diff options
| author | Vladimir Homutov <vl@nginx.com> | 2021-04-29 15:35:02 +0300 |
|---|---|---|
| committer | Vladimir Homutov <vl@nginx.com> | 2021-04-29 15:35:02 +0300 |
| commit | c4f5b50c47a867dfb72f80a5c3dd0e87508e0502 (patch) | |
| tree | cce9973d034d5652b5ffa460df3d3eee5f0e435a /src/event/quic/ngx_event_quic_ssl.c | |
| parent | a8acca865bc63efd0ae99284af37ed6bb246923b (diff) | |
| download | nginx-c4f5b50c47a867dfb72f80a5c3dd0e87508e0502.tar.gz nginx-c4f5b50c47a867dfb72f80a5c3dd0e87508e0502.tar.bz2 | |
QUIC: connection migration.
The patch adds proper transitions between multiple networking addresses that
can be used by a single quic connection. New networking paths are validated
using PATH_CHALLENGE/PATH_RESPONSE frames.
Diffstat (limited to 'src/event/quic/ngx_event_quic_ssl.c')
| -rw-r--r-- | src/event/quic/ngx_event_quic_ssl.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c index e68952e26..a4e96d204 100644 --- a/src/event/quic/ngx_event_quic_ssl.c +++ b/src/event/quic/ngx_event_quic_ssl.c @@ -391,8 +391,10 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) frame->type = NGX_QUIC_FT_HANDSHAKE_DONE; ngx_quic_queue_frame(qc, frame); - if (ngx_quic_send_new_token(c) != NGX_OK) { - return NGX_ERROR; + if (qc->conf->retry) { + if (ngx_quic_send_new_token(c, qc->socket->path) != NGX_OK) { + return NGX_ERROR; + } } /* @@ -410,7 +412,8 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_quic_frame_t *frame, void *data) */ ngx_quic_discard_ctx(c, ssl_encryption_handshake); - if (ngx_quic_issue_server_ids(c) != NGX_OK) { + /* start accepting clients on negotiated number of server ids */ + if (ngx_quic_create_sockets(c) != NGX_OK) { return NGX_ERROR; } @@ -424,6 +427,7 @@ ngx_quic_init_connection(ngx_connection_t *c) u_char *p; size_t clen; ssize_t len; + ngx_str_t dcid; ngx_ssl_conn_t *ssl_conn; ngx_quic_connection_t *qc; @@ -453,8 +457,10 @@ ngx_quic_init_connection(ngx_connection_t *c) SSL_set_quic_use_legacy_codepoint(ssl_conn, qc->version != 1); #endif - if (ngx_quic_new_sr_token(c, &qc->dcid, qc->conf->sr_token_key, - qc->tp.sr_token) + dcid.data = qc->socket->sid.id; + dcid.len = qc->socket->sid.len; + + if (ngx_quic_new_sr_token(c, &dcid, qc->conf->sr_token_key, qc->tp.sr_token) != NGX_OK) { return NGX_ERROR; |