.                   ? NGX_QUIC_MIN_INITIAL_SIZE - (p - dst) : 0;

  151.             if (min > len) {
  152.                 /* padding can't be applied - avoid sending the packet */

  154.                 while (i-- > 0) {
  155.                     ctx = &qc->send_ctx[i];
  156.                     ngx_quic_revert_send(c, ctx, preserved_pnum[i]);
  157.                 }

  159.                 return NGX_OK;
  160.             }

  162.             n = ngx_quic_output_packet(c, ctx, p, len, min);
  163.             if (n == NGX_ERROR) {
  164.                 return NGX_ERROR;
  165.             }

  167.             p += n;
  168.             len -= n;
  169.         }

  171.         len = p - dst;
  172.         if (len == 0) {
  173.             break;
  174.         }

  176.         n = ngx_quic_send(c, dst, len, path->sockaddr, path->socklen);

  178.         if (n == NGX_ERROR) {
  179.             return NGX_ERROR;
  180.         }

  182.         if (n == NGX_AGAIN) {
  183.             for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) {
  184.                 ngx_quic_revert_send(c, &qc->send_ctx[i], preserved_pnum[i]);
  185.             }

  187.             ngx_add_timer(&qc->push, NGX_QUIC_SOCKET_RETRY_DELAY);
  188.             break;
  189.         }

  191.         for (i = 0; i < NGX_QUIC_SEND_CTX_LAST; i++) {
  192.             ngx_quic_commit_send(c, &qc->send_ctx[i]);
  193.         }

  195.         path->sent += len;
  196.     }

  198.     return NGX_OK;
  199. }


  202. static void
  203. ngx_quic_commit_send(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx)
  204. {
  205.     ngx_queue_t            *q;
  206.     ngx_quic_frame_t       *f;
  207.     ngx_quic_congestion_t  *cg;
  208.     ngx_quic_connection_t  *qc;

  210.     qc = ngx_quic_get_connection(c);

  212.     cg = &qc->congestion;

  214.     while (!ngx_queue_empty(&ctx->sending)) {

  216.         q = ngx_queue_head(&ctx->sending);
  217.         f = ngx_queue_data(q, ngx_quic_frame_t, queue);

  219.         ngx_queue_remove(q);

  221.         if (f->pkt_need_ack && !qc->closing) {
  222.             ngx_queue_insert_tail(&ctx->sent, q);

  224.             cg->in_flight += f->plen;

  226.         } else {
  227.             ngx_quic_free_frame(c, f);
  228.         }
  229.     }

  231.     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
  232.                    "quic congestion send if:%uz", cg->in_flight);
  233. }


  236. static void
  237. ngx_quic_revert_send(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx,
  238.     uint64_t pnum)
  239. {
  240.     ngx_queue_t  *q;

  242.     while (!ngx_queue_empty(&ctx->sending)) {

  244.         q = ngx_queue_last(&ctx->sending);
  245.         ngx_queue_remove(q);
  246.         ngx_queue_insert_head(&ctx->frames, q);
  247.     }

  249.     ctx->pnum = pnum;
  250. }


  253. #if ((NGX_HAVE_UDP_SEGMENT) && (NGX_HAVE_MSGHDR_MSG_CONTROL))

  255. static ngx_uint_t
  256. ngx_quic_allow_segmentation(ngx_connection_t *c)
  257. {
  258.     size_t                  bytes, len;
  259.     ngx_queue_t            *q;
  260.     ngx_quic_frame_t       *f;
  261.     ngx_quic_send_ctx_t    *ctx;
  262.     ngx_quic_connection_t  *qc;

  264.     qc = ngx_quic_get_connection(c);

  266.     if (!qc->conf->gso_enabled) {
  267.         return 0;
  268.     }

  270.     if (!qc->path->validated) {
  271.         /* don't even try to be faster on non-validated paths */
  272.         return 0;
  273.     }

  275.     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_initial);
  276.     if (!ngx_queue_empty(&ctx->frames)) {
  277.         return 0;
  278.     }

  280.     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_handshake);
  281.     if (!ngx_queue_empty(&ctx->frames)) {
  282.         return 0;
  283.     }

  285.     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);

  287.     bytes = 0;
  288.     len = ngx_min(qc->path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);

  290.     for (q = ngx_queue_head(&ctx->frames);
  291.          q != ngx_queue_sentinel(&ctx->frames);
  292.          q = ngx_queue_next(q))
  293.     {
  294.         f = ngx_queue_data(q, ngx_quic_frame_t, queue);

  296.         bytes += f->len;

  298.         if (bytes > len * 3) {
  299.             /* require at least ~3 full packets to batch */
  300.             return 1;
  301.         }
  302.     }

  304.     return 0;
  305. }


  308. static ngx_int_t
  309. ngx_quic_create_segments(ngx_connection_t *c)
  310. {
  311.     size_t                  len, segsize;
  312.     ssize_t                 n;
  313.     u_char                 *p, *end;
  314.     uint64_t                preserved_pnum;
  315.     ngx_uint_t              nseg;
  316.     ngx_quic_path_t        *path;
  317.     ngx_quic_send_ctx_t    *ctx;
  318.     ngx_quic_congestion_t  *cg;
  319.     ngx_quic_connection_t  *qc;
  320.     static u_char           dst[NGX_QUIC_MAX_UDP_SEGMENT_BUF];

  322.     qc = ngx_quic_get_connection(c);
  323.     cg = &qc->congestion;
  324.     path = qc->path;

  326.     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_application);

  328.     if (ngx_quic_generate_ack(c, ctx) != NGX_OK) {
  329.         return NGX_ERROR;
  330.     }

  332.     segsize = ngx_min(path->mtu, NGX_QUIC_MAX_UDP_SEGMENT_BUF);
  333.     p = dst;
  334.     end = dst + sizeof(dst);

  336.     nseg = 0;

  338.     preserved_pnum = ctx->pnum;

  340.     for ( ;; ) {

  342.         len = ngx_min(segsize, (size_t) (end - p));

  344.         if (len && cg->in_flight + (p - dst) < cg->window) {

  346.             n = ngx_quic_output_packet(c, ctx, p, len, len);
  347.             if (n == NGX_ERROR) {
  348.                 return NGX_ERROR;
  349.             }

  351.             if (n) {
  352.                 p += n;
  353.                 nseg++;
  354.             }

  356.         } else {
  357.             n = 0;
  358.         }

  360.         if (p == dst) {
  361.             break;
  362.         }

  364.         if (n == 0 || nseg == NGX_QUIC_MAX_SEGMENTS) {
  365.             n = ngx_quic_send_segments(c, dst, p - dst, path->sockaddr,
  366.                                        path->socklen, segsize);
  367.             if (n == NGX_ERROR) {
  368.                 return NGX_ERROR;
  369.             }

  371.             if (n == NGX_AGAIN) {
  372.                 ngx_quic_revert_send(c, ctx, preserved_pnum);

  374.                 ngx_add_timer(&qc->push, NGX_QUIC_SOCKET_RETRY_DELAY);
  375.                 break;
  376.             }

  378.             ngx_quic_commit_send(c, ctx);

  380.             path->sent += n;

  382.             p = dst;
  383.             nseg = 0;
  384.             preserved_pnum = ctx->pnum;
  385.         }
  386.     }

  388.     return NGX_OK;
  389. }


  392. static ssize_t
  393. ngx_quic_send_segments(ngx_connection_t *c, u_char *buf, size_t len,
  394.     struct sockaddr *sockaddr, socklen_t socklen, size_t segment)
  395. {
  396.     size_t           clen;
  397.     ssize_t          n;
  398.     uint16_t        *valp;
  399.     struct iovec     iov;
  400.     struct msghdr    msg;
  401.     struct cmsghdr  *cmsg;

  403. #if (NGX_HAVE_ADDRINFO_CMSG)
  404.     char             msg_control[CMSG_SPACE(sizeof(uint16_t))
  405.                              + CMSG_SPACE(sizeof(ngx_addrinfo_t))];
  406. #else
  407.     char             msg_control[CMSG_SPACE(sizeof(uint16_t))];
  408. #endif

  410.     ngx_memzero(&msg, sizeof(struct msghdr));
  411.     ngx_memzero(msg_control, sizeof(msg_control));

  413.     iov.iov_len = len;
  414.     iov.iov_base = buf;

  416.     msg.msg_iov = &iov;
  417.     msg.msg_iovlen = 1;

  419.     msg.msg_name = sockaddr;
  420.     msg.msg_namelen = socklen;

  422.     msg.msg_control = msg_control;
  423.     msg.msg_controllen = sizeof(msg_control);

  425.     cmsg = CMSG_FIRSTHDR(&msg);

  427.     cmsg->cmsg_level = SOL_UDP;
  428.     cmsg->cmsg_type = UDP_SEGMENT;
  429.     cmsg->cmsg_len = CMSG_LEN(sizeof(uint16_t));

  431.     clen = CMSG_SPACE(sizeof(uint16_t));

  433.     valp = (void *) CMSG_DATA(cmsg);
  434.     *valp = segment;

  436. #if (NGX_HAVE_ADDRINFO_CMSG)
  437.     if (c->listening && c->listening->wildcard && c->local_sockaddr) {
  438.         cmsg = CMSG_NXTHDR(&msg, cmsg);
  439.         clen += ngx_set_srcaddr_cmsg(cmsg, c->local_sockaddr);
  440.     }
  441. #endif

  443.     msg.msg_controllen = clen;

  445.     n = ngx_sendmsg(c, &msg, 0);
  446.     if (n < 0) {
  447.         return n;
  448.     }

  450.     c->sent += n;

  452.     return n;
  453. }

  455. #endif



  459. static ngx_uint_t
  460. ngx_quic_get_padding_level(ngx_connection_t *c)
  461. {
  462.     ngx_uint_t              i;
  463.     ngx_queue_t            *q;
  464.     ngx_quic_frame_t       *f;
  465.     ngx_quic_send_ctx_t    *ctx;
  466.     ngx_quic_connection_t  *qc;

  468.     /*
  469.      * RFC 9000, 14.1.  Initial Datagram Size
  470.      *
  471.      * Similarly, a server MUST expand the payload of all UDP datagrams
  472.      * carrying ack-eliciting Initial packets to at least the smallest
  473.      * allowed maximum datagram size of 1200 bytes.
  474.      */

  476.     qc = ngx_quic_get_connection(c);
  477.     ctx = ngx_quic_get_send_ctx(qc, ssl_encryption_initial);

  479.     for (q = ngx_queue_head(&ctx->frames);
  480.          q != ngx_queue_sentinel(&ctx->frames);
  481.          q = ngx_queue_next(q))
  482.     {
  483.         f = ngx_queue_data(q, ngx_quic_frame_t, queue);

  485.         if (f->need_ack) {
  486.             for (i = 0; i + 1 < NGX_QUIC_SEND_CTX_LAST; i++) {
  487.                 ctx = &qc->send_ctx[i + 1];

  489.                 if (ngx_queue_empty(&ctx->frames)) {
  490.                     break;
  491.                 }
  492.             }

  494.             return i;
  495.         }
  496.     }

  498.     return NGX_QUIC_SEND_CTX_LAST;
  499. }


  502. static ssize_t
  503. ngx_quic_output_packet(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx,
  504.     u_char *data, size_t max, size_t min)
  505. {
  506.     size_t                  len, pad, min_payload, max_payload;
  507.     u_char                 *p;
  508.     ssize_t                 flen;
  509.     ngx_str_t               res;
  510.     ngx_int_t               rc;
  511.     ngx_uint_t              nframes;
  512.     ngx_msec_t              now;
  513.     ngx_queue_t            *q;
  514.     ngx_quic_frame_t       *f;
  515.     ngx_quic_header_t       pkt;
  516.     ngx_quic_connection_t  *qc;
  517.     static u_char           src[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE];

  519.     if (ngx_queue_empty(&ctx->frames)) {
  520.         return 0;
  521.     }

  523.     ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
  524.                    "quic output %s packet max:%uz min:%uz",
  525.                    ngx_quic_level_name(ctx->level), max, min);

  527.     qc = ngx_quic_get_connection(c);

  529.     if (!ngx_quic_keys_available(qc->keys, ctx->level, 1)) {
  530.         ngx_log_error(NGX_LOG_ALERT, c->log, 0, "quic %s write keys discarded",
  531.                       ngx_quic_level_name(ctx->level));

  533.         while (!ngx_queue_empty(&ctx->frames)) {
  534.             q = ngx_queue_head(&ctx->frames);
  535.             ngx_queue_remove(q);

  537.             f = ngx_queue_data(q, ngx_quic_frame_t, queue);
  538.             ngx_quic_free_frame(c, f);
  539.         }

  541.         return 0;
  542.     }

  544.     ngx_quic_init_packet(c, ctx, &pkt, qc->path);

  546.     min_payload = ngx_quic_payload_size(&pkt, min);
  547.     max_payload = ngx_quic_payload_size(&pkt, max);

  549.     /* RFC 9001, 5.4.2.  Header Protection Sample */
  550.     pad = 4 - pkt.num_len;
  551.     min_payload = ngx_max(min_payload, pad);

  553.     if (min_payload > max_payload) {
  554.         return 0;
  555.     }

  557.     now = ngx_current_msec;
  558.     nframes = 0;
  559.     p = src;
  560.     len = 0;

  562.     for (q = ngx_queue_head(&ctx->frames);
  563.          q != ngx_queue_sentinel(&ctx->frames);
  564.          q = ngx_queue_next(q))
  565.     {
  566.         f = ngx_queue_data(q, ngx_quic_frame_t, queue);

  568.         if (len >= max_payload) {
  569.             break;
  570.         }

  572.         if (len + f->len > max_payload) {
  573.             rc = ngx_quic_split_frame(c, f, max_payload - len);

  575.             if (rc == NGX_ERROR) {
  576.                 return NGX_ERROR;
  577.             }

  579.             if (rc == NGX_DECLINED) {
  580.                 break;
  581.             }
  582.         }

  584.         if (f->need_ack) {
  585.             pkt.need_ack = 1;
  586.         }

  588.         f->pnum = ctx->pnum;
  589.         f->send_time = now;
  590.         f->plen = 0;

  592.         ngx_quic_log_frame(c->log, f, 1);

  594.         flen = ngx_quic_create_frame(p, f);
  595.         if (flen == -1) {
  596.             return NGX_ERROR;
  597.         }

  599.         len += flen;
  600.         p += flen;

  602.         nframes++;
  603.     }

  605.     if (nframes == 0) {
  606.         return 0;
  607.     }

  609.     if (len < min_payload) {
  610.         ngx_memset(p, NGX_QUIC_FT_PADDING, min_payload - len);
  611.         len = min_payload;
  612.     }

  614.     pkt.payload.data = src;
  615.     pkt.payload.len = len;

  617.     res.data = data;

  619.     ngx_quic_log_packet(c->log, &pkt);

  621.     if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) {
  622.         return NGX_ERROR;
  623.     }

  625.     ctx->pnum++;

  627.     if (pkt.need_ack) {
  628.         q = ngx_queue_head(&ctx->frames);
  629.         f = ngx_queue_data(q, ngx_quic_frame_t, queue);

  631.         f->plen = res.len;
  632.     }

  634.     while (nframes--) {
  635.         q = ngx_queue_head(&ctx->frames);
  636.         f = ngx_queue_data(q, ngx_quic_frame_t, queue);

  638.         f->pkt_need_ack = pkt.need_ack;

  640.         ngx_queue_remove(q);
  641.         ngx_queue_insert_tail(&ctx->sending, q);
  642.     }

  644.     return res.len;
  645. }


  648. static void
  649. ngx_quic_init_packet(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx,
  650.     ngx_quic_header_t *pkt, ngx_quic_path_t *path)
  651. {
  652.     ngx_quic_connection_t  *qc;

  654.     qc = ngx_quic_get_connection(c);

  656.     ngx_memzero(pkt, sizeof(ngx_quic_header_t));

  658.     pkt->flags = NGX_QUIC_PKT_FIXED_BIT;

  660.     if (ctx->level == ssl_encryption_initial) {
  661.         pkt->flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_INITIAL;

  663.     } else if (ctx->level == ssl_encryption_handshake) {
  664.         pkt->flags |= NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_HANDSHAKE;

  666.     } else {
  667.         if (qc->key_phase) {
  668.             pkt->flags |= NGX_QUIC_PKT_KPHASE;
  669.         }
  670.     }

  672.     pkt->dcid.data = path->cid->id;
  673.     pkt->dcid.len = path->cid->len;

  675.     pkt->scid = qc->tp.initial_scid;

  677.     pkt->version = qc->version;
  678.     pkt->log = c->log;
  679.     pkt->level = ctx->level;

  681.     pkt->keys = qc->keys;

  683.     ngx_quic_set_packet_number(pkt, ctx);
  684. }


  687. static ssize_t
  688. ngx_quic_send(ngx_connection_t *c, u_char *buf, size_t len,
  689.     struct sockaddr *sockaddr, socklen_t socklen)
  690. {
  691.     ssize_t          n;
  692.     struct iovec     iov;
  693.     struct msghdr    msg;
  694. #if (NGX_HAVE_ADDRINFO_CMSG)
  695.     struct cmsghdr  *cmsg;
  696.     char             msg_control[CMSG_SPACE(sizeof(ngx_addrinfo_t))];
  697. #endif

  699.     ngx_memzero(&msg, sizeof(struct msghdr));

  701.     iov.iov_len = len;
  702.     iov.iov_base = buf;

  704.     msg.msg_iov = &iov;
  705.     msg.msg_iovlen = 1;

  707.     msg.msg_name = sockaddr;
  708.     msg.msg_namelen = socklen;

  710. #if (NGX_HAVE_ADDRINFO_CMSG)
  711.     if (c->listening && c->listening->wildcard && c->local_sockaddr) {

  713.         msg.msg_control = msg_control;
  714.         msg.msg_controllen = sizeof(msg_control);
  715.         ngx_memzero(msg_control, sizeof(msg_control));

  717.         cmsg = CMSG_FIRSTHDR(&msg);

  719.         msg.msg_controllen = ngx_set_srcaddr_cmsg(cmsg, c->local_sockaddr);
  720.     }
  721. #endif

  723.     n = ngx_sendmsg(c, &msg, 0);
  724.     if (n < 0) {
  725.         return n;
  726.     }

  728.     c->sent += n;

  730.     return n;
  731. }


  734. static void
  735. ngx_quic_set_packet_number(ngx_quic_header_t *pkt, ngx_quic_send_ctx_t *ctx)
  736. {
  737.     uint64_t  delta;

  739.     delta = ctx->pnum - ctx->largest_ack;
  740.     pkt->number = ctx->pnum;

  742.     if (delta <= 0x7F) {
  743.         pkt->num_len = 1;
  744.         pkt->trunc = ctx->pnum & 0xff;

  746.     } else if (delta <= 0x7FFF) {
  747.         pkt->num_len = 2;
  748.         pkt->flags |= 0x1;
  749.         pkt->trunc = ctx->pnum & 0xffff;

  751.     } else if (delta <= 0x7FFFFF) {
  752.         pkt->num_len = 3;
  753.         pkt->flags |= 0x2;
  754.         pkt->trunc = ctx->pnum & 0xffffff;

  756.     } else {
  757.         pkt->num_len = 4;
  758.         pkt->flags |= 0x3;
  759.         pkt->trunc = ctx->pnum & 0xffffffff;
  760.     }
  761. }


  764. ngx_int_t
  765. ngx_quic_negotiate_version(ngx_connection_t *c, ngx_quic_header_t *inpkt)
  766. {
  767.     size_t             len;
  768.     ngx_quic_header_t  pkt;
  769.     static u_char      buf[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE];

  771.     ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
  772.                    "sending version negotiation packet");

  774.     pkt.log = c->log;
  775.     pkt.flags = NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_FIXED_BIT;
  776.     pkt.dcid = inpkt->scid;
  777.     pkt.scid = inpkt->dcid;

  779.     len = ngx_quic_create_version_negotiation(&pkt, buf);

  781. #ifdef NGX_QUIC_DEBUG_PACKETS
  782.     ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
  783.                    "quic vnego packet to send len:%uz %*xs", len, len, buf);
  784. #endif

  786.     (void) ngx_quic_send(c, buf, len, c->sockaddr, c->socklen);

  788.     return NGX_DONE;
  789. }


  792. ngx_int_t
  793. ngx_quic_send_stateless_reset(ngx_connection_t *c, ngx_quic_conf_t *conf,
  794.     ngx_quic_header_t *pkt)
  795. {
  796.     u_char    *token;
  797.     size_t     len, max;
  798.     uint16_t   rndbytes;
  799.     u_char     buf[NGX_QUIC_MAX_SR_PACKET];

  801.     ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
  802.                    "quic handle stateless reset output");

  804.     if (pkt->len <= NGX_QUIC_MIN_PKT_LEN) {
  805.         return NGX_DECLINED;
  806.     }

  808.     if (pkt->len <= NGX_QUIC_MIN_SR_PACKET) {
  809.         len = pkt->len - 1;

  811.     } else {
  812.         max = ngx_min(NGX_QUIC_MAX_SR_PACKET, pkt->len * 3);

  814.         if (RAND_bytes((u_char *) &rndbytes, sizeof(rndbytes)) != 1) {
  815.             return NGX_ERROR;
  816.         }

  818.         len = (rndbytes % (max - NGX_QUIC_MIN_SR_PACKET + 1))
  819.               + NGX_QUIC_MIN_SR_PACKET;
  820.     }

  822.     if (RAND_bytes(buf, len - NGX_QUIC_SR_TOKEN_LEN) != 1) {
  823.         return NGX_ERROR;
  824.     }

  826.     buf[0] &= ~NGX_QUIC_PKT_LONG;
  827.     buf[0] |= NGX_QUIC_PKT_FIXED_BIT;

  829.     token = &buf[len - NGX_QUIC_SR_TOKEN_LEN];

  831.     if (ngx_quic_new_sr_token(c, &pkt->dcid, conf->sr_token_key, token)
  832.         != NGX_OK)
  833.     {
  834.         return NGX_ERROR;
  835.     }

  837.     (void) ngx_quic_send(c, buf, len, c->sockaddr, c->socklen);

  839.     return NGX_DECLINED;
  840. }


  843. ngx_int_t
  844. ngx_quic_send_cc(ngx_connection_t *c)
  845. {
  846.     ngx_quic_frame_t       *frame;
  847.     ngx_quic_connection_t  *qc;

  849.     qc = ngx_quic_get_connection(c);

  851.     if (qc->draining) {
  852.         return NGX_OK;
  853.     }

  855.     if (qc->closing
  856.         && ngx_current_msec - qc->last_cc < NGX_QUIC_CC_MIN_INTERVAL)
  857.     {
  858.         /* dot not send CC too often */
  859.         return NGX_OK;
  860.     }

  862.     frame = ngx_quic_alloc_frame(c);
  863.     if (frame == NULL) {
  864.         return NGX_ERROR;
  865.     }

  867.     frame->level = qc->error_level;
  868.     frame->type = qc->error_app ? NGX_QUIC_FT_CONNECTION_CLOSE_APP
  869.                                 : NGX_QUIC_FT_CONNECTION_CLOSE;
  870.     frame->u.close.error_code = qc->error;
  871.     frame->u.close.frame_type = qc->error_ftype;

  873.     if (qc->error_reason) {
  874.         frame->u.close.reason.len = ngx_strlen(qc->error_reason);
  875.         frame->u.close.reason.data = (u_char *) qc->error_reason;
  876.     }

  878.     frame->ignore_congestion = 1;

  880.     qc->last_cc = ngx_current_msec;

  882.     return ngx_quic_frame_sendto(c, frame, 0, qc->path);
  883. }


  886. ngx_int_t
  887. ngx_quic_send_early_cc(ngx_connection_t *c, ngx_quic_header_t *inpkt,
  888.     ngx_uint_t err, const char *reason)
  889. {
  890.     ssize_t            len;
  891.     ngx_str_t          res;
  892.     ngx_quic_keys_t    keys;
  893.     ngx_quic_frame_t   frame;
  894.     ngx_quic_header_t  pkt;

  896.     static u_char       src[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE];
  897.     static u_char       dst[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE];

  899.     ngx_memzero(&frame, sizeof(ngx_quic_frame_t));
  900.     ngx_memzero(&pkt, sizeof(ngx_quic_header_t));

  902.     frame.level = inpkt->level;
  903.     frame.type = NGX_QUIC_FT_CONNECTION_CLOSE;
  904.     frame.u.close.error_code = err;

  906.     frame.u.close.reason.data = (u_char *) reason;
  907.     frame.u.close.reason.len = ngx_strlen(reason);

  909.     ngx_quic_log_frame(c->log, &frame, 1);

  911.     len = ngx_quic_create_frame(NULL, &frame);
  912.     if (len > NGX_QUIC_MAX_UDP_PAYLOAD_SIZE) {
  913.         return NGX_ERROR;
  914.     }

  916.     len = ngx_quic_create_frame(src, &frame);
  917.     if (len == -1) {
  918.         return NGX_ERROR;
  919.     }

  921.     ngx_memzero(&keys, sizeof(ngx_quic_keys_t));

  923.     pkt.keys = &keys;

  925.     if (ngx_quic_keys_set_initial_secret(pkt.keys, &inpkt->dcid, c->log)
  926.         != NGX_OK)
  927.     {
  928.         return NGX_ERROR;
  929.     }

  931.     pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG
  932.                 | NGX_QUIC_PKT_INITIAL;

  934.     pkt.num_len = 1;
  935.     /*
  936.      * pkt.num = 0;
  937.      * pkt.trunc = 0;
  938.      */

  940.     pkt.version = inpkt->version;
  941.     pkt.log = c->log;
  942.     pkt.level = inpkt->level;
  943.     pkt.dcid = inpkt->scid;
  944.     pkt.scid = inpkt->dcid;
  945.     pkt.payload.data = src;
  946.     pkt.payload.len = len;

  948.     res.data = dst;

  950.     ngx_quic_log_packet(c->log, &pkt);

  952.     if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) {
  953.         ngx_quic_keys_cleanup(pkt.keys);
  954.         return NGX_ERROR;
  955.     }

  957.     if (ngx_quic_send(c, res.data, res.len, c->sockaddr, c->socklen) < 0) {
  958.         ngx_quic_keys_cleanup(pkt.keys);
  959.         return NGX_ERROR;
  960.     }

  962.     ngx_quic_keys_cleanup(pkt.keys);

  964.     return NGX_DONE;
  965. }


  968. ngx_int_t
  969. ngx_quic_send_retry(ngx_connection_t *c, ngx_quic_conf_t *conf,
  970.     ngx_quic_header_t *inpkt)
  971. {
  972.     time_t             expires;
  973.     ssize_t            len;
  974.     ngx_str_t          res, token;
  975.     ngx_quic_header_t  pkt;

  977.     u_char             buf[NGX_QUIC_RETRY_BUFFER_SIZE];
  978.     u_char             dcid[NGX_QUIC_SERVER_CID_LEN];
  979.     u_char             tbuf[NGX_QUIC_TOKEN_BUF_SIZE];

  981.     expires = ngx_time() + NGX_QUIC_RETRY_TOKEN_LIFETIME;

  983.     token.data = tbuf;
  984.     token.len = NGX_QUIC_TOKEN_BUF_SIZE;

  986.     if (ngx_quic_new_token(c->log, c->sockaddr, c->socklen, conf->av_token_key,
  987.                            &token, &inpkt->dcid, expires, 1)
  988.         != NGX_OK)
  989.     {
  990.         return NGX_ERROR;
  991.     }

  993.     ngx_memzero(&pkt, sizeof(ngx_quic_header_t));
  994.     pkt.flags = NGX_QUIC_PKT_FIXED_BIT | NGX_QUIC_PKT_LONG | NGX_QUIC_PKT_RETRY;
  995.     pkt.version = inpkt->version;
  996.     pkt.log = c->log;

  998.     pkt.odcid = inpkt->dcid;
  999.     pkt.dcid = inpkt->scid;

  1001.     /* TODO: generate routable dcid */
  1002.     if (RAND_bytes(dcid, NGX_QUIC_SERVER_CID_LEN) != 1) {
  1003.         return NGX_ERROR;
  1004.     }

  1006.     pkt.scid.len = NGX_QUIC_SERVER_CID_LEN;
  1007.     pkt.scid.data = dcid;

  1009.     pkt.token = token;

  1011.     res.data = buf;

  1013.     if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) {
  1014.         return NGX_ERROR;
  1015.     }

  1017. #ifdef NGX_QUIC_DEBUG_PACKETS
  1018.     ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
  1019.                    "quic packet to send len:%uz %xV", res.len, &res);
  1020. #endif

  1022.     len = ngx_quic_send(c, res.data, res.len, c->sockaddr, c->socklen);
  1023.     if (len < 0) {
  1024.         return NGX_ERROR;
  1025.     }

  1027.     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
  1028.                    "quic retry packet sent to %xV", &pkt.dcid);

  1030.     /*
  1031.      * RFC 9000, 17.2.5.1.  Sending a Retry Packet
  1032.      *
  1033.      * A server MUST NOT send more than one Retry
  1034.      * packet in response to a single UDP datagram.
  1035.      * NGX_DONE will stop quic_input() from processing further
  1036.      */
  1037.     return NGX_DONE;
  1038. }


  1041. ngx_int_t
  1042. ngx_quic_send_new_token(ngx_connection_t *c, ngx_quic_path_t *path)
  1043. {
  1044.     time_t                  expires;
  1045.     ngx_str_t               token;
  1046.     ngx_chain_t            *out;
  1047.     ngx_quic_frame_t       *frame;
  1048.     ngx_quic_connection_t  *qc;

  1050.     u_char                  tbuf[NGX_QUIC_TOKEN_BUF_SIZE];

  1052.     qc = ngx_quic_get_connection(c);

  1054.     expires = ngx_time() + NGX_QUIC_NEW_TOKEN_LIFETIME;

  1056.     token.data = tbuf;
  1057.     token.len = NGX_QUIC_TOKEN_BUF_SIZE;

  1059.     if (ngx_quic_new_token(c->log, path->sockaddr, path->socklen,
  1060.                            qc->conf->av_token_key, &token, NULL, expires, 0)
  1061.         != NGX_OK)
  1062.     {
  1063.         return NGX_ERROR;
  1064.     }

  1066.     out = ngx_quic_copy_buffer(c, token.data, token.len);
  1067.     if (out == NGX_CHAIN_ERROR) {
  1068.         return NGX_ERROR;
  1069.     }

  1071.     frame = ngx_quic_alloc_frame(c);
  1072.     if (frame == NULL) {
  1073.         return NGX_ERROR;
  1074.     }

  1076.     frame->level = ssl_encryption_application;
  1077.     frame->type = NGX_QUIC_FT_NEW_TOKEN;
  1078.     frame->data = out;
  1079.     frame->u.token.length = token.len;

  1081.     ngx_quic_queue_frame(qc, frame);

  1083.     return NGX_OK;
  1084. }


  1087. ngx_int_t
  1088. ngx_quic_send_ack(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx)
  1089. {
  1090.     size_t                  len, left;
  1091.     uint64_t                ack_delay;
  1092.     ngx_buf_t              *b;
  1093.     ngx_uint_t              i;
  1094.     ngx_chain_t            *cl, **ll;
  1095.     ngx_quic_frame_t       *frame;
  1096.     ngx_quic_connection_t  *qc;

  1098.     qc = ngx_quic_get_connection(c);

  1100.     ack_delay = ngx_current_msec - ctx->largest_received;
  1101.     ack_delay *= 1000;
  1102.     ack_delay >>= qc->tp.ack_delay_exponent;

  1104.     frame = ngx_quic_alloc_frame(c);
  1105.     if (frame == NULL) {
  1106.         return NGX_ERROR;
  1107.     }

  1109.     ll = &frame->data;
  1110.     b = NULL;

  1112.     for (i = 0; i < ctx->nranges; i++) {
  1113.         len = ngx_quic_create_ack_range(NULL, ctx->ranges[i].gap,
  1114.                                         ctx->ranges[i].range);

  1116.         left = b ? b->end - b->last : 0;

  1118.         if (left < len) {
  1119.             cl = ngx_quic_alloc_chain(c);
  1120.             if (cl == NULL) {
  1121.                 return NGX_ERROR;
  1122.             }

  1124.             *ll = cl;
  1125.             ll = &cl->next;

  1127.             b = cl->buf;
  1128.             left = b->end - b->last;

  1130.             if (left < len) {
  1131.                 return NGX_ERROR;
  1132.             }
  1133.         }

  1135.         b->last += ngx_quic_create_ack_range(b->last, ctx->ranges[i].gap,
  1136.                                              ctx->ranges[i].range);

  1138.         frame->u.ack.ranges_length += len;
  1139.     }

  1141.     *ll = NULL;

  1143.     frame->level = ctx->level;
  1144.     frame->type = NGX_QUIC_FT_ACK;
  1145.     frame->u.ack.largest = ctx->largest_range;
  1146.     frame->u.ack.delay = ack_delay;
  1147.     frame->u.ack.range_count = ctx->nranges;
  1148.     frame->u.ack.first_range = ctx->first_range;
  1149.     frame->len = ngx_quic_create_frame(NULL, frame);

  1151.     ngx_queue_insert_head(&ctx->frames, &frame->queue);

  1153.     return NGX_OK;
  1154. }


  1157. ngx_int_t
  1158. ngx_quic_send_ack_range(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx,
  1159.     uint64_t smallest, uint64_t largest)
  1160. {
  1161.     ngx_quic_frame_t       *frame;
  1162.     ngx_quic_connection_t  *qc;

  1164.     qc = ngx_quic_get_connection(c);

  1166.     frame = ngx_quic_alloc_frame(c);
  1167.     if (frame == NULL) {
  1168.         return NGX_ERROR;
  1169.     }

  1171.     frame->level = ctx->level;
  1172.     frame->type = NGX_QUIC_FT_ACK;
  1173.     frame->u.ack.largest = largest;
  1174.     frame->u.ack.delay = 0;
  1175.     frame->u.ack.range_count = 0;
  1176.     frame->u.ack.first_range = largest - smallest;

  1178.     ngx_quic_queue_frame(qc, frame);

  1180.     return NGX_OK;
  1181. }


  1184. ngx_int_t
  1185. ngx_quic_frame_sendto(ngx_connection_t *c, ngx_quic_frame_t *frame,
  1186.     size_t min, ngx_quic_path_t *path)
  1187. {
  1188.     size_t                  max, max_payload, min_payload, pad;
  1189.     ssize_t                 len, sent;
  1190.     ngx_str_t               res;
  1191.     ngx_msec_t              now;
  1192.     ngx_quic_header_t       pkt;
  1193.     ngx_quic_send_ctx_t    *ctx;
  1194.     ngx_quic_congestion_t  *cg;
  1195.     ngx_quic_connection_t  *qc;

  1197.     static u_char           src[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE];
  1198.     static u_char           dst[NGX_QUIC_MAX_UDP_PAYLOAD_SIZE];

  1200.     qc = ngx_quic_get_connection(c);
  1201.     cg = &qc->congestion;
  1202.     ctx = ngx_quic_get_send_ctx(qc, frame->level);

  1204.     now = ngx_current_msec;

  1206.     max = ngx_quic_path_limit(c, path, path->mtu);

  1208.     ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
  1209.                    "quic sendto %s packet max:%uz min:%uz",
  1210.                    ngx_quic_level_name(ctx->level), max, min);

  1212.     if (cg->in_flight >= cg->window && !frame->ignore_congestion) {
  1213.         ngx_quic_free_frame(c, frame);
  1214.         return NGX_AGAIN;
  1215.     }

  1217.     ngx_quic_init_packet(c, ctx, &pkt, path);

  1219.     min_payload = ngx_quic_payload_size(&pkt, min);
  1220.     max_payload = ngx_quic_payload_size(&pkt, max);

  1222.     /* RFC 9001, 5.4.2.  Header Protection Sample */
  1223.     pad = 4 - pkt.num_len;
  1224.     min_payload = ngx_max(min_payload, pad);

  1226.     if (min_payload > max_payload) {
  1227.         ngx_quic_free_frame(c, frame);
  1228.         return NGX_AGAIN;
  1229.     }

  1231. #if (NGX_DEBUG)
  1232.     frame->pnum = pkt.number;
  1233. #endif

  1235.     ngx_quic_log_frame(c->log, frame, 1);

  1237.     len = ngx_quic_create_frame(NULL, frame);
  1238.     if ((size_t) len > max_payload) {
  1239.         ngx_quic_free_frame(c, frame);
  1240.         return NGX_AGAIN;
  1241.     }

  1243.     len = ngx_quic_create_frame(src, frame);
  1244.     if (len == -1) {
  1245.         ngx_quic_free_frame(c, frame);
  1246.         return NGX_ERROR;
  1247.     }

  1249.     if (len < (ssize_t) min_payload) {
  1250.         ngx_memset(src + len, NGX_QUIC_FT_PADDING, min_payload - len);
  1251.         len = min_payload;
  1252.     }

  1254.     pkt.payload.data = src;
  1255.     pkt.payload.len = len;

  1257.     res.data = dst;

  1259.     ngx_quic_log_packet(c->log, &pkt);

  1261.     if (ngx_quic_encrypt(&pkt, &res) != NGX_OK) {
  1262.         ngx_quic_free_frame(c, frame);
  1263.         return NGX_ERROR;
  1264.     }

  1266.     frame->pnum = ctx->pnum;
  1267.     frame->send_time = now;
  1268.     frame->plen = res.len;

  1270.     ctx->pnum++;

  1272.     sent = ngx_quic_send(c, res.data, res.len, path->sockaddr, path->socklen);
  1273.     if (sent < 0) {
  1274.         ngx_quic_free_frame(c, frame);
  1275.         return sent;
  1276.     }

  1278.     path->sent += sent;

  1280.     if (frame->need_ack && !qc->closing) {
  1281.         ngx_queue_insert_tail(&ctx->sent, &frame->queue);

  1283.         cg->in_flight += frame->plen;

  1285.     } else {
  1286.         ngx_quic_free_frame(c, frame);
  1287.         return NGX_OK;
  1288.     }

  1290.     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
  1291.                    "quic congestion send if:%uz", cg->in_flight);

  1293.     if (!qc->send_timer_set) {
  1294.         qc->send_timer_set = 1;
  1295.         ngx_add_timer(c->read, qc->tp.max_idle_timeout);
  1296.     }

  1298.     ngx_quic_set_lost_timer(c);

  1300.     return NGX_OK;
  1301. }


  1304. size_t
  1305. ngx_quic_path_limit(ngx_connection_t *c, ngx_quic_path_t *path, size_t size)
  1306. {
  1307.     off_t  max;

  1309.     if (!path->validated) {
  1310.         max = path->received * 3;
  1311.         max = (path->sent >= max) ? 0 : max - path->sent;

  1313.         if ((off_t) size > max) {
  1314.             return max;
  1315.         }
  1316.     }

  1318.     return size;
  1319. }

One Level Up Top Level