diff options
| author | Roman Arutyunyan <arut@nginx.com> | 2025-01-03 13:01:06 +0400 |
|---|---|---|
| committer | Roman Arutyunyan <arutyunyan.roman@gmail.com> | 2025-04-15 19:01:36 +0400 |
| commit | 38236bf74f3e5728eeea488bef381c61842ac1d2 (patch) | |
| tree | 8cf01926103f546607e658f426f1377bc2dd4e39 /src/event/quic/ngx_event_quic_migration.c | |
| parent | 53e7e9eb542fb1d3d885bbca03ed1d704aa08f31 (diff) | |
| download | nginx-38236bf74f3e5728eeea488bef381c61842ac1d2.tar.gz nginx-38236bf74f3e5728eeea488bef381c61842ac1d2.tar.bz2 | |
QUIC: prevent spurious congestion control recovery mode.
Since recovery_start field was initialized with ngx_current_msec, all
congestion events that happened within the same millisecond or cycle
iteration, were treated as in recovery mode.
Also, when handling persistent congestion, initializing recovery_start
with ngx_current_msec resulted in treating all sent packets as in recovery
mode, which violates RFC 9002, see example in Appendix B.8.
While here, also fixed recovery_start wrap protection. Previously it used
2 * max_idle_timeout time frame for all sent frames, which is not a
reliable protection since max_idle_timeout is unrelated to congestion
control. Now recovery_start <= now condition is enforced. Note that
recovery_start wrap is highly unlikely and can only occur on a
32-bit system if there are no congestion events for 24 days.
Diffstat (limited to '')
| -rw-r--r-- | src/event/quic/ngx_event_quic_migration.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/event/quic/ngx_event_quic_migration.c b/src/event/quic/ngx_event_quic_migration.c index ac22b1327..3caae88e5 100644 --- a/src/event/quic/ngx_event_quic_migration.c +++ b/src/event/quic/ngx_event_quic_migration.c @@ -186,7 +186,7 @@ valid: ngx_max(2 * NGX_QUIC_MIN_INITIAL_SIZE, 14720)); qc->congestion.ssthresh = (size_t) -1; - qc->congestion.recovery_start = ngx_current_msec; + qc->congestion.recovery_start = ngx_current_msec - 1; ngx_quic_init_rtt(qc); } |