From 33dca887925d9cec7153252dcd5380c394090936 Mon Sep 17 00:00:00 2001
From: Roman Arutyunyan <arut@nginx.com>
Date: Wed, 13 Sep 2023 17:59:37 +0400
Subject: QUIC: "handshake_timeout" configuration parameter.

Previously QUIC did not have such parameter and handshake duration was
controlled by HTTP/3.  However that required creating and storing HTTP/3
session on first client datagram.  Apparently there's no convenient way to
store the session object until QUIC handshake is complete.  In the followup
patches session creation will be postponed to init() callback.
---
 src/event/quic/ngx_event_quic.c           | 6 ++++++
 src/event/quic/ngx_event_quic.h           | 3 ++-
 src/event/quic/ngx_event_quic_streams.c   | 4 ++++
 src/event/quic/ngx_event_quic_transport.c | 2 +-
 src/http/v3/ngx_http_v3_module.c          | 8 ++++++--
 src/http/v3/ngx_http_v3_request.c         | 8 +-------
 6 files changed, 20 insertions(+), 11 deletions(-)

(limited to 'src')

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
index 6852bb070..0032a5505 100644
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -211,6 +211,8 @@ ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf)
     qc = ngx_quic_get_connection(c);
 
     ngx_add_timer(c->read, qc->tp.max_idle_timeout);
+    ngx_add_timer(&qc->close, qc->conf->handshake_timeout);
+
     ngx_quic_connstate_dbg(c);
 
     c->read->handler = ngx_quic_input_handler;
@@ -485,6 +487,10 @@ ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc)
             ngx_quic_free_frames(c, &qc->send_ctx[i].sent);
         }
 
+        if (qc->close.timer_set) {
+            ngx_del_timer(&qc->close);
+        }
+
         if (rc == NGX_DONE) {
 
             /*
diff --git a/src/event/quic/ngx_event_quic.h b/src/event/quic/ngx_event_quic.h
index ca15200b4..15201671d 100644
--- a/src/event/quic/ngx_event_quic.h
+++ b/src/event/quic/ngx_event_quic.h
@@ -67,7 +67,8 @@ typedef struct {
     ngx_flag_t                     retry;
     ngx_flag_t                     gso_enabled;
     ngx_flag_t                     disable_active_migration;
-    ngx_msec_t                     timeout;
+    ngx_msec_t                     handshake_timeout;
+    ngx_msec_t                     idle_timeout;
     ngx_str_t                      host_key;
     size_t                         stream_buffer_size;
     ngx_uint_t                     max_concurrent_streams_bidi;
diff --git a/src/event/quic/ngx_event_quic_streams.c b/src/event/quic/ngx_event_quic_streams.c
index b4b0eda05..df04d0f07 100644
--- a/src/event/quic/ngx_event_quic_streams.c
+++ b/src/event/quic/ngx_event_quic_streams.c
@@ -630,6 +630,10 @@ ngx_quic_do_init_streams(ngx_connection_t *c)
 
     qc->streams.initialized = 1;
 
+    if (!qc->closing && qc->close.timer_set) {
+        ngx_del_timer(&qc->close);
+    }
+
     return NGX_OK;
 }
 
diff --git a/src/event/quic/ngx_event_quic_transport.c b/src/event/quic/ngx_event_quic_transport.c
index fafe85f41..4e0324f4a 100644
--- a/src/event/quic/ngx_event_quic_transport.c
+++ b/src/event/quic/ngx_event_quic_transport.c
@@ -1985,7 +1985,7 @@ ngx_quic_init_transport_params(ngx_quic_tp_t *tp, ngx_quic_conf_t *qcf)
      *     tp->preferred_address = NULL
      */
 
-    tp->max_idle_timeout = qcf->timeout;
+    tp->max_idle_timeout = qcf->idle_timeout;
 
     tp->max_udp_payload_size = NGX_QUIC_MAX_UDP_PAYLOAD_SIZE;
 
diff --git a/src/http/v3/ngx_http_v3_module.c b/src/http/v3/ngx_http_v3_module.c
index 875e5f29b..139bd65f3 100644
--- a/src/http/v3/ngx_http_v3_module.c
+++ b/src/http/v3/ngx_http_v3_module.c
@@ -192,7 +192,7 @@ ngx_http_v3_create_srv_conf(ngx_conf_t *cf)
      *     h3scf->quic.host_key = { 0, NULL }
      *     h3scf->quic.stream_reject_code_uni = 0;
      *     h3scf->quic.disable_active_migration = 0;
-     *     h3scf->quic.timeout = 0;
+     *     h3scf->quic.idle_timeout = 0;
      *     h3scf->max_blocked_streams = 0;
      */
 
@@ -223,7 +223,8 @@ ngx_http_v3_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
     ngx_http_v3_srv_conf_t *prev = parent;
     ngx_http_v3_srv_conf_t *conf = child;
 
-    ngx_http_ssl_srv_conf_t  *sscf;
+    ngx_http_ssl_srv_conf_t   *sscf;
+    ngx_http_core_srv_conf_t  *cscf;
 
     ngx_conf_merge_value(conf->enable, prev->enable, 1);
 
@@ -281,6 +282,9 @@ ngx_http_v3_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
         return NGX_CONF_ERROR;
     }
 
+    cscf = ngx_http_conf_get_module_srv_conf(cf, ngx_http_core_module);
+    conf->quic.handshake_timeout = cscf->client_header_timeout;
+
     sscf = ngx_http_conf_get_module_srv_conf(cf, ngx_http_ssl_module);
     conf->quic.ssl = &sscf->ssl;
 
diff --git a/src/http/v3/ngx_http_v3_request.c b/src/http/v3/ngx_http_v3_request.c
index 6f72dc402..2f5503aba 100644
--- a/src/http/v3/ngx_http_v3_request.c
+++ b/src/http/v3/ngx_http_v3_request.c
@@ -58,18 +58,15 @@ static const struct {
 void
 ngx_http_v3_init_stream(ngx_connection_t *c)
 {
-    ngx_http_v3_session_t     *h3c;
     ngx_http_connection_t     *hc, *phc;
     ngx_http_v3_srv_conf_t    *h3scf;
     ngx_http_core_loc_conf_t  *clcf;
-    ngx_http_core_srv_conf_t  *cscf;
 
     hc = c->data;
 
     hc->ssl = 1;
 
     clcf = ngx_http_get_module_loc_conf(hc->conf_ctx, ngx_http_core_module);
-    cscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_core_module);
     h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module);
 
     if (c->quic == NULL) {
@@ -78,10 +75,7 @@ ngx_http_v3_init_stream(ngx_connection_t *c)
             return;
         }
 
-        h3c = hc->v3_session;
-        ngx_add_timer(&h3c->keepalive, cscf->client_header_timeout);
-
-        h3scf->quic.timeout = clcf->keepalive_timeout;
+        h3scf->quic.idle_timeout = clcf->keepalive_timeout;
         ngx_quic_run(c, &h3scf->quic);
         return;
     }
-- 
cgit